def process_request(self, request): request.user.is_impersonate = False request.impersonator = None if is_authenticated(request.user) and \ '_impersonate' in request.session: new_user_id = request.session['_impersonate'] if isinstance(new_user_id, User): # Edge case for issue 15 new_user_id = new_user_id.pk try: new_user = User.objects.get(pk=new_user_id) except User.DoesNotExist: return if check_allow_for_user(request, new_user) and \ check_allow_for_uri(request.path): request.impersonator = request.user request.user = new_user request.user.is_impersonate = True # Add user attribute for django-rest-framework request._user = new_user request.real_user = request.impersonator or request.user
def process_request(self, request): if request.user.is_authenticated() and \ '_impersonate' in request.session: pk = request.session['_impersonate'] new_user = get_object_or_404(Model, pk=pk) if check_allow_for_user(request, new_user) and \ check_allow_for_uri(request.path): request.user = new_user request.user.is_impersonate = True
def process_request(self, request): if request.user.is_authenticated() and \ '_impersonate' in request.session: model_str = getattr(settings, 'IMPERSONATE_USER_MODEL', 'django.contrib.auth.models.User') module, model = model_str.rsplit('.', 1) module = __import__(module, fromlist=[model]) Model = getattr(module, model) pk = request.session['_impersonate'] new_user = get_object_or_404(Model, pk=pk) if check_allow_for_user(request, new_user) and \ check_allow_for_uri(request.path): request.user = new_user request.user.is_impersonate = True
def impersonate(request, uid): ''' Takes in the UID of the user to impersonate. View will fetch the User instance and store it in the request.session under the '_impersonate' key. The middleware will then pick up on it and adjust the request object as needed. ''' model_str = getattr(settings, 'IMPERSONATE_USER_MODEL', 'django.contrib.auth.models.User') module, model = model_str.rsplit('.', 1) module = __import__(module, fromlist=[model]) Model = getattr(module, model) new_user = get_object_or_404(Model, pk=uid) if check_allow_for_user(request, new_user): request.session['_impersonate'] = new_user.pk request.session.modified = True # Let's make sure... return redirect(get_redir_path(request))