def save_model(self, request, staff, form, change): old_customer_responsible_field = form.base_fields["customer_responsible"].initial new_customer_responsible_field = form.cleaned_data["customer_responsible"] change_previous_customer_responsible = ( change and old_customer_responsible_field is not None and old_customer_responsible_field.id != new_customer_responsible_field.id ) super(StaffWithUserDataAdmin, self).save_model(request, staff, form, change) if change_previous_customer_responsible and old_customer_responsible_field.user is not None: RepanierAuthBackend.remove_staff_right( user=old_customer_responsible_field.user )
def save_model(self, request, staff, form, change): old_customer_responsible_field = form.base_fields[ "customer_responsible"].initial new_customer_responsible_field = form.cleaned_data[ "customer_responsible"] change_previous_customer_responsible = ( change and old_customer_responsible_field is not None and old_customer_responsible_field.id != new_customer_responsible_field.id) super(StaffWithUserDataAdmin, self).save_model(request, staff, form, change) if (change_previous_customer_responsible and old_customer_responsible_field.user is not None): RepanierAuthBackend.remove_staff_right( user=old_customer_responsible_field.user)
def login_view(request, template_name='repanier/registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME, authentication_form=AuthenticationForm, extra_context=None): """ Displays the login form and handles the login action. """ redirect_to = request.POST.get( redirect_field_name, request.GET.get(redirect_field_name, EMPTY_STRING)) # Ensure the user-originating redirection url is safe. if not is_safe_url(url=redirect_to, host=request.get_host()): redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL) staff_responsibilities = None user = request.user if request.method == "POST": form = authentication_form(request, data=request.POST) if form.is_valid(): # Okay, security check complete. Log the user in. auth_login(request, form.get_user()) # Now the logged in user is set in request.user user = request.user if user.is_authenticated: if user.is_staff: return HttpResponseRedirect("{}?{}".format( redirect_to, get_cms_setting('CMS_TOOLBAR_URL__EDIT_ON'))) staff_qs = Staff.objects.filter( customer_responsible_id=user.customer_id, is_active=True).order_by('?') may_become_a_staff_user = staff_qs.exists() if not may_become_a_staff_user: return HttpResponseRedirect(redirect_to) # Ask the user to log in as a customer or as a staff member staff_responsibilities = staff_qs.all() else: if user.is_authenticated: as_staff_id = sint(request.GET.get('as_id', 0)) if as_staff_id == 0: if user.is_superuser: return HttpResponseRedirect("{}?{}".format( redirect_to, get_cms_setting('CMS_TOOLBAR_URL__EDIT_ON'))) else: # The user want to be logged in as a customer return HttpResponseRedirect(redirect_to) as_staff = Staff.objects.filter( id=as_staff_id, customer_responsible_id=user.customer_id, is_active=True).order_by('?').first() if as_staff is None: # This should not occurs # But if ... then log the user as a customer return HttpResponseRedirect(redirect_to) RepanierAuthBackend.set_staff_right(request=request, user=user, as_staff=as_staff) return HttpResponseRedirect("{}?{}".format( redirect_to, get_cms_setting('CMS_TOOLBAR_URL__EDIT_ON'))) form = authentication_form(request) if user.is_anonymous: from repanier.apps import REPANIER_SETTINGS_CONFIG how_to_register = REPANIER_SETTINGS_CONFIG.safe_translation_getter( 'how_to_register', any_language=True, default=EMPTY_STRING) else: how_to_register = EMPTY_STRING context = { 'form': form, redirect_field_name: redirect_to, 'how_to_register': how_to_register, 'staff_responsibilities': staff_responsibilities, } if extra_context is not None: context.update(extra_context) return TemplateResponse(request, template_name, context)
def receiver_user_logged_out(sender, request, user, **kwargs): RepanierAuthBackend.remove_staff_right(user=user)
def login_view(request, template_name=EMPTY_STRING, redirect_field_name=REDIRECT_FIELD_NAME, authentication_form=AuthenticationForm, extra_context=None): """ Displays the login form and handles the login action. """ template_name = get_repanier_template_name('registration/login.html') redirect_to = request.POST.get( redirect_field_name, request.GET.get(redirect_field_name, EMPTY_STRING) ) # Ensure the user-originating redirection url is safe. if not is_safe_url(url=redirect_to, allowed_hosts=request.get_host()): redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL) staff_responsibilities = None user = request.user if request.method == "POST": form = authentication_form(request, data=request.POST) if form.is_valid(): # Okay, security check complete. Log the user in. auth_login(request, form.get_user()) # Now the logged in user is set in request.user user = request.user if user.is_authenticated: if user.is_staff: return HttpResponseRedirect( "{}?{}".format(redirect_to, get_cms_setting('CMS_TOOLBAR_URL__EDIT_ON'))) staff_qs = Staff.objects.filter( customer_responsible_id=user.customer_id, is_active=True ).order_by('?') may_become_a_staff_user = staff_qs.exists() if not may_become_a_staff_user: return HttpResponseRedirect(redirect_to) # Ask the user to log in as a customer or as a staff member staff_responsibilities = staff_qs.all() else: if user.is_authenticated: as_staff_id = sint(request.GET.get('as_id', 0)) if as_staff_id == 0: if user.is_superuser: return HttpResponseRedirect( "{}?{}".format(redirect_to, get_cms_setting('CMS_TOOLBAR_URL__EDIT_ON'))) else: # The user want to be logged in as a customer return HttpResponseRedirect(redirect_to) as_staff = Staff.objects.filter( id=as_staff_id, customer_responsible_id=user.customer_id, is_active=True ).order_by('?').first() if as_staff is None: # This should not occurs # But if ... then log the user as a customer return HttpResponseRedirect(redirect_to) RepanierAuthBackend.set_staff_right( request=request, user=user, as_staff=as_staff ) return HttpResponseRedirect("{}?{}".format(redirect_to, get_cms_setting('CMS_TOOLBAR_URL__EDIT_ON'))) form = authentication_form(request) if user.is_anonymous: from repanier.apps import REPANIER_SETTINGS_CONFIG how_to_register = REPANIER_SETTINGS_CONFIG.safe_translation_getter( 'how_to_register', any_language=True, default=EMPTY_STRING) else: how_to_register = EMPTY_STRING context = { 'form': form, redirect_field_name: redirect_to, 'how_to_register': how_to_register, 'staff_responsibilities': staff_responsibilities, } if extra_context is not None: context.update(extra_context) return TemplateResponse(request, template_name, context)
def receiver_user_logged_out(sender, request, user, **kwargs): RepanierAuthBackend.remove_staff_right( user=user )