from django import template

from django.conf import settings

from django.contrib import admin

from django.contrib.auth.forms import UserCreationForm, UserChangeForm, AdminPasswordChangeForm

from django.contrib.auth.models import User, Group

from django.core.exceptions import PermissionDenied

from django.http import HttpResponseRedirect, Http404

from django.shortcuts import render_to_response, get_object_or_404

from django.template import RequestContext

from django.utils.html import escape

from django.utils.translation import ugettext, ugettext_lazy as _

class GroupAdmin(admin.ModelAdmin):

    search_fields = ('name',)

    ordering = ('name',)

    filter_horizontal = ('permissions',)

class UserAdmin(admin.ModelAdmin):

    fieldsets = (

        (None, {'fields': ('username', 'password')}),

        (_('Personal info'), {'fields': ('first_name', 'last_name', 'email')}),

        (_('Important dates'), {'fields': ('last_login', 'date_joined')}),

        (_('Groups'), {'fields': ('groups',)}),

    )

    form = UserChangeForm

    add_form = UserCreationForm

    change_password_form = AdminPasswordChangeForm

    list_display = ('username', 'email', 'first_name', 'last_name', 'is_staff')

    list_filter = ('is_staff', 'is_superuser', 'is_active')

    search_fields = ('username', 'first_name', 'last_name', 'email')

    ordering = ('username',)

    filter_horizontal = ('user_permissions',)

    def __call__(self, request, url):

        # this should not be here, but must be due to the way __call__ routes

        # in ModelAdmin.

        if url is None:

            return self.changelist_view(request)

        if url.endswith('password'):

            return self.user_change_password(request, url.split('/')[0])

        return super(UserAdmin, self).__call__(request, url)

    def get_urls(self):

        from django.conf.urls.defaults import patterns

        return patterns('',

            (r'^(\d+)/password/$', self.admin_site.admin_view(self.user_change_password))

        ) + super(UserAdmin, self).get_urls()

        # It's an error for a user to have add permission but NOT change

        # permission for users. If we allowed such users to add users, they

        # could create superusers, which would mean they would essentially have

        # the permission to change users. To avoid the problem entirely, we

        # disallow users from adding users if they don't have change

        # permission.

        if not self.has_change_permission(request):

            if self.has_add_permission(request) and settings.DEBUG:

                # Raise Http404 in debug mode so that the user gets a helpful

                # error message.

                raise Http404('Your user does not have the "Change user" permission. In order to add users, Django requires that your user account have both the "Add user" and "Change user" permissions set.')

            raise PermissionDenied

            'auto_populated_fields': (),

            'username_help_text': self.model._meta.get_field('username').help_text,

    def user_change_password(self, request, id):

        if not self.has_change_permission(request):

            raise PermissionDenied

        user = get_object_or_404(self.model, pk=id)

        if request.method == 'POST':

            form = self.change_password_form(user, request.POST)

            if form.is_valid():

                new_user = form.save()

                msg = ugettext('Password changed successfully.')

                return HttpResponseRedirect('..')

        else:

            form = self.change_password_form(user)

            'title': _('Change password: %s') % escape(user.username),

            'form': form,

            'is_popup': '_popup' in request.REQUEST,

            'add': True,

            'change': False,

            'has_delete_permission': False,

            'has_change_permission': True,

            'has_absolute_url': False,

            'opts': self.model._meta,

            'original': user,

            'save_as': False,

            'show_save': True,

            'root_path': self.admin_site.root_path,

        }, context_instance=RequestContext(request))

admin.site.register(Group, GroupAdmin)

admin.site.register(User, UserAdmin)