|
1 from django import template |
|
2 from django.db import transaction |
|
3 from django.conf import settings |
|
4 from django.contrib import admin |
|
5 from django.contrib.auth.forms import UserCreationForm, UserChangeForm, AdminPasswordChangeForm |
|
6 from django.contrib.auth.models import User, Group |
|
7 from django.contrib import messages |
|
8 from django.core.exceptions import PermissionDenied |
|
9 from django.http import HttpResponseRedirect, Http404 |
|
10 from django.shortcuts import render_to_response, get_object_or_404 |
|
11 from django.template import RequestContext |
|
12 from django.utils.html import escape |
|
13 from django.utils.decorators import method_decorator |
|
14 from django.utils.translation import ugettext, ugettext_lazy as _ |
|
15 from django.views.decorators.csrf import csrf_protect |
|
16 |
|
17 csrf_protect_m = method_decorator(csrf_protect) |
|
18 |
|
19 class GroupAdmin(admin.ModelAdmin): |
|
20 search_fields = ('name',) |
|
21 ordering = ('name',) |
|
22 filter_horizontal = ('permissions',) |
|
23 |
|
24 class UserAdmin(admin.ModelAdmin): |
|
25 add_form_template = 'admin/auth/user/add_form.html' |
|
26 change_user_password_template = None |
|
27 fieldsets = ( |
|
28 (None, {'fields': ('username', 'password')}), |
|
29 (_('Personal info'), {'fields': ('first_name', 'last_name', 'email')}), |
|
30 (_('Permissions'), {'fields': ('is_active', 'is_staff', 'is_superuser', 'user_permissions')}), |
|
31 (_('Important dates'), {'fields': ('last_login', 'date_joined')}), |
|
32 (_('Groups'), {'fields': ('groups',)}), |
|
33 ) |
|
34 add_fieldsets = ( |
|
35 (None, { |
|
36 'classes': ('wide',), |
|
37 'fields': ('username', 'password1', 'password2')} |
|
38 ), |
|
39 ) |
|
40 form = UserChangeForm |
|
41 add_form = UserCreationForm |
|
42 change_password_form = AdminPasswordChangeForm |
|
43 list_display = ('username', 'email', 'first_name', 'last_name', 'is_staff') |
|
44 list_filter = ('is_staff', 'is_superuser', 'is_active') |
|
45 search_fields = ('username', 'first_name', 'last_name', 'email') |
|
46 ordering = ('username',) |
|
47 filter_horizontal = ('user_permissions',) |
|
48 |
|
49 def __call__(self, request, url): |
|
50 # this should not be here, but must be due to the way __call__ routes |
|
51 # in ModelAdmin. |
|
52 if url is None: |
|
53 return self.changelist_view(request) |
|
54 if url.endswith('password'): |
|
55 return self.user_change_password(request, url.split('/')[0]) |
|
56 return super(UserAdmin, self).__call__(request, url) |
|
57 |
|
58 def get_fieldsets(self, request, obj=None): |
|
59 if not obj: |
|
60 return self.add_fieldsets |
|
61 return super(UserAdmin, self).get_fieldsets(request, obj) |
|
62 |
|
63 def get_form(self, request, obj=None, **kwargs): |
|
64 """ |
|
65 Use special form during user creation |
|
66 """ |
|
67 defaults = {} |
|
68 if obj is None: |
|
69 defaults.update({ |
|
70 'form': self.add_form, |
|
71 'fields': admin.util.flatten_fieldsets(self.add_fieldsets), |
|
72 }) |
|
73 defaults.update(kwargs) |
|
74 return super(UserAdmin, self).get_form(request, obj, **defaults) |
|
75 |
|
76 def get_urls(self): |
|
77 from django.conf.urls.defaults import patterns |
|
78 return patterns('', |
|
79 (r'^(\d+)/password/$', self.admin_site.admin_view(self.user_change_password)) |
|
80 ) + super(UserAdmin, self).get_urls() |
|
81 |
|
82 @csrf_protect_m |
|
83 @transaction.commit_on_success |
|
84 def add_view(self, request, form_url='', extra_context=None): |
|
85 # It's an error for a user to have add permission but NOT change |
|
86 # permission for users. If we allowed such users to add users, they |
|
87 # could create superusers, which would mean they would essentially have |
|
88 # the permission to change users. To avoid the problem entirely, we |
|
89 # disallow users from adding users if they don't have change |
|
90 # permission. |
|
91 if not self.has_change_permission(request): |
|
92 if self.has_add_permission(request) and settings.DEBUG: |
|
93 # Raise Http404 in debug mode so that the user gets a helpful |
|
94 # error message. |
|
95 raise Http404('Your user does not have the "Change user" permission. In order to add users, Django requires that your user account have both the "Add user" and "Change user" permissions set.') |
|
96 raise PermissionDenied |
|
97 if extra_context is None: |
|
98 extra_context = {} |
|
99 defaults = { |
|
100 'auto_populated_fields': (), |
|
101 'username_help_text': self.model._meta.get_field('username').help_text, |
|
102 } |
|
103 extra_context.update(defaults) |
|
104 return super(UserAdmin, self).add_view(request, form_url, extra_context) |
|
105 |
|
106 def user_change_password(self, request, id): |
|
107 if not self.has_change_permission(request): |
|
108 raise PermissionDenied |
|
109 user = get_object_or_404(self.model, pk=id) |
|
110 if request.method == 'POST': |
|
111 form = self.change_password_form(user, request.POST) |
|
112 if form.is_valid(): |
|
113 new_user = form.save() |
|
114 msg = ugettext('Password changed successfully.') |
|
115 messages.success(request, msg) |
|
116 return HttpResponseRedirect('..') |
|
117 else: |
|
118 form = self.change_password_form(user) |
|
119 |
|
120 fieldsets = [(None, {'fields': form.base_fields.keys()})] |
|
121 adminForm = admin.helpers.AdminForm(form, fieldsets, {}) |
|
122 |
|
123 return render_to_response(self.change_user_password_template or 'admin/auth/user/change_password.html', { |
|
124 'title': _('Change password: %s') % escape(user.username), |
|
125 'adminForm': adminForm, |
|
126 'form': form, |
|
127 'is_popup': '_popup' in request.REQUEST, |
|
128 'add': True, |
|
129 'change': False, |
|
130 'has_delete_permission': False, |
|
131 'has_change_permission': True, |
|
132 'has_absolute_url': False, |
|
133 'opts': self.model._meta, |
|
134 'original': user, |
|
135 'save_as': False, |
|
136 'show_save': True, |
|
137 'root_path': self.admin_site.root_path, |
|
138 }, context_instance=RequestContext(request)) |
|
139 |
|
140 |
|
141 admin.site.register(Group, GroupAdmin) |
|
142 admin.site.register(User, UserAdmin) |
|
143 |