diff --git a/apps/member/urls.py b/apps/member/urls.py index 7a62cd1..90c8d91 100644 --- a/apps/member/urls.py +++ b/apps/member/urls.py @@ -2,7 +2,7 @@ from django.urls import path from django.views.generic import RedirectView from .views import CreateUserView, MyAccountView, UserDetailView,\ - ProfileListView, OrphanedProfileListView, OrganizersListView + ProfileListView, OrphanedProfileListView, OrganizersListView, ResetAdminView app_name = "member" @@ -17,4 +17,5 @@ urlpatterns = [ path("profiles/", ProfileListView.as_view(), name="all_profiles"), path("orphaned-profiles/", OrphanedProfileListView.as_view(), name="orphaned_profiles"), path("organizers/", OrganizersListView.as_view(), name="organizers"), + path("reset-admin/", ResetAdminView.as_view(), name="reset_admin"), ] diff --git a/apps/member/views.py b/apps/member/views.py index 3cc1968..02767ed 100644 --- a/apps/member/views.py +++ b/apps/member/views.py @@ -1,7 +1,9 @@ from django.contrib.auth.mixins import LoginRequiredMixin +from django.contrib.auth.models import AnonymousUser from django.core.exceptions import PermissionDenied from django.db.models import Q from django.http import FileResponse +from django.shortcuts import redirect from django.utils.translation import gettext_lazy as _ from django.views import View from django.views.generic import CreateView, UpdateView, DetailView @@ -31,15 +33,29 @@ class MyAccountView(LoginRequiredMixin, UpdateView): class UserDetailView(LoginRequiredMixin, DetailView): model = TFJMUser form_class = TFJMUserForm - context_object_name = "user" + context_object_name = "tfjmuser" def dispatch(self, request, *args, **kwargs): + if isinstance(request.user, AnonymousUser): + raise PermissionDenied + + self.object = self.get_object() + if not request.user.admin \ - and (self.object.team is not None and request.user not in self.object.team.tournament.organizers)\ + and (self.object.team is not None and request.user not in self.object.team.tournament.organizers.all())\ and self.request.user != self.object: raise PermissionDenied return super().dispatch(request, *args, **kwargs) + def post(self, request, *args, **kwargs): + if "view_as" in request.POST: + session = request.session + session["admin"] = request.user.pk + obj = self.get_object() + session["_fake_user_id"] = obj.pk + return redirect(request.path) + return self.get(request, *args, **kwargs) + def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) @@ -82,3 +98,10 @@ class OrganizersListView(AdminMixin, SingleTableView): table_class = UserTable template_name = "member/profile_list.html" extra_context = dict(title=_("Organizers")) + + +class ResetAdminView(AdminMixin, View): + def dispatch(self, request, *args, **kwargs): + if "_fake_user_id" in request.session: + del request.session["_fake_user_id"] + return redirect(request.GET["path"]) diff --git a/templates/base.html b/templates/base.html index 7742ee1..979b4f4 100644 --- a/templates/base.html +++ b/templates/base.html @@ -141,6 +141,11 @@ {% endif %}