1
1
from django import template
2
from django.db import transaction
2
3
from django.conf import settings
3
4
from django.contrib import admin
4
5
from django.contrib.auth.forms import UserCreationForm, UserChangeForm, AdminPasswordChangeForm
5
6
from django.contrib.auth.models import User, Group
7
from django.contrib import messages
6
8
from django.core.exceptions import PermissionDenied
7
9
from django.http import HttpResponseRedirect, Http404
8
10
from django.shortcuts import render_to_response, get_object_or_404
9
11
from django.template import RequestContext
10
12
from django.utils.html import escape
13
from django.utils.decorators import method_decorator
11
14
from django.utils.translation import ugettext, ugettext_lazy as _
15
from django.views.decorators.csrf import csrf_protect
17
csrf_protect_m = method_decorator(csrf_protect)
13
19
class GroupAdmin(admin.ModelAdmin):
14
20
search_fields = ('name',)
16
22
filter_horizontal = ('permissions',)
18
24
class UserAdmin(admin.ModelAdmin):
25
add_form_template = 'admin/auth/user/add_form.html'
26
change_user_password_template = None
20
28
(None, {'fields': ('username', 'password')}),
21
29
(_('Personal info'), {'fields': ('first_name', 'last_name', 'email')}),
22
(_('Permissions'), {'fields': ('is_staff', 'is_active', 'is_superuser', 'user_permissions')}),
30
(_('Permissions'), {'fields': ('is_active', 'is_staff', 'is_superuser', 'user_permissions')}),
23
31
(_('Important dates'), {'fields': ('last_login', 'date_joined')}),
24
32
(_('Groups'), {'fields': ('groups',)}),
37
'fields': ('username', 'password1', 'password2')}
26
40
form = UserChangeForm
27
41
add_form = UserCreationForm
28
42
change_password_form = AdminPasswordChangeForm
40
54
if url.endswith('password'):
41
55
return self.user_change_password(request, url.split('/')[0])
42
56
return super(UserAdmin, self).__call__(request, url)
58
def get_fieldsets(self, request, obj=None):
60
return self.add_fieldsets
61
return super(UserAdmin, self).get_fieldsets(request, obj)
63
def get_form(self, request, obj=None, **kwargs):
65
Use special form during user creation
70
'form': self.add_form,
71
'fields': admin.util.flatten_fieldsets(self.add_fieldsets),
73
defaults.update(kwargs)
74
return super(UserAdmin, self).get_form(request, obj, **defaults)
44
76
def get_urls(self):
45
77
from django.conf.urls.defaults import patterns
46
78
return patterns('',
47
79
(r'^(\d+)/password/$', self.admin_site.admin_view(self.user_change_password))
48
80
) + super(UserAdmin, self).get_urls()
50
def add_view(self, request):
83
@transaction.commit_on_success
84
def add_view(self, request, form_url='', extra_context=None):
51
85
# It's an error for a user to have add permission but NOT change
52
86
# permission for users. If we allowed such users to add users, they
53
87
# could create superusers, which would mean they would essentially have
61
95
raise Http404('Your user does not have the "Change user" permission. In order to add users, Django requires that your user account have both the "Add user" and "Change user" permissions set.')
62
96
raise PermissionDenied
63
if request.method == 'POST':
64
form = self.add_form(request.POST)
66
new_user = form.save()
67
msg = _('The %(name)s "%(obj)s" was added successfully.') % {'name': 'user', 'obj': new_user}
68
self.log_addition(request, new_user)
69
if "_addanother" in request.POST:
70
request.user.message_set.create(message=msg)
71
return HttpResponseRedirect(request.path)
72
elif '_popup' in request.REQUEST:
73
return self.response_add(request, new_user)
75
request.user.message_set.create(message=msg + ' ' + ugettext("You may edit it again below."))
76
return HttpResponseRedirect('../%s/' % new_user.id)
78
form = self.add_form()
79
return render_to_response('admin/auth/user/add_form.html', {
80
'title': _('Add user'),
82
'is_popup': '_popup' in request.REQUEST,
85
'has_add_permission': True,
86
'has_delete_permission': False,
87
'has_change_permission': True,
88
'has_file_field': False,
89
'has_absolute_url': False,
97
if extra_context is None:
90
100
'auto_populated_fields': (),
91
'opts': self.model._meta,
93
101
'username_help_text': self.model._meta.get_field('username').help_text,
94
'root_path': self.admin_site.root_path,
95
'app_label': self.model._meta.app_label,
96
}, context_instance=template.RequestContext(request))
103
extra_context.update(defaults)
104
return super(UserAdmin, self).add_view(request, form_url, extra_context)
98
106
def user_change_password(self, request, id):
99
107
if not self.has_change_permission(request):
104
112
if form.is_valid():
105
113
new_user = form.save()
106
114
msg = ugettext('Password changed successfully.')
107
request.user.message_set.create(message=msg)
115
messages.success(request, msg)
108
116
return HttpResponseRedirect('..')
110
118
form = self.change_password_form(user)
111
return render_to_response('admin/auth/user/change_password.html', {
120
fieldsets = [(None, {'fields': form.base_fields.keys()})]
121
adminForm = admin.helpers.AdminForm(form, fieldsets, {})
123
return render_to_response(self.change_user_password_template or 'admin/auth/user/change_password.html', {
112
124
'title': _('Change password: %s') % escape(user.username),
125
'adminForm': adminForm,
114
127
'is_popup': '_popup' in request.REQUEST,