plain.impersonate

See what your users see.

A key feature for providing customer support is to be able to view the site through their account. With impersonate installed, you can impersonate a user by finding them in the Django admin and clicking the "Impersonate" button.

Then with the admin toolbar enabled, you'll get a notice of the impersonation and a button to exit:

Installation

To impersonate users, you need the app, middleware, and URLs:

# settings.py
INSTALLED_PACKAGES = INSTALLED_PACKAGES + [
  "plain.admin.impersonate",
]

MIDDLEWARE = MIDDLEWARE + [
  "plain.admin.impersonate.ImpersonateMiddleware",
]

# urls.py
urlpatterns = [
    # ...
    path("impersonate/", include("plain.admin.impersonate.urls")),
]

Settings

By default, all admin users can impersonate other users.

# settings.py
IMPERSONATE_ALLOWED = lambda user: user.is_admin

Source

plain-admin

plain

admin

impersonate

views.py

 1from plain.http import ResponseForbidden, ResponseRedirect
 2from plain.views import View
 3
 4from .permissions import can_be_impersonator
 5
 6IMPERSONATE_KEY = "impersonate"
 7
 8
 9class ImpersonateStartView(View):
10    def get(self):
11        # We *could* already be impersonating, so need to consider that
12        impersonator = getattr(self.request, "impersonator", self.request.user)
13        if impersonator and can_be_impersonator(impersonator):
14            self.request.session[IMPERSONATE_KEY] = self.url_kwargs["pk"]
15            return ResponseRedirect(self.request.GET.get("next", "/"))
16
17        return ResponseForbidden()
18
19
20class ImpersonateStopView(View):
21    def get(self):
22        self.request.session.pop(IMPERSONATE_KEY)
23        return ResponseRedirect(self.request.GET.get("next", "/"))