Plain is headed towards 1.0! Subscribe for development updates →

Plain
Docs
plain-admin
plain
admin
impersonate
views.py 
 1from plain.auth.views import AuthViewMixin
 2from plain.http import Response, ResponseForbidden, ResponseRedirect
 3from plain.sessions.views import SessionViewMixin
 4from plain.views import View
 5
 6from .constants import IMPERSONATE_SESSION_KEY
 7from .permissions import can_be_impersonator
 8from .requests import get_request_impersonator
 9
10
11class ImpersonateStartView(AuthViewMixin, View):
12    def get(self) -> Response:
13        # We *could* already be impersonating, so need to consider that
14        impersonator = get_request_impersonator(self.request) or self.user
15        if impersonator and can_be_impersonator(impersonator):
16            self.session[IMPERSONATE_SESSION_KEY] = self.url_kwargs["id"]
17            return ResponseRedirect(self.request.query_params.get("next", "/"))
18
19        return ResponseForbidden()
20
21
22class ImpersonateStopView(SessionViewMixin, View):
23    def get(self) -> Response:
24        self.session.pop(IMPERSONATE_SESSION_KEY)
25        return ResponseRedirect(self.request.query_params.get("next", "/"))