me/breccia-mapper
1
0
Fork 0
mirror of https://github.com/Southampton-RSG/breccia-mapper.git synced 2026-03-03 03:17:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

[FEAT] Allow admins to manage relationships for all Persons

Browse Source 
All Persons now have associated Users, meaning Users can be hijacked by admins to manage the relationships for the associated Person.
This commit is contained in:
Matthew Grove
2023-03-12 15:39:03 +00:00
parent 284132f4cc
commit f8593776c0
4 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
people/templates/people/person/create.html
View File

@@ -10,7 +10,11 @@
</ol> </ol>
</nav> </nav>
<h1>New Person</h1> {% if request.user.has_person %}
<h1>New Person</h1>
{% else %}
<h1>Create Your Profile</h1>
{% endif %}
<hr> <hr>

4
people/templates/people/person/detail_full.html
View File

@@ -73,8 +73,8 @@
{% if request.user.is_superuser and person.user and person.user != request.user %} {% if request.user.is_superuser and person.user and person.user != request.user %}
<form action="{% url 'hijack:acquire' %}" method="POST"> <form action="{% url 'hijack:acquire' %}" method="POST">
{% csrf_token %} {% csrf_token %}
<input type="hidden" name="user_pk" value="{{ person.pk }}"> <input type="hidden" name="user_pk" value="{{ person.user.pk }}">
<button class="btn btn-warning" type="submit">Become {{ person.name }}</button> <button class="btn btn-warning" type="submit">Become {{ person.name }}</button>
<input type="hidden" name="next" value="{{ request.path }}"> <input type="hidden" name="next" value="{{ request.path }}">
</form> </form>
{% endif %} {% endif %}

19
people/views/person.py
View File

@@ -14,6 +14,12 @@ from django.views.generic import CreateView, DetailView, ListView, UpdateView
from people import forms, models, permissions from people import forms, models, permissions
from .map import get_map_data from .map import get_map_data
from random import randint
from django.contrib.auth import get_user_model
User = get_user_model() # pylint: disable=invalid-name
class PersonCreateView(LoginRequiredMixin, CreateView): class PersonCreateView(LoginRequiredMixin, CreateView):
"""View to create a new instance of :class:`Person`. """View to create a new instance of :class:`Person`.
@@ -27,9 +33,18 @@ class PersonCreateView(LoginRequiredMixin, CreateView):
def form_valid(self, form): def form_valid(self, form):
try: try:
self.request.user.person self.request.user.person
# user already has associated person
# assign newly created user, required for user hijacking
# so admins can manage relationships of all people
random_int = randint(0,999999999)
while User.objects.filter(username='autogen_'+str(random_int)):
random_int += 1
form.instance.user = User.objects.create_user('autogen_' + str(random_int))
form.instance.user.consent_given = self.request.user.consent_given
form.instance.user.save()
except ObjectDoesNotExist: except ObjectDoesNotExist:
if 'user' in self.request.GET: form.instance.user = self.request.user
form.instance.user = self.request.user
return super().form_valid(form) return super().form_valid(form)

2
people/views/relationship.py
View File

@@ -61,7 +61,7 @@ class RelationshipCreateView(LoginRequiredMixin, RedirectView):
except ObjectDoesNotExist: except ObjectDoesNotExist:
# User has no linked Person yet # User has no linked Person yet
return reverse('people:person.create') + '?user' return reverse('people:person.create')
return reverse('people:relationship.update', return reverse('people:relationship.update',
kwargs={'pk': relationship.pk}) kwargs={'pk': relationship.pk})