{{ session.user.realname }}
</a>
</li>
- <li>
- <a href="/user/impersonate?action=stop">
- <i class="icon-off"></i>
- {{ _("End impersonation") }}
- </a>
- </li>
- {% else %}
- <li>
- <a href="/logout">
- <i class="icon-off"></i>
- {{ _("Logout") }}
- </a>
- </li>
{% end %}
+ <li>
+ <a href="/logout">
+ <i class="icon-off"></i>
+ {{ _("Logout") }}
+ </a>
+ </li>
</ul>
</li>
{% else %}
{% if not current_user == user and current_user.is_admin() %}
<li class="divider"></li>
<li>
- <a href="/user/impersonate?user={{ user.name }}">{{ _("Impersonate user") }}</a>
+ <a href="/user/{{ user.name }}/impersonate">{{ _("Impersonate User") }}</a>
</li>
{% end %}
</ul>
# User profiles
(r"/users", UsersHandler),
- (r"/user/impersonate", UserImpersonateHandler),
+ (r"/user/(\w+)/impersonate", UserImpersonateHandler),
(r"/user/(\w+)/passwd", UserPasswdHandler),
(r"/user/(\w+)/delete", UserDeleteHandler),
(r"/user/(\w+)/edit", UserEditHandler),
else:
# Automatically login the user.
- session = sessions.Session.create(self.pakfire, user)
+ self.session = self.backend.sessions.create(user,
+ self.current_address, user_agent=self.user_agent)
- # Set a cookie and update the current user.
- self.set_cookie("session_id", session.id, expires=session.valid_until)
- self._current_user = user
+ # Set a session cookie
+ self.set_cookie("session_id", self.session.session_id,
+ expires=self.session.valid_until)
self.render("register-activation-success.html", user=user)
return
def get(self):
# Destroy the user's session.
with self.db.transaction():
- self.session.destroy()
+ # If impersonating, we will just stop the impersonation
+ if self.session.impersonated_user:
+ self.session.stop_impersonation()
- # Remove the cookie, that identifies the user.
- self.clear_cookie("session_id")
+ # Otherwise we destroy the session
+ else:
+ self.session.destroy()
+
+ # Remove the session cookie
+ self.clear_cookie("session_id")
# Redirect the user to the front page.
self.redirect("/")
# Search for a valid database session
if session_id:
- session = self.backend.sessions.get(session_id)
-
- # Found a valid session
- if session:
- return session
+ return self.backend.sessions.get(session_id)
def get_current_user(self):
if self.session:
class UserImpersonateHandler(BaseHandler):
@tornado.web.authenticated
- def get(self):
- action = self.get_argument("action", "start")
-
- if action == "stop":
- if self.current_user.session:
- self.current_user.session.stop_impersonation()
- self.redirect("/")
- return
-
+ def get(self, username):
# You must be an admin to do this.
if not self.current_user.is_admin():
- raise tornado.web.HTTPError(403, "You are not allowed to do this.")
+ raise tornado.web.HTTPError(403, "You are not allowed to do this")
- username = self.get_argument("user", "")
- user = self.pakfire.users.get_by_name(username)
+ user = self.backend.users.get_by_name(username)
if not user:
raise tornado.web.HTTPError(404, "User not found: %s" % username)
self.render("user-impersonation.html", user=user)
@tornado.web.authenticated
- def post(self):
+ def post(self, username):
# You must be an admin to do this.
if not self.current_user.is_admin():
- raise tornado.web.HTTPError(403, "You are not allowed to do this.")
+ raise tornado.web.HTTPError(403, "You are not allowed to do this")
- username = self.get_argument("user")
- user = self.pakfire.users.get_by_name(username)
+ user = self.backend.users.get_by_name(username)
if not user:
- raise tornado.web.HTTPError(404, "User does not exist: %s" % username)
+ raise tornado.web.HTTPError(404, "User not found: %s" % username)
- if self.current_user.session:
- self.current_user.session.start_impersonation(user)
+ # Start impersonation
+ with self.db.transaction():
+ self.session.start_impersonation(user)
# Redirect to start page.
self.redirect("/")
projects / pbs.git / commitdiff
