Allow admins to impersonate any member

Adding a warning bar when impersonation is active.

Fix #140

coin/members/templates/admin/members/member/change_form.html

@@ -1,6 +1,9 @@
 {% extends "admin/change_form.html" %}
 {% load url from future %}
 {% block object-tools-items %}
-    <li><a href="{% url 'admin:send_welcome_email' id=object_id %}" onclick="return confirm('Voulez-vous vraiment envoyer le courriel de confirmation a ce membre ?');">Envoyer le courriel de bienvenue</a></li>
+    <li><a href="{% url 'admin:send_welcome_email' id=object_id %}" onclick="return confirm('Voulez-vous vraiment envoyer le courriel de confirmation à ce membre ?');">Envoyer le courriel de bienvenue</a></li>
+    {% if request.user.is_superuser %}
+    <li><a href="{% url 'hijack:login_with_id' user_id=object_id %}">Endosser temporairement cette identité</a></li>
+    {% endif %}
     {{ block.super }}
 {% endblock %}

coin/settings_base.py

@@ -156,6 +156,9 @@ INSTALLED_APPS = (
     # 'south',
     'autocomplete_light', #Automagic autocomplete foreingkey form component
     'activelink', #Detect if a link match actual page
+    'compat',
+    'hijack',
+
     'coin',
     'coin.members',
     'coin.offers',
@@ -230,6 +233,15 @@ AUTHENTICATION_BACKENDS = (
 
 TEST_RUNNER = 'django.test.runner.DiscoverRunner'
 
+# Where admins are redirected to after hijacking a user
+HIJACK_LOGIN_REDIRECT_URL = '/'
+
+# Where admins are redirected to after releasing a user
+HIJACK_LOGOUT_REDIRECT_URL = '/admin/members/member/'
+
+# Needed for link in admin
+HIJACK_ALLOW_GET_REQUESTS = True
+
 GRAPHITE_SERVER = "http://localhost"
 
 # Configuration for outgoing emails

coin/templates/admin/base_site.html

@@ -1,8 +1,10 @@
 {% extends "admin/base.html" %}
 {% load i18n %}
 {% load staticfiles %}
+{% load hijack_tags %}
 
 {% block extrahead %}
+    <link rel="stylesheet" type="text/css" href="{% static 'hijack/hijack-styles.css' %}" />
     <script src="{% static "js/vendor/jquery.js" %}" type="text/javascript"></script>
     {% include 'autocomplete_light/static.html' %}
 {% endblock %}
@@ -10,6 +12,7 @@
 {% block title %}COIN ☺ Admin{% endblock %}
 
 {% block branding %}
+{% hijack_notification %}
 <h1 id="site-name">Administration de COIN</h1>
 {% endblock %}
 

coin/templates/base.html

@@ -1,5 +1,6 @@
 <!doctype html>
 {% load staticfiles %}
+{% load hijack_tags %}
 <html class="no-js" lang="en">
 <head>
     <meta charset="utf-8" />
@@ -9,12 +10,14 @@
     <link rel="stylesheet" href="{% static "css/font-awesome.min.css"%}" />
     <link rel="stylesheet" href="{% static "css/local.css" %}" />
     <link rel="stylesheet" href="{% static "css/offcanvas.css" %}">
+    <link rel="stylesheet" type="text/css" href="{% static 'hijack/hijack-styles.css' %}" />
     {% block extra_css %}{% endblock %}
     <script src="{% static "js/vendor/modernizr.js" %}"></script>
     <link rel="icon" type="image/png" href="{% static "img/coinitem.png" %}"/>
     <link rel="icon" type="image/x-icon" href="{% static "img/favicon.ico" %}" />
 </head>
 <body>
+{% hijack_notification %}
 <div class="off-canvas-wrap" data-offcanvas>
     <div class="inner-wrap">
 

coin/urls.py

@@ -39,6 +39,7 @@ urlpatterns = patterns(
     url(r'^subscription/', include('coin.offers.urls', namespace='subscription')),
 
     url(r'^admin/', include(admin.site.urls)),
+    url(r'^hijack/', include('hijack.urls', namespace='hijack')),
 
     # url(r'^admin/doc/', include('django.contrib.admindocs.urls')),
 

requirements.txt

@@ -8,6 +8,7 @@ django-activelink==0.4
 html2text
 django-polymorphic==0.7.2
 django-sendfile==0.3.10
+django-hijack>=2.1.10,<2.2
 django-localflavor==1.1
 django-netfields>=0.4,<0.5
 django-ldapdb>=0.4.0,<5.0