Commit 7cd3895a authored by Patrick's avatar Patrick

When the customer log in, let him the choice to continue as a customer or as a staff member

parent 78197505
This diff is collapsed.
......@@ -13,8 +13,15 @@
<div class="modal-body">
{#<div class="row">#}
<div class="form-group">
{% if staff_responsibilities %}
<p>{% trans "You are now logged in as a customer." %}</p>
<p><b>{% trans "Do you want to become:" %}</b></p>
{% for staff_responsibility in staff_responsibilities %}
<a href="{% url "login_form" %}?as_id={{ staff_responsibility.id }}" class="btn btn-info">{{ staff_responsibility.long_name }}</a><br/>
{% endfor %}
{% else %}
{% if form.non_field_errors %}
<p class="bg-danger">
<p class="text-danger">
{% for error in form.non_field_errors %}
{{ error }}
{% endfor %}
......@@ -22,7 +29,7 @@
{% endif %}
<label for="id_username">{% trans "Username" %}</label>
{% if form.username.errors %}
<p class="bg-danger">
<p class="text-danger">
{% for error in form.username.errors %}
{{ error }}
{% endfor %}
......@@ -32,13 +39,14 @@
<br/>
<label for="id_password">{% trans "Password" %}</label>
{% if form.password.errors %}
<p class="bg-danger">
<p class="text-danger">
{% for error in form.password.errors %}
{{ error }}
{% endfor %}
</p>
{% endif %}
<input type="password" class="form-control" id="id_password" placeholder="{% trans "Password" %}" name="password">
{% endif %}
<input type="hidden" name="this_is_the_login_form" value="1" />
<input type="hidden" name="next" value="{{ next }}" />
</div>
......@@ -54,9 +62,14 @@
</div>
</div>
{% endif %}
<div class="modal-footer">
<div class="form-group">
<button class="btn btn-default" type="submit">{% trans "Login" %}</button><a href="{% url "admin_password_reset" %}" class="btn btn-default">{% trans "Password reset" %}</a>
{% if staff_responsibilities %}
<a href="{{ next }}" class="btn btn-default">{% trans "Continue as a customer." %}</a><a href="{% url "logout_form" %}" class="btn btn-default">{% trans "Logout" %}</a>
{% else %}
<button class="btn btn-default" type="submit">{% trans "Login" %}</button><a href="{% url "admin_password_reset" %}" class="btn btn-default">{% trans "Password reset" %}</a>
{% endif %}
</div>
</div>
</form>
......
......@@ -2,7 +2,7 @@
from __future__ import unicode_literals
from django.conf import settings
from django.contrib.auth import (REDIRECT_FIELD_NAME, login as auth_login)
from django.contrib.auth import (REDIRECT_FIELD_NAME, login as auth_login, logout as auth_logout)
from django.contrib.sites.shortcuts import get_current_site
from django.http import HttpResponseRedirect
from django.shortcuts import resolve_url
......@@ -13,6 +13,7 @@ from django.views.decorators.csrf import csrf_protect
from django.views.decorators.debug import sensitive_post_parameters
from forms import AuthRepanierLoginForm
from repanier.models import Staff
from repanier.const import EMPTY_STRING
......@@ -29,8 +30,28 @@ def login_view(request, template_name='repanier/registration/login.html',
from repanier.apps import REPANIER_SETTINGS_CONFIG
redirect_to = request.POST.get(redirect_field_name,
request.GET.get(redirect_field_name, EMPTY_STRING))
staff_responsibilities = None
how_to_register = EMPTY_STRING
if request.method == "POST":
if request.method == "GET" and request.user.is_authenticated:
as_id = request.GET.get('as_id', None)
if request.user.is_staff:
as_staff = None
else:
as_staff = Staff.objects.filter(
id=as_id,
customer_responsible_id=request.user.customer.id,
is_active=True
).order_by('?').first()
# Ensure the user-originating redirection url is safe.
if as_staff is None or not is_safe_url(url=redirect_to, host=request.get_host()):
redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)
if as_staff is not None:
auth_logout(request)
auth_login(request, as_staff.user)
return HttpResponseRedirect(redirect_to)
elif request.method == "POST":
form = authentication_form(request, data=request.POST)
if form.is_valid():
......@@ -40,10 +61,25 @@ def login_view(request, template_name='repanier/registration/login.html',
# Okay, security check complete. Log the user in.
auth_login(request, form.get_user())
return HttpResponseRedirect(redirect_to)
if request.user.is_staff:
may_become_a_staff_user = False
else:
may_become_a_staff_user = Staff.objects.filter(
customer_responsible_id=request.user.customer.id,
is_active=True
).order_by('?').exists()
if may_become_a_staff_user:
# Ask the user to log in as a customer or as a staff member
staff_responsibilities = Staff.objects.filter(
customer_responsible_id=request.user.customer.id,
is_active=True
).all()
else:
return HttpResponseRedirect(redirect_to)
else:
form = authentication_form(request)
how_to_register = REPANIER_SETTINGS_CONFIG.safe_translation_getter(
'how_to_register', any_language=True, default=EMPTY_STRING)
current_site = get_current_site(request)
......@@ -52,8 +88,8 @@ def login_view(request, template_name='repanier/registration/login.html',
redirect_field_name: redirect_to,
'site' : current_site,
'site_name' : current_site.name,
'how_to_register' : REPANIER_SETTINGS_CONFIG.safe_translation_getter(
'how_to_register', any_language=True, default=EMPTY_STRING)
'how_to_register' : how_to_register,
'staff_responsibilities': staff_responsibilities
}
if extra_context is not None:
context.update(extra_context)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment