Thanks Diez for your quick answer.
I really need to impersonate a user and not simply have an extended
view when I'am admin.
Here is how I did with my TG 2.1b1
I Have a controller expecting a user_id (a number )
Tha save in the session this user_id
Here is my controller
@expose()
def impersonate(self, user_id, *args, **kwarg):
impersonate=tg.session.get('impersonate')
if impersonate or 'manage' in
tg.request.identity.get('user').permissions:
user=model.DBSession().query(model.User).filter_by(user_id=user_id).first()
tg.session['impersonate']=user_id
tg.session.save()
tg.flash(_('Impersonate %s')%(user.user_name,), 'info')
else:
tg.flash(_('You are not manager'), 'error')
tg.redirect('/account', dict())
Here is my controller to go back to manager
@expose()
def reset(self, *args, **kwarg):
impersonate=tg.session.get('impersonate')
if impersonate:
del tg.session['impersonate']
tg.session.save()
tg.flash(_('Welcome back manager'), 'info')
tg.redirect('/manager', dict(tab='accounts'))
tg.redirect('/')
And Here is my BaseController in base.py
class BaseController(TGController):
def __call__(self, environ, start_response):
impersonate=session.get('impersonate')
if impersonate:
user=model.DBSession().query(model.User).filter_by(user_id=impersonate).first()
groups=map(lambda x:x.group_name, user.groups)
identity={ 'userdata': '', 'repoze.who.userid':
user.user_name, 'timestamp': time.time(), 'tokens': [''],
'user':user, 'groups':groups, 'permissions':
user.permissions }
request.identity = identity
else:
request.identity =
request.environ.get('repoze.who.identity')
tmpl_context.identity = request.identity
# To know when I impersonate someone else and display a 'back
to manager link' in the interface
tmpl_context.impersonate=impersonate
I had to make a small change in TurboGears2-2.1b1-py2.6.egg/tg/
controllers/decoratedcontroller.py
Comment this line
tmpl_context.identity = req.environ.get('repoze.who.identity')
Regards
On 21 juin, 16:26, "Diez B. Roggisch" <[email protected]> wrote:
> On Monday, June 21, 2010 15:57:47 aspineux wrote:
> > Hello
> > I have a manager user and I want to be able to switch to another
> > 'normal' user identity and back to the manager.
> > The goal is to see the application as any user without having to login
> > as them.
>
> > I thing the easiest way is to modify the authtkt cookie.
> > Any comment, idea ?
>
> I'd say the best way is to have an additional preview-parameter, and to create
> a predicate that is driven by that parameter. So in your templates, where you
> decide to show certain things for the admin only, the predicate will prevent
> them from appearing nonetheless.
>
> Diez
--
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en.
