users

parent 4cb1f87e
...@@ -130,7 +130,7 @@ ...@@ -130,7 +130,7 @@
<th>E-mail</th> <th>E-mail</th>
<th>Active</th> <th>Active</th>
<th>Staff</th> <th>Staff</th>
<th>Super</th> <th>Super User</th>
<th>Actions</th> <th>Actions</th>
</thead> </thead>
<tbody> <tbody>
...@@ -152,10 +152,14 @@ ...@@ -152,10 +152,14 @@
</td> </td>
<td> <td>
<input type="checkbox" name="is_staff" value="1" <input type="checkbox" name="is_staff" value="1"
{% if user.staff == True %}checked{% endif %}> {% if not request.user.is_superuser %}disabled{% endif %}
{% if user.staff == True %}checked{% endif %}
>
</td> </td>
<td> <td>
<input type="checkbox" name="is_superuser" value="1" <input type="checkbox" name="is_superuser" value="1"
{% if not request.user.is_superuser %}disabled{% endif %}
{% if user.superuser == True %}checked{% endif %}> {% if user.superuser == True %}checked{% endif %}>
</td> </td>
<td> <td>
......
...@@ -101,9 +101,8 @@ def Dashboard(request): ...@@ -101,9 +101,8 @@ def Dashboard(request):
# ---------------------------------------------------------- # ----------------------------------------------------------
def Request_users(request): def Request_users(request):
if not request.user.is_superuserandnot and request.user.is_staff: if not request.user.is_superuser and not request.user.is_staff:
return redirect('../') return redirect('../')
if request.user.is_superuser or request.user.is_staff:
user_list = [] user_list = []
for user in User.objects.filter(is_active=False): for user in User.objects.filter(is_active=False):
user_list.append({ user_list.append({
...@@ -118,13 +117,12 @@ def Request_users(request): ...@@ -118,13 +117,12 @@ def Request_users(request):
}) })
# messages.success(request, 'your registration is being processed') # messages.success(request, 'your registration is being processed')
return render(request, 'users_table.html', {'users': user_list, "Viewname": "Request"}) return render(request, 'users_table.html', {'users': user_list, "Viewname": "Request"})
else:
return redirect('../')
# ------------------------------------------------------------------------ # ------------------------------------------------------------------------
def update_user(request): def update_user(request):
if not request.user.is_superuserandnot and request.user.is_staff:
return redirect('../')
is_active = False is_active = False
is_staff = False is_staff = False
is_superuser = False is_superuser = False
...@@ -148,7 +146,8 @@ def update_user(request): ...@@ -148,7 +146,8 @@ def update_user(request):
#------------------------------------------------------------------------ #------------------------------------------------------------------------
def active_users(request): def active_users(request):
if request.user.is_superuser and request.user.is_staff: if not request.user.is_superuser and not request.user.is_staff:
return redirect('../')
user_list = [] user_list = []
for user in User.objects.filter(is_active=True): for user in User.objects.filter(is_active=True):
user_list.append({ user_list.append({
...@@ -163,8 +162,7 @@ def active_users(request): ...@@ -163,8 +162,7 @@ def active_users(request):
}) })
# messages.success(request, 'your registration is being processed') # messages.success(request, 'your registration is being processed')
return render(request, 'users_table.html', {'users': user_list, "Viewname": "Request"}) return render(request, 'users_table.html', {'users': user_list, "Viewname": "Request"})
else:
return redirect('../')
# ---------------------------------------------------------------------- # ----------------------------------------------------------------------
@csrf_exempt @csrf_exempt
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment