Name | django-impersonator JSON |
Version |
0.0.2
JSON |
| download |
home_page | |
Summary | Impersonate middleware to let you impersonate other users. |
upload_time | 2023-07-27 12:43:14 |
maintainer | |
docs_url | None |
author | |
requires_python | >=3.7 |
license | MIT |
keywords |
django
impersonate
|
VCS |
|
bugtrack_url |
|
requirements |
No requirements were recorded.
|
Travis-CI |
No Travis.
|
coveralls test coverage |
No coveralls.
|
# django-impersonate
This Django app lets admin users impersonate other users, useful when testing and debugging permissions.
**Non superusers are not allowed** to perform this request, even if they have view rights to the `User` model, so that this cannot be used for privilege escalation.
As admin, I can choose the "Impersonate" action:
![image](https://user-images.githubusercontent.com/7786556/228572564-6549367d-3ee4-4b0b-a978-a3467388b654.png)
Impersonations are terminated by closing the bottom left pop-up.
![image](https://user-images.githubusercontent.com/7786556/228573725-9bde3dbd-1df0-4884-a333-95165cac880a.png)
Impersonate is not available for regular users, returning an error for those with view rights to the `User` model.
## Setup
Add middleware to your middleware list and make sure it comes *after* `django.contrib.auth.middleware.AuthenticationMiddleware`:
```python
MIDDLEWARE = [
...
'django.contrib.auth.middleware.AuthenticationMiddleware',
...
'impersonate.middleware.ImpersonateMiddleware',
...
]
```
In one of your `admin.py` files, add the action to `UserAdmin` (or the admin model of your custom User)
```python
from impersonate.admin import impersonate_action
from django.contrib.auth import admin
admin.UserAdmin.actions.append(impersonate_action)
```
Or call it from any of your views (if you're not using django-admin)
```python
from django.contrib.auth import models
from impersonate.admin import impersonate_action
def my_view(request, target_username):
return impersonate_action(None, request, models.User.objects.filter(username=target_username))
```
Raw data
{
"_id": null,
"home_page": "",
"name": "django-impersonator",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "django,impersonate",
"author": "",
"author_email": "InfoSec Engineering <surface@paddypowerbetfair.com>",
"download_url": "https://files.pythonhosted.org/packages/63/97/12601965d9396d603a3f2334f6d8b951d8e2ada4194bb875ca0808d5c092/django-impersonator-0.0.2.tar.gz",
"platform": null,
"description": "# django-impersonate\n\nThis Django app lets admin users impersonate other users, useful when testing and debugging permissions.\n\n**Non superusers are not allowed** to perform this request, even if they have view rights to the `User` model, so that this cannot be used for privilege escalation.\n\nAs admin, I can choose the \"Impersonate\" action:\n\n![image](https://user-images.githubusercontent.com/7786556/228572564-6549367d-3ee4-4b0b-a978-a3467388b654.png)\n\nImpersonations are terminated by closing the bottom left pop-up.\n\n![image](https://user-images.githubusercontent.com/7786556/228573725-9bde3dbd-1df0-4884-a333-95165cac880a.png)\n\n\nImpersonate is not available for regular users, returning an error for those with view rights to the `User` model.\n\n\n## Setup\n\nAdd middleware to your middleware list and make sure it comes *after* `django.contrib.auth.middleware.AuthenticationMiddleware`:\n\n```python\nMIDDLEWARE = [\n ...\n 'django.contrib.auth.middleware.AuthenticationMiddleware',\n ...\n 'impersonate.middleware.ImpersonateMiddleware',\n ...\n]\n```\n\nIn one of your `admin.py` files, add the action to `UserAdmin` (or the admin model of your custom User)\n\n```python\nfrom impersonate.admin import impersonate_action\nfrom django.contrib.auth import admin\n\n\nadmin.UserAdmin.actions.append(impersonate_action)\n```\n\nOr call it from any of your views (if you're not using django-admin)\n\n```python\nfrom django.contrib.auth import models\nfrom impersonate.admin import impersonate_action\n\ndef my_view(request, target_username):\n return impersonate_action(None, request, models.User.objects.filter(username=target_username))\n```\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Impersonate middleware to let you impersonate other users.",
"version": "0.0.2",
"project_urls": null,
"split_keywords": [
"django",
"impersonate"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "ba8e568e027d632b4fa9258c9c1cc15c729217900356c29cf14a4d601526d956",
"md5": "bef3b9f4a92cd2da1e04a5a65a7fcf0b",
"sha256": "a98e6eaed72be83cc44f95ef270e403766fcb6894de22d9037e8b3f03d2542b5"
},
"downloads": -1,
"filename": "django_impersonator-0.0.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "bef3b9f4a92cd2da1e04a5a65a7fcf0b",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 5396,
"upload_time": "2023-07-27T12:43:13",
"upload_time_iso_8601": "2023-07-27T12:43:13.742540Z",
"url": "https://files.pythonhosted.org/packages/ba/8e/568e027d632b4fa9258c9c1cc15c729217900356c29cf14a4d601526d956/django_impersonator-0.0.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "639712601965d9396d603a3f2334f6d8b951d8e2ada4194bb875ca0808d5c092",
"md5": "c6f7a03706fa829f1e6d6857c4cb1059",
"sha256": "b77d69c26219cec9d7b0f644c0de4f5bdcf9afa35d55ce16f9c8daa9079c56b3"
},
"downloads": -1,
"filename": "django-impersonator-0.0.2.tar.gz",
"has_sig": false,
"md5_digest": "c6f7a03706fa829f1e6d6857c4cb1059",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 9355,
"upload_time": "2023-07-27T12:43:14",
"upload_time_iso_8601": "2023-07-27T12:43:14.697586Z",
"url": "https://files.pythonhosted.org/packages/63/97/12601965d9396d603a3f2334f6d8b951d8e2ada4194bb875ca0808d5c092/django-impersonator-0.0.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-07-27 12:43:14",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "django-impersonator"
}