aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/edit/views.py
diff options
context:
space:
mode:
authorCaleb Forbes Davis V <caldavis@gmail.com>2011-07-03 02:43:57 -0500
committerCaleb Forbes Davis V <caldavis@gmail.com>2011-07-03 02:56:00 -0500
commita0cf14fe7cbfe013a9973ad72a7bbd662656c9c9 (patch)
treed9efa7be7c6fe3f6b88e83d1443271509f104a71 /mediagoblin/edit/views.py
parente192d7b7a55efdfd2f50f5d068a0dfa484e152fa (diff)
downloadmediagoblin-a0cf14fe7cbfe013a9973ad72a7bbd662656c9c9.tar.lz
mediagoblin-a0cf14fe7cbfe013a9973ad72a7bbd662656c9c9.tar.xz
mediagoblin-a0cf14fe7cbfe013a9973ad72a7bbd662656c9c9.zip
uses new 'username' variable in querystring to specify the user to edit
Previously, this view only allowed editing of the logged-in user. Now you can specify the user to edit in the querystring. If you are an admin the view allows you to edit any user's profile, with a warning message. The warning only shows up if the admin is editing another user's profile. Make sure to pass the username to this view at every step in the process
Diffstat (limited to 'mediagoblin/edit/views.py')
-rw-r--r--mediagoblin/edit/views.py17
1 files changed, 15 insertions, 2 deletions
diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py
index 5a7aa4bd..64fa0eab 100644
--- a/mediagoblin/edit/views.py
+++ b/mediagoblin/edit/views.py
@@ -74,7 +74,18 @@ def edit_media(request, media):
@require_active_login
def edit_profile(request):
- user = request.user
+ # admins may edit any user profile given a username in the querystring
+ edit_username = request.GET.get('username')
+ if request.user['is_admin'] and request.user['username'] != edit_username:
+ user = request.db.User.find_one({'username': edit_username})
+ # No need to warn again if admin just submitted an edited profile
+ if request.method != 'POST':
+ messages.add_message(
+ request, messages.WARNING,
+ 'You are editing a user\'s profile. Proceed with caution.')
+ else:
+ user = request.user
+
form = forms.EditProfileForm(request.POST,
url = user.get('url'),
bio = user.get('bio'))
@@ -87,7 +98,9 @@ def edit_profile(request):
messages.add_message(request,
messages.SUCCESS,
'Profile edited!')
- return redirect(request, "mediagoblin.edit.profile")
+ return redirect(request,
+ "mediagoblin.edit.profile",
+ username=edit_username)
return render_to_response(
request,