After the changes in django-hijack version 3.0, the integration of the admin is part of it.
The changes made in django-hijack are fully focused on security and at the moment there is no objective reasons to keep the admin integration in a separate package.
Django admin integration for Django Hijack (https://github.com/arteria/django-hijack/)
Follow the instructions on http://django-hijack.readthedocs.org/en/stable/#installation to install django-hijack.
Get the latest stable release from PyPi:
pip install django-hijack-admin
In your settings.py
, add hijack_admin
to your installed apps:
INSTALLED_APPS = (
...,
'hijack_admin',
)
For the admin integration to work, you must explicitly set HIJACK_ALLOW_GET_REQUESTS = True
in your project settings.
Please be aware that users can now be hijacked not only using POST requests, but also using GET requests, which could facilitate CSRF attacks.
Path to the template for the "Hijack" buttons. Default: 'hijack_admin/admin_button.html'
Whether the user model should be registered with HijackUserAdmin
automatically. Default: True
Adds the possibility to configure the admin class name.
Custom user admins are supported. Just set HIJACK_REGISTER_ADMIN = False
and
modify your custom admin class as shown in this example:
# admin.py
from hijack_admin.admin import HijackUserAdminMixin
class MyUserAdmin(UserAdmin, HijackUserAdminMixin):
list_display = (
...
'hijack_field', # Hijack button
)
You can also add the hijack field to a model that is related to the User
model with the HijackRelatedAdminMixin
.
#admin.py
from django.contrib import Admin
from hijack_admin.admin import HijackRelatedAdminMixin
class MyCustomerAdmin(HijackRelatedAdminMixin, admin.ModelAdmin)
list_display = ('user', 'hijack_field')
Anyone and everyone is welcome to contribute. Please take a moment to review the guidelines for contributing.
django-hijack-admin is free software. If you find it useful and would like to give back, please consider to make a donation using Bitcoin or PayPal. Thank you! |
---|