Allow staff to update other users' access

2025-12-14 14:52:15 +00:00 · 2011-02-09 17:07:31 +00:00
parent 05a6a2754d
commit dd8422d83a
2 changed files with 5 additions and 2 deletions
--- a/sso/views.py
+++ b/sso/views.py
@@ -232,10 +232,12 @@ def set_apipasswd(request):


@login_required
-def refresh_access(request):
+def refresh_access(request, userid=0):
    """ Refreshes the user's access """

-    if request.user:
+    if userid and request.user.is_staff:
+        update_user_access(userid)
+    elif request.user:
        update_user_access(request.user.id)
        messages.add_message(request, messages.INFO, "User access updated.")
    return redirect('sso.views.profile')