django-smartbase-admin 1.0.29__py3-none-any.whl → 1.0.30__py3-none-any.whl

django_smartbase_admin/admin/site.py

@@ -1,8 +1,17 @@
+from collections.abc import Callable
 from functools import update_wrapper
+from typing import Any
 
 from django.conf import settings
 from django.contrib import admin
-from django.urls import path, reverse_lazy
+from django.contrib.auth import REDIRECT_FIELD_NAME
+from django.contrib.auth.decorators import login_not_required
+from django.http import HttpRequest, HttpResponse, HttpResponseRedirect
+from django.urls import path, reverse_lazy, URLPattern, URLResolver, reverse
+from django.utils.decorators import method_decorator
+from django.utils.translation import gettext_lazy as _
+from django.views.decorators.cache import never_cache
+from django.views.decorators.csrf import csrf_protect
 from django.views.generic import TemplateView
 
 from django_smartbase_admin.engine.admin_entrypoint_view import SBAdminEntrypointView
@@ -20,16 +29,18 @@ class SBAdminSite(admin.AdminSite):
         "sb_admin/authentification/password_change_done.html"
     )
 
-    def initialize_admin_view(self, view_function, request, **kwargs):
+    def initialize_admin_view(
+        self, view_func: Callable[..., HttpResponse], request: HttpRequest, **kwargs
+    ) -> None:
         request.current_app = "sb_admin"
         selected_view = None
         try:
-            selected_view = view_function.__self__
+            selected_view = view_func.__self__
             from django_smartbase_admin.admin.admin_base import SBAdminBaseView
 
             if not isinstance(selected_view, SBAdminBaseView):
                 selected_view = None
-        except:
+        except Exception:
             pass
         request.sbadmin_selected_view = selected_view
         kwargs["view"] = selected_view.get_id() if selected_view else None
@@ -41,34 +52,46 @@ class SBAdminSite(admin.AdminSite):
                 request, request_data=request_data, **kwargs
             )
 
-    def admin_view_response_wrapper(self, response, request, *args, **kwargs):
+    def admin_view_response_wrapper(
+        self, response: HttpResponse, request: HttpRequest, *args, **kwargs
+    ) -> HttpResponse:
         from django_smartbase_admin.admin.admin_base import SBAdminThirdParty
 
         if isinstance(request.sbadmin_selected_view, SBAdminThirdParty):
             response = SBAdminViewService.replace_legacy_admin_access_in_response(
                 response
             )
-
         return response
 
-    def admin_view(self, view_function, cacheable=False):
-        def inner(request, *args, **kwargs):
-            self.initialize_admin_view(view_function, request, **kwargs)
-            return self.admin_view_response_wrapper(
-                view_function(request, *args, **kwargs), request, *args, **kwargs
-            )
-
-        return super(SBAdminSite, self).admin_view(
-            update_wrapper(inner, view_function), cacheable
-        )
-
-    def each_context(self, request):
+    def admin_view(
+        self,
+        view_func: Callable[..., HttpResponse],
+        cacheable: bool = False,
+        *,
+        public: bool = False
+    ) -> Callable[[HttpRequest, ...], HttpResponse]:
+        def inner(request: HttpRequest, *args, **kwargs):
+            self.initialize_admin_view(view_func, request, **kwargs)
+            response = view_func(request, *args, **kwargs)
+            return self.admin_view_response_wrapper(response, request, *args, **kwargs)
+
+        if not public:
+            return super().admin_view(update_wrapper(inner, view_func), cacheable)
+        # standard Django admin behaviour, expect it skips staff/permission checks
+        if not cacheable:
+            inner = never_cache(inner)
+        if not getattr(view_func, "csrf_exempt", False):
+            inner = csrf_protect(inner)
+        inner = login_not_required(inner)
+        return update_wrapper(inner, view_func)
+
+    def each_context(self, request: HttpRequest) -> dict[str, Any]:
         try:
             return request.sbadmin_selected_view.get_global_context(request)
-        except:
+        except Exception:
             return {}
 
-    def get_urls(self):
+    def get_urls(self) -> list[URLPattern | URLResolver]:
         from django.contrib.auth.views import (
             PasswordResetView,
             PasswordResetDoneView,
@@ -80,6 +103,8 @@ class SBAdminSite(admin.AdminSite):
         from django_smartbase_admin.views.user_config_view import ColorSchemeView
 
         urls = [
+            path("login/", self.admin_view(self.login, public=True), name="login"),
+            path("logout/", self.admin_view(self.logout), name="logout"),
             path(
                 "password_change/",
                 self.admin_view(
@@ -173,5 +198,46 @@ class SBAdminSite(admin.AdminSite):
         urls.extend(super().get_urls())
         return urls
 
+    @method_decorator(never_cache)
+    @login_not_required
+    def login(self, request: HttpRequest, extra_context: dict[str, Any] | None = None):
+        """
+        Same as Django's built-in AdminSite.login view, except it allows the
+        login view class to be overridden via configuration.
+        """
+        if request.method == "GET" and self.has_permission(request):
+            # Already logged-in, redirect to admin index
+            index_path = reverse("admin:index", current_app=self.name)
+            return HttpResponseRedirect(index_path)
+
+        # Since this module gets imported in the application's root package,
+        # it cannot import models from other applications at the module level,
+        # and django.contrib.admin.forms eventually imports User.
+        from django.contrib.admin.forms import AdminAuthenticationForm
+
+        context = {
+            **self.each_context(request),
+            "title": _("Log in"),
+            "subtitle": None,
+            "app_path": request.get_full_path(),
+            "username": request.user.get_username(),
+        }
+        if (
+            REDIRECT_FIELD_NAME not in request.GET
+            and REDIRECT_FIELD_NAME not in request.POST
+        ):
+            context[REDIRECT_FIELD_NAME] = reverse("admin:index", current_app=self.name)
+        context.update(extra_context or {})
+
+        defaults = {
+            "extra_context": context,
+            "authentication_form": self.login_form or AdminAuthenticationForm,
+            "template_name": self.login_template or "admin/login.html",
+        }
+        request.current_app = self.name
+        return request.request_data.configuration.login_view_class.as_view(**defaults)(
+            request
+        )
+
 
 sb_admin_site = SBAdminSite(name="sb_admin")

django_smartbase_admin/engine/configuration.py

@@ -1,4 +1,5 @@
 from django.contrib.auth import get_permission_codename
+from django.contrib.auth.views import LoginView
 from django.db.models import Q
 
 from django_smartbase_admin.admin.site import sb_admin_site
@@ -41,6 +42,7 @@ class SBAdminRoleConfiguration(metaclass=Singleton):
     global_filter_form = None
     filters_version = FilterVersions.FILTERS_VERSION_1
     default_color_scheme = ColorScheme.AUTO
+    login_view_class = LoginView
 
     def __init__(
         self,
@@ -50,6 +52,7 @@ class SBAdminRoleConfiguration(metaclass=Singleton):
         global_filter_form=None,
         filters_version=None,
         default_color_scheme=None,
+        login_view_class=None,
     ) -> None:
         super().__init__()
         self.default_view = default_view or self.default_view or []
@@ -60,6 +63,7 @@ class SBAdminRoleConfiguration(metaclass=Singleton):
         self.autocomplete_map = {}
         self.filters_version = filters_version or self.filters_version
         self.default_color_scheme = default_color_scheme or self.default_color_scheme
+        self.login_view_class = login_view_class or self.login_view_class
 
     def init_registered_views(self):
         registered_views = []