Django app that enables staff to log in as other users using their own credentials.

Related tags

Admin Panels python django hacktoberfest impersonation
Overview

Impostor

pypi codecov Downloads Hit counter Python versions PyPI - Django Version Python package Upload Python Package Codacy Badge

Impostor is a Django application which allows staff members to login as a different user by using their own username and password.

Login

Login

Logged as

Logged as

Impostor log

Impostor log

Every such authentication is recorded in database and listed in admin interface to everyone with an access to ImpostorLog interface. However it is not possible to delete log entries through admin interface to make covering tracks more difficult.

Impostor was tested with Django 1.11 and above. It might work with other versions too. It also depends on Django's authentication system and assumes you use its usernames for authentication.

Impostor is a MMM project developed by Marko Samastur ([email protected]) and maintained by Andreu Vallbona ([email protected])
licensed under MIT license.

Installation

Impostor won't work, if you are not using Django's auth system. It currently also assumes that you use username to identify your users and not something else (like email).

First install impostor app files as you would any other Django app

pip install impostor

Next some changes to your Django settings file are inorder.

Add impostor.backend.AuthBackend To AUTHENTICATION_BACKENDS : This will add impostor auth backend to other backends. AUTHENTICATION_BACKENDS is a tuple listing backends and if you don't have it yet, then add following lines to your settings:

AUTHENTICATION_BACKENDS = (
    'impostor.backend.AuthBackend',
    'django.contrib.auth.backends.ModelBackend',
)

Also add impostor app to INSTALLED_APPS.

INSTALLED_APPS = [
    '...', 
    'impostor',
]

In order to be able to see the user logged as anotheruser in the django admin, be sure to include the 'impostor' app before the 'django.contrib.admin' in the INSTALLED_APPS.

Run

python manage.py migrate

to create needed table and you are set.

Usage

By now you should have a working system. This means that your superuser users (users with is_superuser flag set to True) can log in as different user by using their password and following concatenation:

staff_username as users_username

Example: Let's say my username is markos and I want to login as user fry. Then I would use 'markos as fry' as my username and my normal password for password.

Every such log in is logged in ImpostorLog table that can be seen through Django admin interface, but for obvious security reasons can't be manipulated there.

You can widen set of users who can impose as other users by adding a setting IMPOSTOR_GROUP to settings.py. Users belonging to a group with this name will also be able to pretend to be somebody else (but not superusers).

Impostor also provides a replacement authentication form, because two usernames can easily exceed 30 character limit of original form. Its name is BigAuthenticationForm and you can find it in impostor.forms.

NOTE: Only superuser users can use this (you have to turn on is_superuser for every user that needs this privilege) or those belonging to IMPOSTOR_GROUP and every such log in gets recorded.

Also use IMPOSTOR_GROUP cautiously because it still allows impersonating somebody with different set of permissions (and hence security breach).

Contributing

Contributions are very welcome. Tests can be run with tox, please ensure the coverage at least stays the same before you submit a pull request.

Local development

Install all the python interpreters you need via pyenv. E.g.:

pyenv install 3.9.2
pyenv install 3.8.8
pyenv install 3.7.7
pyenv install 3.6.13
pyenv install 3.5.3

and then make them global with:

pyenv global 3.9.2 3.8.8 3.7.7 3.6.13 3.5.3

Run the tests

tox

Issues

If you encounter any problems, please file an issue along with a detailed description.

TODO/Wishlist

  • add support for log in with emails
  • record when impostor logs out
  • mark "hijacked" requests (so impostor can tell when he is using website as somebody else and avoid doing something stupid or that you can limit what is doable in such case)
  • framework for easy notification of hijacked users (so you can notify them that their account has been accessed if you wish)
  • add some tests to improve the coverage

Known bugs

  • proper support for logging in with emails (currently broken)
Comments
  • fix: Auth backend which doesn't fully support custom user model

    fix: Auth backend which doesn't fully support custom user model

    Fix multiple issue with auth backend. It now supports custom default user manager, support custom username field with help of get_by_natural_key and doesn't use both email and username for getting user if it is not intended choice for custom UserModel instead use get_by_natural_key and at last protect from timing attack as mentioned at https://code.djangoproject.com/ticket/20760

    opened by iamsauravsharma 7
  • Replace is_staff with is_superuser

    Replace is_staff with is_superuser

    With Impostor i'm able to login as another user, as a superuser too, right? Thus there's no reason to let it available to the staff instead of the restricted superusers "group".

    On the other hand, i need to give access to the admin site to translators and content managers, but i don't want to give them super powers :)

    opened by vad 4
  • Bump pygments from 2.6.1 to 2.7.4

    Bump pygments from 2.6.1 to 2.7.4

    Bumps pygments from 2.6.1 to 2.7.4.

    Release notes

    Sourced from pygments's releases.

    2.7.4

    • Updated lexers:

      • Apache configurations: Improve handling of malformed tags (#1656)

      • CSS: Add support for variables (#1633, #1666)

      • Crystal (#1650, #1670)

      • Coq (#1648)

      • Fortran: Add missing keywords (#1635, #1665)

      • Ini (#1624)

      • JavaScript and variants (#1647 -- missing regex flags, #1651)

      • Markdown (#1623, #1617)

      • Shell

        • Lex trailing whitespace as part of the prompt (#1645)
        • Add missing in keyword (#1652)

      • SQL - Fix keywords (#1668)

      • Typescript: Fix incorrect punctuation handling (#1510, #1511)

    • Fix infinite loop in SML lexer (#1625)

    • Fix backtracking string regexes in JavaScript/TypeScript, Modula2 and many other lexers (#1637)

    • Limit recursion with nesting Ruby heredocs (#1638)

    • Fix a few inefficient regexes for guessing lexers

    • Fix the raw token lexer handling of Unicode (#1616)

    • Revert a private API change in the HTML formatter (#1655) -- please note that private APIs remain subject to change!

    • Fix several exponential/cubic-complexity regexes found by Ben Caller/Doyensec (#1675)

    • Fix incorrect MATLAB example (#1582)

    Thanks to Google's OSS-Fuzz project for finding many of these bugs.

    2.7.3

    ... (truncated)

    Changelog

    Sourced from pygments's changelog.

    Version 2.7.4

    (released January 12, 2021)

    • Updated lexers:

      • Apache configurations: Improve handling of malformed tags (#1656)

      • CSS: Add support for variables (#1633, #1666)

      • Crystal (#1650, #1670)

      • Coq (#1648)

      • Fortran: Add missing keywords (#1635, #1665)

      • Ini (#1624)

      • JavaScript and variants (#1647 -- missing regex flags, #1651)

      • Markdown (#1623, #1617)

      • Shell

        • Lex trailing whitespace as part of the prompt (#1645)
        • Add missing in keyword (#1652)

      • SQL - Fix keywords (#1668)

      • Typescript: Fix incorrect punctuation handling (#1510, #1511)

    • Fix infinite loop in SML lexer (#1625)

    • Fix backtracking string regexes in JavaScript/TypeScript, Modula2 and many other lexers (#1637)

    • Limit recursion with nesting Ruby heredocs (#1638)

    • Fix a few inefficient regexes for guessing lexers

    • Fix the raw token lexer handling of Unicode (#1616)

    • Revert a private API change in the HTML formatter (#1655) -- please note that private APIs remain subject to change!

    • Fix several exponential/cubic-complexity regexes found by Ben Caller/Doyensec (#1675)

    • Fix incorrect MATLAB example (#1582)

    Thanks to Google's OSS-Fuzz project for finding many of these bugs.

    Version 2.7.3

    (released December 6, 2020)

    ... (truncated)

    Commits
    • 4d555d0 Bump version to 2.7.4.
    • fc3b05d Update CHANGES.
    • ad21935 Revert "Added dracula theme style (#1636)"
    • e411506 Prepare for 2.7.4 release.
    • 275e34d doc: remove Perl 6 ref
    • 2e7e8c4 Fix several exponential/cubic complexity regexes found by Ben Caller/Doyensec
    • eb39c43 xquery: fix pop from empty stack
    • 2738778 fix coding style in test_analyzer_lexer
    • 02e0f09 Added 'ERROR STOP' to fortran.py keywords. (#1665)
    • c83fe48 support added for css variables (#1633)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 2
  • Bump py from 1.8.2 to 1.10.0

    Bump py from 1.8.2 to 1.10.0

    Bumps py from 1.8.2 to 1.10.0.

    Changelog

    Sourced from py's changelog.

    1.10.0 (2020-12-12)

    • Fix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)
    • Update vendored apipkg: 1.4 => 1.5
    • Update vendored iniconfig: 1.0.0 => 1.1.1

    1.9.0 (2020-06-24)

    • Add type annotation stubs for the following modules:

      • py.error
      • py.iniconfig
      • py.path (not including SVN paths)
      • py.io
      • py.xml

      There are no plans to type other modules at this time.

      The type annotations are provided in external .pyi files, not inline in the code, and may therefore contain small errors or omissions. If you use py in conjunction with a type checker, and encounter any type errors you believe should be accepted, please report it in an issue.

    Commits
    • e5ff378 Update CHANGELOG for 1.10.0
    • 94cf44f Update vendored libs
    • 5e8ded5 testing: comment out an assert which fails on Python 3.9 for now
    • afdffcc Rename HOWTORELEASE.rst to RELEASING.rst
    • 2de53a6 Merge pull request #266 from nicoddemus/gh-actions
    • fa1b32e Merge pull request #264 from hugovk/patch-2
    • 887d6b8 Skip test_samefile_symlink on pypy3 on Windows
    • e94e670 Fix test_comments() in test_source
    • fef9a32 Adapt test
    • 4a694b0 Add GitHub Actions badge to README
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 2
  • Bump django from 3.1.7 to 3.1.10

    Bump django from 3.1.7 to 3.1.10

    Bumps django from 3.1.7 to 3.1.10.

    Commits
    • a2407cd [3.1.x] Bumped version for 3.1.10 release.
    • afb23f5 [3.1.x] Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs fro...
    • fdbf4a7 [3.1.x] Refs CVE-2021-31542 -- Skipped mock AWS storage test on Windows.
    • 48b39a8 [3.1.x] Added CVE-2021-31542 to security archive.
    • 8012441 [3.1.x] Post-release version bump.
    • 8284fd6 [3.1.x] Bumped version for 3.1.9 release.
    • 25d84d6 [3.1.x] Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file...
    • 6b0c7e6 [3.1.x] Added CVE-2021-28658 to security archive.
    • 5b9ca81 [3.1.x] Post-release version bump.
    • c4928c9 [3.1.x] Bumped version for 3.1.8 release.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 2
  • Bump django from 3.1.7 to 3.1.8

    Bump django from 3.1.7 to 3.1.8

    Bumps django from 3.1.7 to 3.1.8.

    Commits
    • c4928c9 [3.1.x] Bumped version for 3.1.8 release.
    • cca0d98 [3.1.x] Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploa...
    • 6eb01cb [3.1.x] Fixed #32576 -- Corrected dumpdata docs for passing model names to th...
    • 11d241d [3.1.x] Refs #25735 -- Added tags/exclude_tags arguments to DiscoverRunner docs.
    • 4a10c31 [3.1.x] Added parallel argument to DiscoverRunner docs.
    • c528c71 [3.1.x] Corrected DiscoverRunner.build_suite() signature.
    • 95ee8fe [3.1.x] Fixed #32560 -- Fixed test runner with --pdb and --buffer on fail/error.
    • b58b214 [3.1.x] Fixed typo in docs/topics/testing/advanced.txt.
    • 0415ac5 [3.1.x] Fixed #32536 -- Added links to BaseDetailView/BaseListView.get() meth...
    • 7c662b7 [3.1.x] Fixed typo in docs/ref/checks.txt.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 2
  • Bump django from 3.1.7 to 3.1.13

    Bump django from 3.1.7 to 3.1.13

    Bumps django from 3.1.7 to 3.1.13.

    Commits
    • 43873b9 [3.1.x] Bumped version for 3.1.13 release.
    • 0bd57a8 [3.1.x] Fixed CVE-2021-35042 -- Prevented SQL injection in QuerySet.order_by().
    • 8dc1cc0 [3.1.x] Added stub release notes for 3.1.13.
    • 1471ec4 [3.1.x] Fixed docs header underlines in security archive.
    • 6022181 [3.1.x] Added CVE-2021-33203 and CVE-2021-33571 to security archive.
    • 064c0c5 [3.1.x] Post-release version bump.
    • 625d3c1 [3.1.x] Bumped version for 3.1.12 release.
    • 203d4ab [3.1.x] Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
    • 20c67a0 [3.1.x] Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs'...
    • aa8781c [3.1.x] Confirmed release date for Django 3.1.12, and 2.2.24.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump django from 3.1.7 to 3.1.12

    Bump django from 3.1.7 to 3.1.12

    Bumps django from 3.1.7 to 3.1.12.

    Commits
    • 625d3c1 [3.1.x] Bumped version for 3.1.12 release.
    • 203d4ab [3.1.x] Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
    • 20c67a0 [3.1.x] Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs'...
    • aa8781c [3.1.x] Confirmed release date for Django 3.1.12, and 2.2.24.
    • a4eb07a [3.1.x] Fixed typo in MiddlewareMixin deprecation note.
    • c7fdc79 [3.1.x] Added stub release notes and date for Django 3.1.12 and 2.2.24.
    • 024e969 [3.1.x] Changed IRC references to Libera.Chat.
    • c53a76b [3.1.x] Post-release version bump.
    • 6efdf1b [3.1.x] Bumped version for 3.1.11 release.
    • b7d4a6f [3.1.x] Fixed #32718 -- Relaxed file name validation in FileField.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump django from 3.1.7 to 3.1.9

    Bump django from 3.1.7 to 3.1.9

    Bumps django from 3.1.7 to 3.1.9.

    Commits
    • 8284fd6 [3.1.x] Bumped version for 3.1.9 release.
    • 25d84d6 [3.1.x] Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file...
    • 6b0c7e6 [3.1.x] Added CVE-2021-28658 to security archive.
    • 5b9ca81 [3.1.x] Post-release version bump.
    • c4928c9 [3.1.x] Bumped version for 3.1.8 release.
    • cca0d98 [3.1.x] Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploa...
    • 6eb01cb [3.1.x] Fixed #32576 -- Corrected dumpdata docs for passing model names to th...
    • 11d241d [3.1.x] Refs #25735 -- Added tags/exclude_tags arguments to DiscoverRunner docs.
    • 4a10c31 [3.1.x] Added parallel argument to DiscoverRunner docs.
    • c528c71 [3.1.x] Corrected DiscoverRunner.build_suite() signature.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump py from 1.8.2 to 1.10.0

    Bump py from 1.8.2 to 1.10.0

    Bumps py from 1.8.2 to 1.10.0.

    Changelog

    Sourced from py's changelog.

    1.10.0 (2020-12-12)

    • Fix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)
    • Update vendored apipkg: 1.4 => 1.5
    • Update vendored iniconfig: 1.0.0 => 1.1.1

    1.9.0 (2020-06-24)

    • Add type annotation stubs for the following modules:

      • py.error
      • py.iniconfig
      • py.path (not including SVN paths)
      • py.io
      • py.xml

      There are no plans to type other modules at this time.

      The type annotations are provided in external .pyi files, not inline in the code, and may therefore contain small errors or omissions. If you use py in conjunction with a type checker, and encounter any type errors you believe should be accepted, please report it in an issue.

    Commits
    • e5ff378 Update CHANGELOG for 1.10.0
    • 94cf44f Update vendored libs
    • 5e8ded5 testing: comment out an assert which fails on Python 3.9 for now
    • afdffcc Rename HOWTORELEASE.rst to RELEASING.rst
    • 2de53a6 Merge pull request #266 from nicoddemus/gh-actions
    • fa1b32e Merge pull request #264 from hugovk/patch-2
    • 887d6b8 Skip test_samefile_symlink on pypy3 on Windows
    • e94e670 Fix test_comments() in test_source
    • fef9a32 Adapt test
    • 4a694b0 Add GitHub Actions badge to README
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump django from 3.0.7 to 3.1.6

    Bump django from 3.0.7 to 3.1.6

    Bumps django from 3.0.7 to 3.1.6.

    Commits
    • 3235a7b [3.1.x] Bumped version for 3.1.6 release.
    • 02e6592 [3.1.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archiv...
    • 03a8678 [3.1.x] Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database.
    • a271d8c [3.1.x] Modernized custom manager example
    • 82e1294 [3.1.x] Fixed #32391 -- Used CSS flex properties for changelist filter.
    • b920945 [3.1.x] Fixed #32388 -- Clarified QuerySet.bulk_update() caveat about duplica...
    • fa203f1 [3.1.x] Fixed #32348, Refs #29087 -- Corrected tutorial for updated deleting ...
    • 18adc89 [3.1.x] Refs #32372 -- Updated manager name in related objects reference docs.
    • cc5ee23 [3.1.x] Fixed #32372 -- Made examples in related objects reference docs consi...
    • 2a74248 [3.1.x] Fixed #32371 -- Doc'd jquery.init.js dependency for admin widgets.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • [pre-commit.ci] pre-commit autoupdate

    [pre-commit.ci] pre-commit autoupdate

    opened by pre-commit-ci[bot] 1
  • Bump django from 3.1.7 to 3.1.14

    Bump django from 3.1.7 to 3.1.14

    Bumps django from 3.1.7 to 3.1.14.

    Commits
    • 840bebf [3.1.x] Bumped version for 3.1.14 release.
    • 22bd174 [3.1.x] Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream...
    • cfb780d [3.1.x] Added stub release notes 3.1.14 and 2.2.25.
    • 61c2d58 [3.1.x] Added 'formatter' to spelling wordlist.
    • 9dd1f95 [3.1.x] Fixed #33082 -- Fixed CommandTests.test_subparser_invalid_option on P...
    • febc980 [3.1.x] Refs #31676 -- Updated technical board description in organization docs.
    • 34a0bb5 [3.1.x] Refs #31676 -- Added Mergers and Releasers to organization docs.
    • d94b1e4 [3.1.x] Refs #31676 -- Removed Core team from organization docs.
    • cd391be [3.1.x] Fixed typo in docs/releases/3.1.13.txt.
    • cb149dd [3.1.x] Refs #31676 -- Removed Django Core-Mentorship mailing list references...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump ipython from 7.15.0 to 7.16.3

    Bump ipython from 7.15.0 to 7.16.3

    Bumps ipython from 7.15.0 to 7.16.3.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
Releases(v3.0.0)

  • v3.0.0(Apr 16, 2022)

    Improvements of v3.0.0:

    • added support for django 3.2 and django 4.0
    • implemented support for custom user model and custom USERNAME_FIELD (Saurav Sharma)
    • added pre-commit config file
    • applied black and isort to source code

    It's a breaking change given that now do not try to log with the username and the email by default. It only tries to login with the USERNAME_FIELD configured in the settings.

    Source code(tar.gz)
    Source code(zip)

  • v2.0.5(Mar 28, 2021)

    Improvements of v2.0.5:

    • added support for django 3.1
    • added support for python 3.9
    • updated dev dependencies
    • updated documentation
    • added code of conduct
    • added contributing
    • added django versions badge
    Source code(tar.gz)
    Source code(zip)

  • v2.0.4(Jun 21, 2020)

    Improvements of v2.0.4

    • Refactored setup.py in order to pack all the needed files
    • Extended the default admin template to show user logged as another user
    • Added __str__ to ImpostorLog
    • Updated MANIFEST.in
    • Moved some package metadata to __init__
    • Improved code coverage
    Source code(tar.gz)
    Source code(zip)

  • v2.0.3(Jun 20, 2020)

  • v2.0.2(Jun 17, 2020)

  • v2.0.1(Jun 14, 2020)

  • v2.0.0(Jun 13, 2020)

    Impostor improvements, v2.0.0

    • adapted Impostor to newer versions of django 1.11, 2.0, 2.1, 2.2, 3.0
    • added tox for running tests
    • improved tests and coverage
    • added github action for running tests and deploy package to pypi
    • added support for django custom_user_model
    • updated todo list
    • Improved documentation on README.md
    • added changelog
    • removed unnecessary code
    • added migrations
    • added linter
    • updated changelog
    • modified action for deploy package on release
    Source code(tar.gz)
    Source code(zip)
Owner
Andreu Vallbona Plazas
Andreu Vallbona Plazas
GitHub
With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials.

Django Hijack With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials. Docs 3.x docs are avai

null 1.2k Jan 2, 2023
"Log in as user" for the Django admin.

django-loginas About "Login as user" for the Django admin. loginas supports Python 3 only, as of version 0.4. If you're on 2, use 0.3.6. Installing dj

Stavros Korokithakis 326 Dec 3, 2022
A Django app for easily adding object tools in the Django admin

Django Object Actions If you've ever tried making admin object tools you may have thought, "why can't this be as easy as making Django Admin Actions?"

Chris Chang 524 Dec 26, 2022
A Django app that creates automatic web UIs for Python scripts.

Wooey is a simple web interface to run command line Python scripts. Think of it as an easy way to get your scripts up on the web for routine data anal

Wooey 1.9k Jan 1, 2023
WebVirtCloud is virtualization web interface for admins and users

WebVirtCloud is a virtualization web interface for admins and users. It can delegate Virtual Machine's to users. A noVNC viewer presents a full graphical console to the guest domain. KVM is currently the only hypervisor supported.

Anatoliy Guskov 1.3k Dec 29, 2022
BitcartCC is a platform for merchants, users and developers which offers easy setup and use.

BitcartCC is a platform for merchants, users and developers which offers easy setup and use.

BitcartCC 270 Jan 7, 2023
Django Smuggler is a pluggable application for Django Web Framework that helps you to import/export fixtures via the automatically-generated administration interface.

Django Smuggler Django Smuggler is a pluggable application for Django Web Framework to easily dump/load fixtures via the automatically-generated admin

semente 373 Dec 26, 2022
📱 An extension for Django admin that makes interface mobile-friendly. Merged into Django 2.0

Django Flat Responsive django-flat-responsive is included as part of Django from version 2.0! ?? Use this app if your project is powered by an older D

elky 248 Sep 2, 2022
An improved django-admin-tools dashboard for Django projects

django-fluent-dashboard The fluent_dashboard module offers a custom admin dashboard, built on top of django-admin-tools (docs). The django-admin-tools

django-fluent 326 Nov 9, 2022
Legacy django jet rebooted , supports only Django 3

Django JET Reboot Rebooting the original project : django-jet. Django Jet is modern template for Django admin interface with improved functionality. W

null 215 Dec 31, 2022
Disable dark mode in Django admin user interface in Django 3.2.x.

Django Non Dark Admin Disable or enable dark mode user interface in Django admin panel (Django==3.2). Installation For install this app run in termina

Artem Galichkin 6 Nov 23, 2022
A Django admin theme using Twitter Bootstrap. It doesn't need any kind of modification on your side, just add it to the installed apps.

django-admin-bootstrapped A Django admin theme using Bootstrap. It doesn't need any kind of modification on your side, just add it to the installed ap

null 1.6k Dec 28, 2022
A Django admin theme using Twitter Bootstrap. It doesn't need any kind of modification on your side, just add it to the installed apps.

django-admin-bootstrapped A Django admin theme using Bootstrap. It doesn't need any kind of modification on your side, just add it to the installed ap

null 1.6k Dec 28, 2022
A high-level app and dashboarding solution for Python

Panel provides tools for easily composing widgets, plots, tables, and other viewable objects and controls into custom analysis tools, apps, and dashboards.

HoloViz 2.5k Jan 3, 2023
Firebase Admin Console is a centralized platform for easy viewing and maintenance of Firestore database, the back-end API is a Python Flask app.

Firebase Admin Console is a centralized platform for easy viewing and maintenance of Firestore database, the back-end API is a Python Flask app. A starting template for developers to customize, build, and even deploy the desired admin console for their DB.

Daqi Chen 1 Sep 10, 2022
Modern responsive template for the Django admin interface with improved functionality. We are proud to announce completely new Jet. Please check out Live Demo

Django JET Modern template for Django admin interface with improved functionality Attention! NEW JET We are proud to announce completely new Jet. Plea

Geex Arts 3.4k Dec 29, 2022
Drop-in replacement of Django admin comes with lots of goodies, fully extensible with plugin support, pretty UI based on Twitter Bootstrap.

Xadmin Drop-in replacement of Django admin comes with lots of goodies, fully extensible with plugin support, pretty UI based on Twitter Bootstrap. Liv

差沙 4.7k Dec 31, 2022
A jazzy skin for the Django Admin-Interface (official repository).

Django Grappelli A jazzy skin for the Django admin interface. Grappelli is a grid-based alternative/extension to the Django administration interface.

Patrick Kranzlmueller 3.4k Dec 31, 2022
django's default admin interface made customizable. popup windows replaced by modals. :mage: :zap:

django-admin-interface django-admin-interface is a modern responsive flat admin interface customizable by the admin itself. Features Beautiful default

Fabio Caccamo 1.3k Dec 31, 2022