4 files changed, 35 insertions, 2 deletions

diff --git a/ishtar_common/models.py b/ishtar_common/models.py
index 424648854..1569c97c9 100644
--- a/ishtar_common/models.py
+++ b/ishtar_common/models.py
@@ -4011,6 +4011,23 @@ class IshtarUser(FullSearch):
     def full_label(self):
         return self.person.full_label()
 
+    def get_extra_actions(self, request):
+        actions = []
+        if request.user.ishtaruser.is_ishtaradmin:
+            actions += [
+                (
+                    reverse("regenerate-permissions", args=[self.pk]),
+                    _("Regenerate permissions"),
+                    "fa fa-repeat",
+                    _("regen."),
+                    "btn-warning",
+                    True,
+                    200,
+                )
+            ]
+
+        return actions
+
     @post_importer_action
     def import_set_password(self, context, value):
         self.user_ptr.set_password(value)
diff --git a/ishtar_common/models_common.py b/ishtar_common/models_common.py
index 011c71a8a..dee43d6f8 100644
--- a/ishtar_common/models_common.py
+++ b/ishtar_common/models_common.py
@@ -3464,7 +3464,7 @@ class MainItem(ShortMenuItem, SerializeItem, SheetItem):
             return []
 
         actions = []
-        if request.user.is_superuser and hasattr(self, "auto_external_id"):
+        if request.user.ishtaruser.is_ishtaradmin and hasattr(self, "auto_external_id"):
             actions += [
                 (
                     reverse("regenerate-external-id")
diff --git a/ishtar_common/urls.py b/ishtar_common/urls.py
index 23d161ffc..e0e93a071 100644
--- a/ishtar_common/urls.py
+++ b/ishtar_common/urls.py
@@ -600,6 +600,11 @@ urlpatterns += [
         views.regenerate_external_id,
         name="regenerate-external-id",
     ),
+    path(
+        "regenerate-permissions/<int:user_id>/",
+        views.regenerate_permissions,
+        name="regenerate-permissions",
+    ),
     url(
         r"document/search/(?P<step>.+)?$",
         check_permissions(
diff --git a/ishtar_common/views.py b/ishtar_common/views.py
index 407128f49..b3f062c8d 100644
--- a/ishtar_common/views.py
+++ b/ishtar_common/views.py
@@ -1331,7 +1331,7 @@ def merge_action(model, form, key, name_key="name", callback=None):
 
 
 def regenerate_external_id(request):
-    if not request.user.is_superuser:
+    if not request.user.ishtaruser.is_ishtaradmin:
         raise Http404()
     model = None
     for key in request.GET:
@@ -1348,6 +1348,17 @@ def regenerate_external_id(request):
     return HttpResponseRedirect(reverse("success"))
 
 
+def regenerate_permissions(request, user_id):
+    if not request.user.ishtaruser.is_ishtaradmin:
+        raise Http404()
+    try:
+        ishtaruser = models.IshtarUser.objects.get(pk=user_id)
+    except models.IshtarUser.DoesNotExist:
+        raise Http404()
+    ishtaruser.generate_permission()
+    return HttpResponseRedirect(reverse("success"))
+
+
 person_merge = merge_action(models.Person, forms.MergePersonForm, "person", callback=get_person_gdpr_log)
 organization_merge = merge_action(
     models.Organization, forms.MergeOrganizationForm, "organization"