Redirect back to timetable after substitution entering

aleksis/apps/chronos/templates/chronos/partials/lesson.html

@@ -104,7 +104,7 @@
     {% has_perm "chronos.edit_substitution_rule" user as can_edit_substitution %}
     {% if can_edit_substitution %}
       <br>
-      <span><a href="{% url "edit_substitution" lesson_period.pk lesson_period.week.week %}">{% trans "Manage substitution" %}</a></span>
+      <span><a href="{% url "edit_substitution" lesson_period.pk lesson_period.week.week %}?back={{ request.path }}">{% trans "Manage substitution" %}</a></span>
     {% endif %}
   </p>
 </div>

aleksis/apps/chronos/views.py

@@ -7,6 +7,7 @@ from django.http import HttpRequest, HttpResponse, HttpResponseNotFound
 from django.shortcuts import get_object_or_404, redirect, render
 from django.urls import reverse
 from django.utils import timezone
+from django.utils.http import url_has_allowed_host_and_scheme
 from django.utils.translation import gettext as _
 from django.views.decorators.cache import never_cache
 
@@ -301,6 +302,16 @@ def edit_substitution(request: HttpRequest, id_: int, week: int) -> HttpResponse
 
                 messages.success(request, _("The substitution has been saved."))
 
+            back_url = request.GET.get("back", "")
+            back_url_is_safe = url_has_allowed_host_and_scheme(
+                url=back_url,
+                allowed_hosts={request.get_host()},
+                require_https=request.is_secure(),
+            )
+
+            if back_url_is_safe:
+                return redirect(back_url)
+
             return redirect("lessons_day_by_date", year=day.year, month=day.month, day=day.day)
 
     context["edit_substitution_form"] = edit_substitution_form