Author: jezdez
Date: 2012-02-09 10:56:23 -0800 (Thu, 09 Feb 2012)
New Revision: 17465
Modified:
django/trunk/django/contrib/admin/sites.py
django/trunk/tests/regressiontests/admin_views/tests.py
Log:
Fixed #159 -- Prevent the `AdminSite` from logging users out when they try to
log in form the logout page. Many thanks, ashchristopher.
Modified: django/trunk/django/contrib/admin/sites.py
===================================================================
--- django/trunk/django/contrib/admin/sites.py 2012-02-09 18:41:20 UTC (rev
17464)
+++ django/trunk/django/contrib/admin/sites.py 2012-02-09 18:56:23 UTC (rev
17465)
@@ -1,5 +1,5 @@
from functools import update_wrapper
-from django import http
+from django.http import Http404, HttpResponseRedirect
from django.contrib.admin import ModelAdmin, actions
from django.contrib.admin.forms import AdminAuthenticationForm
from django.contrib.auth import REDIRECT_FIELD_NAME
@@ -188,6 +188,10 @@
"""
def inner(request, *args, **kwargs):
if not self.has_permission(request):
+ if request.path == reverse('admin:logout',
+ current_app=self.name):
+ index_path = reverse('admin:index', current_app=self.name)
+ return HttpResponseRedirect(index_path)
return self.login(request)
return view(request, *args, **kwargs)
if not cacheable:
@@ -421,7 +425,7 @@
'models': [model_dict],
}
if not app_dict:
- raise http.Http404('The requested admin page does not exist.')
+ raise Http404('The requested admin page does not exist.')
# Sort the models alphabetically within each app.
app_dict['models'].sort(key=lambda x: x['name'])
context = {
Property changes on: django/trunk/django/contrib/admin/sites.py
___________________________________________________________________
Added: svn:executable
+ *
Modified: django/trunk/tests/regressiontests/admin_views/tests.py
===================================================================
--- django/trunk/tests/regressiontests/admin_views/tests.py 2012-02-09
18:41:20 UTC (rev 17464)
+++ django/trunk/tests/regressiontests/admin_views/tests.py 2012-02-09
18:56:23 UTC (rev 17465)
@@ -3385,3 +3385,31 @@
self.assertEqual('Josh Stone', Parent.objects.latest('id').name)
self.assertEqual([u'Catherine Stone', u'Paul Stone'], children_names)
+
+
+class AdminViewLogoutTest(TestCase):
+ urls = "regressiontests.admin_views.urls"
+ fixtures = ['admin-views-users.xml']
+
+ def setUp(self):
+ self.client.login(username='super', password='secret')
+
+ def tearDown(self):
+ self.client.logout()
+
+ def test_client_logout_url_can_be_used_to_login(self):
+ response = self.client.get('/test_admin/admin/logout/')
+ self.assertEqual(response.status_code, 200)
+ self.assertEqual(response.template_name,
'registration/logged_out.html')
+ self.assertEqual(response.request['PATH_INFO'],
'/test_admin/admin/logout/')
+
+ # we are now logged out
+ response = self.client.get('/test_admin/admin/logout/')
+ self.assertEqual(response.status_code, 302) # we should be redirected
to the login page.
+
+ # follow the redirect and test results.
+ response = self.client.get('/test_admin/admin/logout/', follow=True)
+ self.assertEqual(response.status_code, 200)
+ self.assertEqual(response.template_name, 'admin/login.html')
+ self.assertEqual(response.request['PATH_INFO'], '/test_admin/admin/')
+ self.assertContains(response, '<input type="hidden" name="next"
value="/test_admin/admin/" />')
Property changes on: django/trunk/tests/regressiontests/admin_views/tests.py
___________________________________________________________________
Added: svn:executable
+ *
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
