mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-09-15 05:29:11 +00:00
Code Issues 32 Releases Wiki Activity

Fixed #24294 -- Allowed staff_member_required decorator to handle args.

Browse Source
This commit is contained in:
Andrei Kulakov 2015-02-06 16:45:46 -05:00 committed by Tim Graham
parent 4e8b167e4d
commit 08572e8d12
4 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
django/contrib/admin/views/decorators.py
View File

@ -2,13 +2,17 @@ from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import user_passes_test from django.contrib.auth.decorators import user_passes_test
def staff_member_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='admin:login'): def staff_member_required(view_func=None, redirect_field_name=REDIRECT_FIELD_NAME,
login_url='admin:login'):
""" """
Decorator for views that checks that the user is logged in and is a staff Decorator for views that checks that the user is logged in and is a staff
member, displaying the login page if necessary. member, redirecting to the login page if necessary.
""" """
return user_passes_test( actual_decorator = user_passes_test(
lambda u: u.is_active and u.is_staff, lambda u: u.is_active and u.is_staff,
login_url=login_url, login_url=login_url,
redirect_field_name=redirect_field_name redirect_field_name=redirect_field_name
)(view_func) )
if view_func:
return actual_decorator(view_func)
return actual_decorator

9
tests/admin_views/tests.py
View File

@ -2125,6 +2125,15 @@ class SecureViewTests(TestCase):
self.assertTemplateUsed(response, 'admin/login.html') self.assertTemplateUsed(response, 'admin/login.html')
self.assertEqual(response.context[REDIRECT_FIELD_NAME], secure_url) self.assertEqual(response.context[REDIRECT_FIELD_NAME], secure_url)
def test_staff_member_required_decorator_works_with_argument(self):
"""
Ensure that staff_member_required decorator works with an argument
(redirect_field_name).
"""
secure_url = '/test_admin/admin/secure-view2/'
response = self.client.get(secure_url)
self.assertRedirects(response, '%s?myfield=%s' % (reverse('admin:login'), secure_url))
@override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher'], @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher'],
ROOT_URLCONF="admin_views.urls") ROOT_URLCONF="admin_views.urls")

1
tests/admin_views/urls.py
View File

@ -5,6 +5,7 @@ from . import admin, custom_has_permission_admin, customadmin, views
urlpatterns = [ urlpatterns = [
url(r'^test_admin/admin/doc/', include('django.contrib.admindocs.urls')), url(r'^test_admin/admin/doc/', include('django.contrib.admindocs.urls')),
url(r'^test_admin/admin/secure-view/$', views.secure_view, name='secure_view'), url(r'^test_admin/admin/secure-view/$', views.secure_view, name='secure_view'),
url(r'^test_admin/admin/secure-view2/$', views.secure_view2, name='secure_view2'),
url(r'^test_admin/admin/', include(admin.site.urls)), url(r'^test_admin/admin/', include(admin.site.urls)),
url(r'^test_admin/admin2/', include(customadmin.site.urls)), url(r'^test_admin/admin2/', include(customadmin.site.urls)),
url(r'^test_admin/admin3/', include(admin.site.get_urls(), 'admin3', 'admin'), dict(form_url='pony')), url(r'^test_admin/admin3/', include(admin.site.get_urls(), 'admin3', 'admin'), dict(form_url='pony')),

5
tests/admin_views/views.py
View File

@ -5,3 +5,8 @@ from django.http import HttpResponse
@staff_member_required @staff_member_required
def secure_view(request): def secure_view(request):
return HttpResponse('%s' % request.POST) return HttpResponse('%s' % request.POST)
@staff_member_required(redirect_field_name='myfield')
def secure_view2(request):
return HttpResponse('%s' % request.POST)