From 09a719a4e6820d462fc796606cb242583ad4e79d Mon Sep 17 00:00:00 2001 From: Claude Paroz Date: Sat, 4 Aug 2012 14:55:13 +0200 Subject: [PATCH] Fixed #7833 -- Improved UserCreationForm password validation Make UserCreationForm password validation similar to SetPasswordForm and AdminPasswordChangeForm, so as the match check is only done when both passwords are supplied. Thanks Mitar for the suggestion. --- django/contrib/auth/forms.py | 6 +++--- django/contrib/auth/tests/forms.py | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py index d17c41132e..dfd039f018 100644 --- a/django/contrib/auth/forms.py +++ b/django/contrib/auth/forms.py @@ -89,9 +89,9 @@ class UserCreationForm(forms.ModelForm): raise forms.ValidationError(self.error_messages['duplicate_username']) def clean_password2(self): - password1 = self.cleaned_data.get("password1", "") - password2 = self.cleaned_data["password2"] - if password1 != password2: + password1 = self.cleaned_data.get("password1") + password2 = self.cleaned_data.get("password2") + if password1 and password2 and password1 != password2: raise forms.ValidationError( self.error_messages['password_mismatch']) return password2 diff --git a/django/contrib/auth/tests/forms.py b/django/contrib/auth/tests/forms.py index 2ab895804f..13b8dd1216 100644 --- a/django/contrib/auth/tests/forms.py +++ b/django/contrib/auth/tests/forms.py @@ -65,6 +65,7 @@ class UserCreationFormTest(TestCase): form = UserCreationForm(data) self.assertFalse(form.is_valid()) self.assertEqual(form['password1'].errors, required_error) + self.assertEqual(form['password2'].errors, []) def test_success(self): # The success case.