Refs #22569 -- Made request required in ModelAdmin.lookup_allowed() per deprecation timeline.

django/contrib/admin/options.py

@@ -448,9 +448,7 @@ class BaseModelAdmin(metaclass=forms.MediaDefiningClass):
             else self.get_list_display(request)
         )
 
-    # RemovedInDjango60Warning: when the deprecation ends, replace with:
+    def lookup_allowed(self, lookup, value, request):
-    # def lookup_allowed(self, lookup, value, request):
-    def lookup_allowed(self, lookup, value, request=None):
         from django.contrib.admin.filters import SimpleListFilter
 
         model = self.model
@@ -498,12 +496,7 @@ class BaseModelAdmin(metaclass=forms.MediaDefiningClass):
             # Either a local field filter, or no fields at all.
             return True
         valid_lookups = {self.date_hierarchy}
-        # RemovedInDjango60Warning: when the deprecation ends, replace with:
+        for filter_item in self.get_list_filter(request):
-        # for filter_item in self.get_list_filter(request):
-        list_filter = (
-            self.get_list_filter(request) if request is not None else self.list_filter
-        )
-        for filter_item in list_filter:
             if isinstance(filter_item, type) and issubclass(
                 filter_item, SimpleListFilter
             ):

django/contrib/admin/views/main.py

@@ -1,4 +1,3 @@
-import warnings
 from datetime import datetime, timedelta
 
 from django import forms
@@ -33,9 +32,7 @@ from django.db.models import F, Field, ManyToOneRel, OrderBy
 from django.db.models.constants import LOOKUP_SEP
 from django.db.models.expressions import Combinable
 from django.urls import reverse
-from django.utils.deprecation import RemovedInDjango60Warning
 from django.utils.http import urlencode
-from django.utils.inspect import func_supports_parameter
 from django.utils.timezone import make_aware
 from django.utils.translation import gettext
 
@@ -178,19 +175,9 @@ class ChangeList:
         may_have_duplicates = False
         has_active_filters = False
 
-        supports_request = func_supports_parameter(
-            self.model_admin.lookup_allowed, "request"
-        )
-        if not supports_request:
-            warnings.warn(
-                f"`request` must be added to the signature of "
-                f"{self.model_admin.__class__.__qualname__}.lookup_allowed().",
-                RemovedInDjango60Warning,
-            )
         for key, value_list in lookup_params.items():
             for value in value_list:
-                params = (key, value, request) if supports_request else (key, value)
+                if not self.model_admin.lookup_allowed(key, value, request):
-                if not self.model_admin.lookup_allowed(*params):
                     raise DisallowedModelAdminLookup(f"Filtering by {key} not allowed")
 
         filter_specs = []

django/contrib/auth/admin.py

@@ -106,9 +106,7 @@ class UserAdmin(admin.ModelAdmin):
             ),
         ] + super().get_urls()
 
-    # RemovedInDjango60Warning: when the deprecation ends, replace with:
+    def lookup_allowed(self, lookup, value, request):
-    # def lookup_allowed(self, lookup, value, request):
-    def lookup_allowed(self, lookup, value, request=None):
         # Don't allow lookups involving passwords.
         return not lookup.startswith("password") and super().lookup_allowed(
             lookup, value, request

docs/releases/6.0.txt

@@ -262,6 +262,9 @@ to remove usage of these features.
 
 * ``BaseDatabaseOperations.field_cast_sql()`` is removed.
 
+* ``request`` is required in the signature of ``ModelAdmin.lookup_allowed()``
+  subclasses.
+
 See :ref:`deprecated-features-5.1` for details on these changes, including how
 to remove usage of these features.
 

tests/modeladmin/tests.py

@@ -275,36 +275,6 @@ class ModelAdminTests(TestCase):
             True,
         )
 
-    def test_lookup_allowed_without_request_deprecation(self):
-        class ConcertAdmin(ModelAdmin):
-            list_filter = ["main_band__sign_date"]
-
-            def get_list_filter(self, request):
-                return self.list_filter + ["main_band__name"]
-
-            def lookup_allowed(self, lookup, value):
-                return True
-
-        model_admin = ConcertAdmin(Concert, self.site)
-        msg = (
-            "`request` must be added to the signature of ModelAdminTests."
-            "test_lookup_allowed_without_request_deprecation.<locals>."
-            "ConcertAdmin.lookup_allowed()."
-        )
-        request_band_name_filter = RequestFactory().get(
-            "/", {"main_band__name": "test"}
-        )
-        request_band_name_filter.user = User.objects.create_superuser(
-            username="bob", email="bob@test.com", password="test"
-        )
-        with self.assertWarnsMessage(RemovedInDjango60Warning, msg):
-            changelist = model_admin.get_changelist_instance(request_band_name_filter)
-            filterspec = changelist.get_filters(request_band_name_filter)[0][0]
-            self.assertEqual(filterspec.title, "sign date")
-            filterspec = changelist.get_filters(request_band_name_filter)[0][1]
-            self.assertEqual(filterspec.title, "name")
-            self.assertSequenceEqual(filterspec.lookup_choices, [self.band.name])
-
     def test_field_arguments(self):
         # If fields is specified, fieldsets_add and fieldsets_change should
         # just stick the fields into a formsets structure and return it.