diff --git a/django/contrib/auth/fixtures/authtestdata.json b/django/contrib/auth/fixtures/authtestdata.json
index c2867430e6..931328899b 100644
--- a/django/contrib/auth/fixtures/authtestdata.json
+++ b/django/contrib/auth/fixtures/authtestdata.json
@@ -1,55 +1,109 @@
[
{
- "pk": "1",
- "model": "auth.user",
+ "pk": "1",
+ "model": "auth.user",
"fields": {
- "username": "testclient",
- "first_name": "Test",
- "last_name": "Client",
- "is_active": true,
- "is_superuser": false,
- "is_staff": false,
- "last_login": "2006-12-17 07:03:31",
- "groups": [],
- "user_permissions": [],
- "password": "sha1$6efc0$f93efe9fd7542f25a7be94871ea45aa95de57161",
- "email": "testclient@example.com",
+ "username": "testclient",
+ "first_name": "Test",
+ "last_name": "Client",
+ "is_active": true,
+ "is_superuser": false,
+ "is_staff": false,
+ "last_login": "2006-12-17 07:03:31",
+ "groups": [],
+ "user_permissions": [],
+ "password": "sha1$6efc0$f93efe9fd7542f25a7be94871ea45aa95de57161",
+ "email": "testclient@example.com",
"date_joined": "2006-12-17 07:03:31"
}
},
{
- "pk": "2",
- "model": "auth.user",
+ "pk": "2",
+ "model": "auth.user",
"fields": {
- "username": "inactive",
- "first_name": "Inactive",
- "last_name": "User",
- "is_active": false,
- "is_superuser": false,
- "is_staff": false,
- "last_login": "2006-12-17 07:03:31",
- "groups": [],
- "user_permissions": [],
- "password": "sha1$6efc0$f93efe9fd7542f25a7be94871ea45aa95de57161",
+ "username": "inactive",
+ "first_name": "Inactive",
+ "last_name": "User",
+ "is_active": false,
+ "is_superuser": false,
+ "is_staff": false,
+ "last_login": "2006-12-17 07:03:31",
+ "groups": [],
+ "user_permissions": [],
+ "password": "sha1$6efc0$f93efe9fd7542f25a7be94871ea45aa95de57161",
"email": "testclient2@example.com",
"date_joined": "2006-12-17 07:03:31"
}
},
{
- "pk": "3",
- "model": "auth.user",
+ "pk": "3",
+ "model": "auth.user",
"fields": {
- "username": "staff",
- "first_name": "Staff",
- "last_name": "Member",
- "is_active": true,
- "is_superuser": false,
- "is_staff": true,
- "last_login": "2006-12-17 07:03:31",
- "groups": [],
- "user_permissions": [],
- "password": "sha1$6efc0$f93efe9fd7542f25a7be94871ea45aa95de57161",
- "email": "staffmember@example.com",
+ "username": "staff",
+ "first_name": "Staff",
+ "last_name": "Member",
+ "is_active": true,
+ "is_superuser": false,
+ "is_staff": true,
+ "last_login": "2006-12-17 07:03:31",
+ "groups": [],
+ "user_permissions": [],
+ "password": "sha1$6efc0$f93efe9fd7542f25a7be94871ea45aa95de57161",
+ "email": "staffmember@example.com",
+ "date_joined": "2006-12-17 07:03:31"
+ }
+ },
+ {
+ "pk": "4",
+ "model": "auth.user",
+ "fields": {
+ "username": "empty_password",
+ "first_name": "Empty",
+ "last_name": "Password",
+ "is_active": true,
+ "is_superuser": false,
+ "is_staff": false,
+ "last_login": "2006-12-17 07:03:31",
+ "groups": [],
+ "user_permissions": [],
+ "password": "",
+ "email": "empty_password@example.com",
+ "date_joined": "2006-12-17 07:03:31"
+ }
+ },
+ {
+ "pk": "5",
+ "model": "auth.user",
+ "fields": {
+ "username": "unmanageable_password",
+ "first_name": "Unmanageable",
+ "last_name": "Password",
+ "is_active": true,
+ "is_superuser": false,
+ "is_staff": false,
+ "last_login": "2006-12-17 07:03:31",
+ "groups": [],
+ "user_permissions": [],
+ "password": "$",
+ "email": "unmanageable_password@example.com",
+ "date_joined": "2006-12-17 07:03:31"
+ }
+ },
+ {
+ "pk": "6",
+ "model": "auth.user",
+ "fields": {
+ "username": "unknown_password",
+ "first_name": "Unknown",
+ "last_name": "Password",
+ "is_active": true,
+ "is_superuser": false,
+ "is_staff": false,
+ "last_login": "2006-12-17 07:03:31",
+ "groups": [],
+ "user_permissions": [],
+ "password": "foo$bar",
+ "email": "unknown_password@example.com",
"date_joined": "2006-12-17 07:03:31"
}
}
diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py
index a88c866e4b..a7278be6eb 100644
--- a/django/contrib/auth/forms.py
+++ b/django/contrib/auth/forms.py
@@ -29,14 +29,18 @@ class ReadOnlyPasswordHashWidget(forms.Widget):
encoded = smart_str(encoded)
if len(encoded) == 32 and '$' not in encoded:
- hasher = get_hasher('unsalted_md5')
+ algorithm = 'unsalted_md5'
else:
algorithm = encoded.split('$', 1)[0]
- hasher = get_hasher(algorithm)
- summary = ""
- for key, value in hasher.safe_summary(encoded).iteritems():
- summary += "%(key)s: %(value)s " % {"key": ugettext(key), "value": value}
+ try:
+ hasher = get_hasher(algorithm)
+ except ValueError:
+ summary = "%s" % ugettext("Invalid password format or unknown hashing algorithm.")
+ else:
+ summary = ""
+ for key, value in hasher.safe_summary(encoded).iteritems():
+ summary += "%(key)s: %(value)s " % {"key": ugettext(key), "value": value}
return mark_safe("%(summary)s" % {"attrs": flatatt(final_attrs), "summary": summary})
diff --git a/django/contrib/auth/tests/forms.py b/django/contrib/auth/tests/forms.py
index e4c8bf2586..2397b52aff 100644
--- a/django/contrib/auth/tests/forms.py
+++ b/django/contrib/auth/tests/forms.py
@@ -65,7 +65,6 @@ class UserCreationFormTest(TestCase):
def test_success(self):
# The success case.
-
data = {
'username': 'jsmith@example.com',
'password1': 'test123',
@@ -236,6 +235,25 @@ class UserChangeFormTest(TestCase):
# Just check we can create it
form = MyUserForm({})
+ def test_bug_17944_empty_password(self):
+ user = User.objects.get(username='empty_password')
+ form = UserChangeForm(instance=user)
+ # Just check that no error is raised.
+ form.as_table()
+
+ def test_bug_17944_unmanageable_password(self):
+ user = User.objects.get(username='unmanageable_password')
+ form = UserChangeForm(instance=user)
+ # Just check that no error is raised.
+ form.as_table()
+
+ def test_bug_17944_unknown_password_algorithm(self):
+ user = User.objects.get(username='unknown_password')
+ form = UserChangeForm(instance=user)
+ # Just check that no error is raised.
+ form.as_table()
+
+
UserChangeFormTest = override_settings(USE_TZ=False)(UserChangeFormTest)