From be810670ff9805d2d7f8e3260015db2123f0c5a9 Mon Sep 17 00:00:00 2001
From: Brian Rosner <brosner@gmail.com>
Date: Tue, 10 Jun 2008 16:05:09 +0000
Subject: [PATCH] newforms-admin: Fixed #5999 -- When a session expires
 properly route the flow to call the correct view. Thanks favo and Michael
 Newman.

git-svn-id: http://code.djangoproject.com/svn/django/branches/newforms-admin@7611 bcc190cf-cafb-0310-a4f2-bffc1f526a37
---
 django/contrib/admin/sites.py              | 9 +++++++--
 tests/regressiontests/admin_views/tests.py | 9 +++++++++
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py
index 6c6f47e388..b4f160dbbe 100644
--- a/django/contrib/admin/sites.py
+++ b/django/contrib/admin/sites.py
@@ -113,7 +113,12 @@ class AdminSite(object):
             return self.logout(request)
 
         if not self.has_permission(request):
-            return self.login(request)
+            response = self.login(request)
+            if response:
+                # make sure that there is a response before returning
+                # this addresses any post data that might persist from
+                # expired sessions and continue through (#5999)
+                return response
 
 
         if url == '':
@@ -245,7 +250,7 @@ class AdminSite(object):
                         # overwrite request.POST with the saved post_data, and continue
                         request.POST = post_data
                         request.user = user
-                        return view_func(request, *args, **kwargs)
+                        return None
                     else:
                         request.session.delete_test_cookie()
                         return http.HttpResponseRedirect(request.path)
diff --git a/tests/regressiontests/admin_views/tests.py b/tests/regressiontests/admin_views/tests.py
index f3c2b1f2fc..cfe73f184d 100644
--- a/tests/regressiontests/admin_views/tests.py
+++ b/tests/regressiontests/admin_views/tests.py
@@ -145,6 +145,15 @@ class AdminViewPermissionsTest(TestCase):
         self.failUnlessEqual(Article.objects.all().count(), 3)
         self.client.get('/test_admin/admin/logout/')
         
+        # Check and make sure that if user expires, data still persists
+        post = self.client.post('/test_admin/admin/admin_views/article/add/', add_dict)
+        self.assertContains(post, 'Please log in again, because your session has expired.')
+        self.super_login['post_data'] = _encode_post_data(add_dict)
+        post = self.client.post('/test_admin/admin/admin_views/article/add/', self.super_login)
+        self.assertRedirects(post, '/test_admin/admin/admin_views/article/')
+        self.failUnlessEqual(Article.objects.all().count(), 4)
+        self.client.get('/test_admin/admin/logout/')
+        
     def testChangeView(self):
         """Change view should restrict access and allow users to edit items."""