[2.2.x] Fixed #30237 -- Made Authentication/SessionMiddleware and ModelBackend admin checks allow subclasses.

Backport of f976ab1b11 from master.
2025-10-31 09:41:08 +00:00 · 2019-03-05 22:22:09 +01:00
parent b150d99460
commit d8704a4d4f
2 changed files with 73 additions and 6 deletions
--- a/django/contrib/admin/checks.py
+++ b/django/contrib/admin/checks.py
@@ -18,6 +18,7 @@ from django.template import engines
 from django.template.backends.django import DjangoTemplates
 from django.utils.deprecation import RemovedInDjango30Warning
 from django.utils.inspect import get_func_args
+from django.utils.module_loading import import_string


 def _issubclass(cls, classinfo):
@@ -31,6 +32,23 @@ def _issubclass(cls, classinfo):
        return False


+def _contains_subclass(class_path, candidate_paths):
+    """
+    Return whether or not a dotted class path (or a subclass of that class) is
+    found in a list of candidate paths.
+    """
+    cls = import_string(class_path)
+    for path in candidate_paths:
+        try:
+            candidate_cls = import_string(path)
+        except ImportError:
+            # ImportErrors are raised elsewhere.
+            continue
+        if _issubclass(candidate_cls, cls):
+            return True
+    return False
+
+
 def check_admin_app(app_configs, **kwargs):
    from django.contrib.admin.sites import all_sites
    errors = []
@@ -75,8 +93,7 @@ def check_dependencies(**kwargs):
    else:
        if ('django.contrib.auth.context_processors.auth'
                not in django_templates_instance.context_processors and
-                'django.contrib.auth.backends.ModelBackend'
-                in settings.AUTHENTICATION_BACKENDS):
+                _contains_subclass('django.contrib.auth.backends.ModelBackend', settings.AUTHENTICATION_BACKENDS)):
            errors.append(checks.Error(
                "'django.contrib.auth.context_processors.auth' must be "
                "enabled in DjangoTemplates (TEMPLATES) if using the default "
@@ -91,15 +108,14 @@ def check_dependencies(**kwargs):
                "the admin application.",
                id='admin.E404',
            ))
-    if ('django.contrib.auth.middleware.AuthenticationMiddleware'
-            not in settings.MIDDLEWARE):
+
+    if not _contains_subclass('django.contrib.auth.middleware.AuthenticationMiddleware', settings.MIDDLEWARE):
        errors.append(checks.Error(
            "'django.contrib.auth.middleware.AuthenticationMiddleware' must "
            "be in MIDDLEWARE in order to use the admin application.",
            id='admin.E408',
        ))
-    if ('django.contrib.messages.middleware.MessageMiddleware'
-            not in settings.MIDDLEWARE):
+    if not _contains_subclass('django.contrib.messages.middleware.MessageMiddleware', settings.MIDDLEWARE):
        errors.append(checks.Error(
            "'django.contrib.messages.middleware.MessageMiddleware' must "
            "be in MIDDLEWARE in order to use the admin application.",