mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-18 16:49:13 +00:00
Code Issues 32 Releases Wiki Activity

[1.0.X] Fixed #10694: correctly check permissions in the change password admin. Thanks, jturnbull. Backport of r10591 from trunk.

Browse Source 
git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@10592 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Jacob Kaplan-Moss 2009-04-18 21:06:19 +00:00
parent 283442a50e
commit f0e7dca9d1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
django/contrib/auth/admin.py
View File

@ -90,7 +90,7 @@ class UserAdmin(admin.ModelAdmin):
}, context_instance=template.RequestContext(request)) }, context_instance=template.RequestContext(request))
def user_change_password(self, request, id): def user_change_password(self, request, id):
if not request.user.has_perm('auth.change_user'): if not self.has_change_permission(request):
raise PermissionDenied raise PermissionDenied
user = get_object_or_404(self.model, pk=id) user = get_object_or_404(self.model, pk=id)
if request.method == 'POST': if request.method == 'POST':