mirror of
https://github.com/django/django.git
synced 2025-01-18 14:24:39 +00:00
Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.
Regression in ba31b0103442ac891fb3cb98f316781254e366c3.
This commit is contained in:
parent
de32fe83a2
commit
f7691d4812
@ -420,14 +420,13 @@ class AdminSite:
|
||||
def catch_all_view(self, request, url):
|
||||
if settings.APPEND_SLASH and not url.endswith('/'):
|
||||
urlconf = getattr(request, 'urlconf', None)
|
||||
path = '%s/' % request.path_info
|
||||
try:
|
||||
match = resolve(path, urlconf)
|
||||
match = resolve('%s/' % request.path_info, urlconf)
|
||||
except Resolver404:
|
||||
pass
|
||||
else:
|
||||
if getattr(match.func, 'should_append_slash', True):
|
||||
return HttpResponsePermanentRedirect(path)
|
||||
return HttpResponsePermanentRedirect('%s/' % request.path)
|
||||
raise Http404
|
||||
|
||||
def _build_app_dict(self, request, label=None):
|
||||
|
@ -9,4 +9,6 @@ Django 3.2.4 fixes several bugs in 3.2.3.
|
||||
Bugfixes
|
||||
========
|
||||
|
||||
* ...
|
||||
* Fixed a bug in Django 3.2 where a final catch-all view in the admin didn't
|
||||
respect the server-provided value of ``SCRIPT_NAME`` when redirecting
|
||||
unauthenticated users to the login page (:ticket:`32754`).
|
||||
|
@ -6602,6 +6602,42 @@ class AdminSiteFinalCatchAllPatternTests(TestCase):
|
||||
response = self.client.get(known_url[:-1])
|
||||
self.assertRedirects(response, known_url, status_code=301, target_status_code=403)
|
||||
|
||||
@override_settings(APPEND_SLASH=True)
|
||||
def test_missing_slash_append_slash_true_script_name(self):
|
||||
superuser = User.objects.create_user(
|
||||
username='staff',
|
||||
password='secret',
|
||||
email='staff@example.com',
|
||||
is_staff=True,
|
||||
)
|
||||
self.client.force_login(superuser)
|
||||
known_url = reverse('admin:admin_views_article_changelist')
|
||||
response = self.client.get(known_url[:-1], SCRIPT_NAME='/prefix/')
|
||||
self.assertRedirects(
|
||||
response,
|
||||
'/prefix' + known_url,
|
||||
status_code=301,
|
||||
fetch_redirect_response=False,
|
||||
)
|
||||
|
||||
@override_settings(APPEND_SLASH=True, FORCE_SCRIPT_NAME='/prefix/')
|
||||
def test_missing_slash_append_slash_true_force_script_name(self):
|
||||
superuser = User.objects.create_user(
|
||||
username='staff',
|
||||
password='secret',
|
||||
email='staff@example.com',
|
||||
is_staff=True,
|
||||
)
|
||||
self.client.force_login(superuser)
|
||||
known_url = reverse('admin:admin_views_article_changelist')
|
||||
response = self.client.get(known_url[:-1])
|
||||
self.assertRedirects(
|
||||
response,
|
||||
'/prefix' + known_url,
|
||||
status_code=301,
|
||||
fetch_redirect_response=False,
|
||||
)
|
||||
|
||||
@override_settings(APPEND_SLASH=True)
|
||||
def test_missing_slash_append_slash_true_non_staff_user(self):
|
||||
user = User.objects.create_user(
|
||||
|
Loading…
x
Reference in New Issue
Block a user