[1.8.x] Fixed #26035 -- Prevented user-tools from appearing on admin logout page.
Backport of 7cc2efc2d6
from master
This commit is contained in:
parent
5c1de942ac
commit
7688089e0f
1
AUTHORS
1
AUTHORS
|
@ -611,6 +611,7 @@ answer newbie questions, and generally made Django that much better:
|
|||
schwank@gmail.com
|
||||
Scot Hacker <shacker@birdhouse.org>
|
||||
Scott Barr <scott@divisionbyzero.com.au>
|
||||
Scott Pashley <github@scottpashley.co.uk>
|
||||
scott@staplefish.com
|
||||
Sean Brant
|
||||
Sebastian Hillig <sebastian.hillig@gmail.com>
|
||||
|
|
|
@ -355,7 +355,13 @@ class AdminSite(object):
|
|||
from django.contrib.auth.views import logout
|
||||
defaults = {
|
||||
'current_app': self.name,
|
||||
'extra_context': dict(self.each_context(request), **(extra_context or {})),
|
||||
'extra_context': dict(
|
||||
self.each_context(request),
|
||||
# Since the user isn't logged out at this point, the value of
|
||||
# has_permission must be overridden.
|
||||
has_permission=False,
|
||||
**(extra_context or {})
|
||||
),
|
||||
}
|
||||
if self.logout_template is not None:
|
||||
defaults['template_name'] = self.logout_template
|
||||
|
|
|
@ -9,4 +9,5 @@ Django 1.8.9 fixes several bugs in 1.8.8.
|
|||
Bugfixes
|
||||
========
|
||||
|
||||
* ...
|
||||
* Fixed a regression that caused the "user-tools" items to display on the
|
||||
admin's logout page (:ticket:`26035`).
|
||||
|
|
|
@ -4832,19 +4832,19 @@ class AdminCustomSaveRelatedTests(TestCase):
|
|||
|
||||
@override_settings(PASSWORD_HASHERS=('django.contrib.auth.hashers.SHA1PasswordHasher',),
|
||||
ROOT_URLCONF="admin_views.urls")
|
||||
class AdminViewLogoutTest(TestCase):
|
||||
class AdminViewLogoutTests(TestCase):
|
||||
fixtures = ['admin-views-users.xml']
|
||||
|
||||
def setUp(self):
|
||||
def test_logout(self):
|
||||
self.client.login(username='super', password='secret')
|
||||
|
||||
def test_client_logout_url_can_be_used_to_login(self):
|
||||
response = self.client.get(reverse('admin:logout'))
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertTemplateUsed(response, 'registration/logged_out.html')
|
||||
self.assertEqual(response.request['PATH_INFO'], reverse('admin:logout'))
|
||||
self.assertFalse(response.context['has_permission'])
|
||||
self.assertNotContains(response, 'user-tools') # user-tools div shouldn't visible.
|
||||
|
||||
# we are now logged out
|
||||
def test_client_logout_url_can_be_used_to_login(self):
|
||||
response = self.client.get(reverse('admin:logout'))
|
||||
self.assertEqual(response.status_code, 302) # we should be redirected to the login page.
|
||||
|
||||
|
|
Loading…
Reference in New Issue