Fixed #15371 -- Ensure that a superuser created with the createsuperuser management command with --noinput has an invalid password, not a blank password. Thanks to yishaibeeri for the report and patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15631 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Russell Keith-Magee 2011-02-22 11:33:04 +00:00
parent 37343bac8a
commit b9a20d1e3b
2 changed files with 8 additions and 4 deletions

View File

@ -53,7 +53,8 @@ class Command(BaseCommand):
except exceptions.ValidationError: except exceptions.ValidationError:
raise CommandError("Invalid email address.") raise CommandError("Invalid email address.")
password = '' # If not provided, create the user with an unusable password
password = None
# Try to determine the current system user's username to use as a default. # Try to determine the current system user's username to use as a default.
try: try:

View File

@ -62,7 +62,9 @@ class BasicTestCase(TestCase):
self.assertEqual(command_output, 'Superuser created successfully.') self.assertEqual(command_output, 'Superuser created successfully.')
u = User.objects.get(username="joe") u = User.objects.get(username="joe")
self.assertEquals(u.email, 'joe@somewhere.org') self.assertEquals(u.email, 'joe@somewhere.org')
self.assertTrue(u.check_password(''))
# created password should be unusable
self.assertFalse(u.has_usable_password())
# We can supress output on the management command # We can supress output on the management command
new_io = StringIO() new_io = StringIO()
@ -77,7 +79,8 @@ class BasicTestCase(TestCase):
self.assertEqual(command_output, '') self.assertEqual(command_output, '')
u = User.objects.get(username="joe2") u = User.objects.get(username="joe2")
self.assertEquals(u.email, 'joe2@somewhere.org') self.assertEquals(u.email, 'joe2@somewhere.org')
self.assertTrue(u.check_password('')) self.assertFalse(u.has_usable_password())
new_io = StringIO() new_io = StringIO()
call_command("createsuperuser", call_command("createsuperuser",
@ -88,5 +91,5 @@ class BasicTestCase(TestCase):
) )
u = User.objects.get(username="joe+admin@somewhere.org") u = User.objects.get(username="joe+admin@somewhere.org")
self.assertEquals(u.email, 'joe@somewhere.org') self.assertEquals(u.email, 'joe@somewhere.org')
self.assertTrue(u.check_password('')) self.assertFalse(u.has_usable_password())