diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py index 631b8713068..43aa691fcae 100644 --- a/django/contrib/admin/sites.py +++ b/django/contrib/admin/sites.py @@ -18,8 +18,6 @@ from django.utils.hashcompat import md5_constructor ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. Note that both fields are case-sensitive.") LOGIN_FORM_KEY = 'this_is_the_login_form' -USER_CHANGE_PASSWORD_URL_RE = re.compile('auth/user/(\d+)/password') - class AlreadyRegistered(Exception): pass @@ -170,10 +168,6 @@ class AdminSite(object): from django.views.defaults import shortcut return shortcut(request, *url.split('/')[1:]) else: - match = USER_CHANGE_PASSWORD_URL_RE.match(url) - if match: - return self.user_change_password(request, match.group(1)) - if '/' in url: return self.model_page(request, *url.split('/', 2)) @@ -209,13 +203,6 @@ class AdminSite(object): from django.contrib.auth.views import password_change_done return password_change_done(request) - def user_change_password(self, request, id): - """ - Handles the "user change password" task - """ - from django.contrib.auth.views import user_change_password - return user_change_password(request, id) - def i18n_javascript(self, request): """ Displays the i18n JavaScript that the Django admin requires. diff --git a/django/contrib/auth/admin.py b/django/contrib/auth/admin.py index d554914a621..85a183aeea1 100644 --- a/django/contrib/auth/admin.py +++ b/django/contrib/auth/admin.py @@ -1,10 +1,13 @@ + from django.contrib.auth.models import User, Group from django.core.exceptions import PermissionDenied from django import template -from django.shortcuts import render_to_response +from django.shortcuts import render_to_response, get_object_or_404 +from django.template import RequestContext +from django.utils.html import escape from django.http import HttpResponseRedirect from django.utils.translation import ugettext, ugettext_lazy as _ -from django.contrib.auth.forms import UserCreationForm +from django.contrib.auth.forms import UserCreationForm, AdminPasswordChangeForm from django.contrib import admin class GroupAdmin(admin.ModelAdmin): @@ -21,12 +24,22 @@ class UserAdmin(admin.ModelAdmin): (_('Groups'), {'fields': ('groups',)}), ) add_form = UserCreationForm + change_password_form = AdminPasswordChangeForm list_display = ('username', 'email', 'first_name', 'last_name', 'is_staff') list_filter = ('is_staff', 'is_superuser') search_fields = ('username', 'first_name', 'last_name', 'email') ordering = ('username',) filter_horizontal = ('user_permissions',) - + + def __call__(self, request, url): + # this should not be here, but must be due to the way __call__ routes + # in ModelAdmin. + if url is None: + return self.changelist_view(request) + if url.endswith('password'): + return self.user_change_password(request, url.split('/')[0]) + return super(UserAdmin, self).__call__(request, url) + def add_view(self, request): if not self.has_change_permission(request): raise PermissionDenied @@ -60,6 +73,36 @@ class UserAdmin(admin.ModelAdmin): 'username_help_text': self.model._meta.get_field('username').help_text, 'root_path': self.admin_site.root_path, }, context_instance=template.RequestContext(request)) + + def user_change_password(self, request, id): + if not request.user.has_perm('auth.change_user'): + raise PermissionDenied + user = get_object_or_404(self.model, pk=id) + if request.method == 'POST': + form = self.change_password_form(user, request.POST) + if form.is_valid(): + new_user = form.save() + msg = ugettext('Password changed successfully.') + request.user.message_set.create(message=msg) + return HttpResponseRedirect('..') + else: + form = self.change_password_form(user) + return render_to_response('admin/auth/user/change_password.html', { + 'title': _('Change password: %s') % escape(user.username), + 'form': form, + 'is_popup': '_popup' in request.REQUEST, + 'add': True, + 'change': False, + 'has_delete_permission': False, + 'has_change_permission': True, + 'has_absolute_url': False, + 'opts': self.model._meta, + 'original': user, + 'save_as': False, + 'show_save': True, + 'root_path': self.admin_site.root_path, + }, context_instance=RequestContext(request)) + admin.site.register(Group, GroupAdmin) admin.site.register(User, UserAdmin) diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py index e503f87caad..d7aa05b8cb3 100644 --- a/django/contrib/auth/views.py +++ b/django/contrib/auth/views.py @@ -149,33 +149,3 @@ password_change = login_required(password_change) def password_change_done(request, template_name='registration/password_change_done.html'): return render_to_response(template_name, context_instance=RequestContext(request)) - -# TODO: move to admin.py in the ModelAdmin -def user_change_password(request, id): - if not request.user.has_perm('auth.change_user'): - raise PermissionDenied - user = get_object_or_404(User, pk=id) - if request.method == 'POST': - form = AdminPasswordChangeForm(user, request.POST) - if form.is_valid(): - new_user = form.save() - msg = _('Password changed successfully.') - request.user.message_set.create(message=msg) - return HttpResponseRedirect('..') - else: - form = AdminPasswordChangeForm(user) - return render_to_response('admin/auth/user/change_password.html', { - 'title': _('Change password: %s') % escape(user.username), - 'form': form, - 'is_popup': '_popup' in request.REQUEST, - 'add': True, - 'change': False, - 'has_delete_permission': False, - 'has_change_permission': True, - 'has_absolute_url': False, - 'opts': User._meta, - 'original': user, - 'save_as': False, - 'show_save': True, - 'root_path': re.sub('auth/user/(\d+)/password/$', '', request.path), - }, context_instance=RequestContext(request))