diff --git a/AUTHORS b/AUTHORS index aca7fc81eb8..271de3aa355 100644 --- a/AUTHORS +++ b/AUTHORS @@ -235,6 +235,7 @@ answer newbie questions, and generally made Django that much better: Finn Gruwier Larsen flavio.curella@gmail.com Florian Apolloner + Francisco Albarran Cristobal Frank Tegtmeyer Frank Wierzbicki Frantisek Malina diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py index dba23e137c7..ad46c5ce7cd 100644 --- a/django/contrib/auth/models.py +++ b/django/contrib/auth/models.py @@ -132,28 +132,33 @@ class Group(models.Model): class UserManager(BaseUserManager): use_in_migrations = True - def _create_user(self, username, email, password, - is_staff, is_superuser, **extra_fields): + def _create_user(self, username, email, password, **extra_fields): """ Creates and saves a User with the given username, email and password. """ if not username: raise ValueError('The given username must be set') email = self.normalize_email(email) - user = self.model(username=username, email=email, - is_staff=is_staff, is_superuser=is_superuser, - **extra_fields) + user = self.model(username=username, email=email, **extra_fields) user.set_password(password) user.save(using=self._db) return user def create_user(self, username, email=None, password=None, **extra_fields): - return self._create_user(username, email, password, False, False, - **extra_fields) + extra_fields.setdefault('is_staff', False) + extra_fields.setdefault('is_superuser', False) + return self._create_user(username, email, password, **extra_fields) def create_superuser(self, username, email, password, **extra_fields): - return self._create_user(username, email, password, True, True, - **extra_fields) + extra_fields.setdefault('is_staff', True) + extra_fields.setdefault('is_superuser', True) + + if extra_fields.get('is_staff') is not True: + raise ValueError('Superuser must have is_staff=True.') + if extra_fields.get('is_superuser') is not True: + raise ValueError('Superuser must have is_superuser=True.') + + return self._create_user(username, email, password, **extra_fields) # A few helper functions for common logic between User and AnonymousUser. diff --git a/tests/auth_tests/test_models.py b/tests/auth_tests/test_models.py index 62c38ed5783..c02414b385a 100644 --- a/tests/auth_tests/test_models.py +++ b/tests/auth_tests/test_models.py @@ -165,6 +165,27 @@ class UserManagerTestCase(TestCase): User.objects.create_user, username='' ) + def test_create_user_is_staff(self): + email = 'normal@normal.com' + user = User.objects.create_user('user', email, is_staff=True) + self.assertEqual(user.email, email) + self.assertEqual(user.username, 'user') + self.assertTrue(user.is_staff) + + def test_create_super_user_raises_error_on_false_is_superuser(self): + with self.assertRaisesMessage(ValueError, 'Superuser must have is_superuser=True.'): + User.objects.create_superuser( + username='test', email='test@test.com', + password='test', is_superuser=False, + ) + + def test_create_superuser_raises_error_on_false_is_staff(self): + with self.assertRaisesMessage(ValueError, 'Superuser must have is_staff=True.'): + User.objects.create_superuser( + username='test', email='test@test.com', + password='test', is_staff=False, + ) + class AbstractUserTestCase(TestCase): def test_email_user(self):