From 03eeb020a00dedba2594326bd606d8b41d51e80f Mon Sep 17 00:00:00 2001
From: Jannis Leidel <jannis@leidel.info>
Date: Thu, 9 Feb 2012 18:56:23 +0000
Subject: [PATCH] Fixed #159 -- Prevent the `AdminSite` from logging users out
 when they try to log in form the logout page. Many thanks, ashchristopher.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17465 bcc190cf-cafb-0310-a4f2-bffc1f526a37
---
 django/contrib/admin/sites.py              |  8 +++++--
 tests/regressiontests/admin_views/tests.py | 28 ++++++++++++++++++++++
 2 files changed, 34 insertions(+), 2 deletions(-)
 mode change 100644 => 100755 django/contrib/admin/sites.py
 mode change 100644 => 100755 tests/regressiontests/admin_views/tests.py

diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py
old mode 100644
new mode 100755
index 83a08699c2..4bb6440877
--- a/django/contrib/admin/sites.py
+++ b/django/contrib/admin/sites.py
@@ -1,5 +1,5 @@
 from functools import update_wrapper
-from django import http
+from django.http import Http404, HttpResponseRedirect
 from django.contrib.admin import ModelAdmin, actions
 from django.contrib.admin.forms import AdminAuthenticationForm
 from django.contrib.auth import REDIRECT_FIELD_NAME
@@ -188,6 +188,10 @@ class AdminSite(object):
         """
         def inner(request, *args, **kwargs):
             if not self.has_permission(request):
+                if request.path == reverse('admin:logout',
+                                           current_app=self.name):
+                    index_path = reverse('admin:index', current_app=self.name)
+                    return HttpResponseRedirect(index_path)
                 return self.login(request)
             return view(request, *args, **kwargs)
         if not cacheable:
@@ -421,7 +425,7 @@ class AdminSite(object):
                                 'models': [model_dict],
                             }
         if not app_dict:
-            raise http.Http404('The requested admin page does not exist.')
+            raise Http404('The requested admin page does not exist.')
         # Sort the models alphabetically within each app.
         app_dict['models'].sort(key=lambda x: x['name'])
         context = {
diff --git a/tests/regressiontests/admin_views/tests.py b/tests/regressiontests/admin_views/tests.py
old mode 100644
new mode 100755
index ab40c698de..6b001e97ab
--- a/tests/regressiontests/admin_views/tests.py
+++ b/tests/regressiontests/admin_views/tests.py
@@ -3385,3 +3385,31 @@ class AdminCustomSaveRelatedTests(TestCase):
 
         self.assertEqual('Josh Stone', Parent.objects.latest('id').name)
         self.assertEqual([u'Catherine Stone', u'Paul Stone'], children_names)
+
+
+class AdminViewLogoutTest(TestCase):
+    urls = "regressiontests.admin_views.urls"
+    fixtures = ['admin-views-users.xml']
+
+    def setUp(self):
+        self.client.login(username='super', password='secret')
+
+    def tearDown(self):
+        self.client.logout()
+
+    def test_client_logout_url_can_be_used_to_login(self):
+        response = self.client.get('/test_admin/admin/logout/')
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.template_name, 'registration/logged_out.html')
+        self.assertEqual(response.request['PATH_INFO'], '/test_admin/admin/logout/')
+
+        # we are now logged out
+        response = self.client.get('/test_admin/admin/logout/')
+        self.assertEqual(response.status_code, 302)  # we should be redirected to the login page.
+
+        # follow the redirect and test results.
+        response = self.client.get('/test_admin/admin/logout/', follow=True)
+        self.assertEqual(response.status_code, 200)
+        self.assertEqual(response.template_name, 'admin/login.html')
+        self.assertEqual(response.request['PATH_INFO'], '/test_admin/admin/')
+        self.assertContains(response, '<input type="hidden" name="next" value="/test_admin/admin/" />')