Fixed #26035 -- Prevented user-tools from appearing on admin logout page.
This commit is contained in:
Scott Pashley
Tim Graham
parent
62e83c71d2
commit
7cc2efc2d6
1
AUTHORS
1
AUTHORS
|
|
@ -641,6 +641,7 @@ answer newbie questions, and generally made Django that much better:
|
|||
schwank@gmail.com
|
||||
Scot Hacker <shacker@birdhouse.org>
|
||||
Scott Barr <scott@divisionbyzero.com.au>
|
||||
Scott Pashley <github@scottpashley.co.uk>
|
||||
scott@staplefish.com
|
||||
Sean Brant
|
||||
Sebastian Hillig <sebastian.hillig@gmail.com>
|
||||
|
|
|
|||
|
|
@ -372,7 +372,13 @@ class AdminSite(object):
|
|||
"""
|
||||
from django.contrib.auth.views import logout
|
||||
defaults = {
|
||||
'extra_context': dict(self.each_context(request), **(extra_context or {})),
|
||||
'extra_context': dict(
|
||||
self.each_context(request),
|
||||
# Since the user isn't logged out at this point, the value of
|
||||
# has_permission must be overridden.
|
||||
has_permission=False,
|
||||
**(extra_context or {})
|
||||
),
|
||||
}
|
||||
if self.logout_template is not None:
|
||||
defaults['template_name'] = self.logout_template
|
||||
|
|
|
|||
|
|
@ -9,4 +9,5 @@ Django 1.8.9 fixes several bugs in 1.8.8.
|
|||
Bugfixes
|
||||
========
|
||||
|
||||
* ...
|
||||
* Fixed a regression that caused the "user-tools" items to display on the
|
||||
admin's logout page (:ticket:`26035`).
|
||||
|
|
|
|||
|
|
@ -11,3 +11,6 @@ Bugfixes
|
|||
|
||||
* Fixed a regression in ``ConditionalGetMiddleware`` causing ``If-None-Match`` checks
|
||||
to always return HTTP 200 (:ticket:`26024`).
|
||||
|
||||
* Fixed a regression that caused the "user-tools" items to display on the
|
||||
admin's logout page (:ticket:`26035`).
|
||||
|
|
|
|||
|
|
@ -5442,7 +5442,7 @@ class AdminCustomSaveRelatedTests(TestCase):
|
|||
|
||||
@override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher'],
|
||||
ROOT_URLCONF="admin_views.urls")
|
||||
class AdminViewLogoutTest(TestCase):
|
||||
class AdminViewLogoutTests(TestCase):
|
||||
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
|
|
@ -5453,16 +5453,16 @@ class AdminViewLogoutTest(TestCase):
|
|||
is_staff=True, is_active=True, date_joined=datetime.datetime(2007, 5, 30, 13, 20, 10)
|
||||
)
|
||||
|
||||
def setUp(self):
|
||||
def test_logout(self):
|
||||
self.client.force_login(self.superuser)
|
||||
|
||||
def test_client_logout_url_can_be_used_to_login(self):
|
||||
response = self.client.get(reverse('admin:logout'))
|
||||
self.assertEqual(response.status_code, 200)
|
||||
self.assertTemplateUsed(response, 'registration/logged_out.html')
|
||||
self.assertEqual(response.request['PATH_INFO'], reverse('admin:logout'))
|
||||
self.assertFalse(response.context['has_permission'])
|
||||
self.assertNotContains(response, 'user-tools') # user-tools div shouldn't visible.
|
||||
|
||||
# we are now logged out
|
||||
def test_client_logout_url_can_be_used_to_login(self):
|
||||
response = self.client.get(reverse('admin:logout'))
|
||||
self.assertEqual(response.status_code, 302) # we should be redirected to the login page.
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue