Fixed #17944 -- Prevented an error in the user change page of the admin when the content of the password field doesn't match the expected format. Thanks saxix for the report and initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17775 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Aymeric Augustin
parent
1e28567e0d
commit
a8d0fc1001
|
|
@ -52,5 +52,59 @@
|
||||||
"email": "staffmember@example.com",
|
"email": "staffmember@example.com",
|
||||||
"date_joined": "2006-12-17 07:03:31"
|
"date_joined": "2006-12-17 07:03:31"
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"pk": "4",
|
||||||
|
"model": "auth.user",
|
||||||
|
"fields": {
|
||||||
|
"username": "empty_password",
|
||||||
|
"first_name": "Empty",
|
||||||
|
"last_name": "Password",
|
||||||
|
"is_active": true,
|
||||||
|
"is_superuser": false,
|
||||||
|
"is_staff": false,
|
||||||
|
"last_login": "2006-12-17 07:03:31",
|
||||||
|
"groups": [],
|
||||||
|
"user_permissions": [],
|
||||||
|
"password": "",
|
||||||
|
"email": "empty_password@example.com",
|
||||||
|
"date_joined": "2006-12-17 07:03:31"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"pk": "5",
|
||||||
|
"model": "auth.user",
|
||||||
|
"fields": {
|
||||||
|
"username": "unmanageable_password",
|
||||||
|
"first_name": "Unmanageable",
|
||||||
|
"last_name": "Password",
|
||||||
|
"is_active": true,
|
||||||
|
"is_superuser": false,
|
||||||
|
"is_staff": false,
|
||||||
|
"last_login": "2006-12-17 07:03:31",
|
||||||
|
"groups": [],
|
||||||
|
"user_permissions": [],
|
||||||
|
"password": "$",
|
||||||
|
"email": "unmanageable_password@example.com",
|
||||||
|
"date_joined": "2006-12-17 07:03:31"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"pk": "6",
|
||||||
|
"model": "auth.user",
|
||||||
|
"fields": {
|
||||||
|
"username": "unknown_password",
|
||||||
|
"first_name": "Unknown",
|
||||||
|
"last_name": "Password",
|
||||||
|
"is_active": true,
|
||||||
|
"is_superuser": false,
|
||||||
|
"is_staff": false,
|
||||||
|
"last_login": "2006-12-17 07:03:31",
|
||||||
|
"groups": [],
|
||||||
|
"user_permissions": [],
|
||||||
|
"password": "foo$bar",
|
||||||
|
"email": "unknown_password@example.com",
|
||||||
|
"date_joined": "2006-12-17 07:03:31"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -29,14 +29,18 @@ class ReadOnlyPasswordHashWidget(forms.Widget):
|
||||||
encoded = smart_str(encoded)
|
encoded = smart_str(encoded)
|
||||||
|
|
||||||
if len(encoded) == 32 and '$' not in encoded:
|
if len(encoded) == 32 and '$' not in encoded:
|
||||||
hasher = get_hasher('unsalted_md5')
|
algorithm = 'unsalted_md5'
|
||||||
else:
|
else:
|
||||||
algorithm = encoded.split('$', 1)[0]
|
algorithm = encoded.split('$', 1)[0]
|
||||||
hasher = get_hasher(algorithm)
|
|
||||||
|
|
||||||
summary = ""
|
try:
|
||||||
for key, value in hasher.safe_summary(encoded).iteritems():
|
hasher = get_hasher(algorithm)
|
||||||
summary += "<strong>%(key)s</strong>: %(value)s " % {"key": ugettext(key), "value": value}
|
except ValueError:
|
||||||
|
summary = "<strong>%s</strong>" % ugettext("Invalid password format or unknown hashing algorithm.")
|
||||||
|
else:
|
||||||
|
summary = ""
|
||||||
|
for key, value in hasher.safe_summary(encoded).iteritems():
|
||||||
|
summary += "<strong>%(key)s</strong>: %(value)s " % {"key": ugettext(key), "value": value}
|
||||||
|
|
||||||
return mark_safe("<div%(attrs)s>%(summary)s</div>" % {"attrs": flatatt(final_attrs), "summary": summary})
|
return mark_safe("<div%(attrs)s>%(summary)s</div>" % {"attrs": flatatt(final_attrs), "summary": summary})
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -65,7 +65,6 @@ class UserCreationFormTest(TestCase):
|
||||||
|
|
||||||
def test_success(self):
|
def test_success(self):
|
||||||
# The success case.
|
# The success case.
|
||||||
|
|
||||||
data = {
|
data = {
|
||||||
'username': 'jsmith@example.com',
|
'username': 'jsmith@example.com',
|
||||||
'password1': 'test123',
|
'password1': 'test123',
|
||||||
|
|
@ -236,6 +235,25 @@ class UserChangeFormTest(TestCase):
|
||||||
# Just check we can create it
|
# Just check we can create it
|
||||||
form = MyUserForm({})
|
form = MyUserForm({})
|
||||||
|
|
||||||
|
def test_bug_17944_empty_password(self):
|
||||||
|
user = User.objects.get(username='empty_password')
|
||||||
|
form = UserChangeForm(instance=user)
|
||||||
|
# Just check that no error is raised.
|
||||||
|
form.as_table()
|
||||||
|
|
||||||
|
def test_bug_17944_unmanageable_password(self):
|
||||||
|
user = User.objects.get(username='unmanageable_password')
|
||||||
|
form = UserChangeForm(instance=user)
|
||||||
|
# Just check that no error is raised.
|
||||||
|
form.as_table()
|
||||||
|
|
||||||
|
def test_bug_17944_unknown_password_algorithm(self):
|
||||||
|
user = User.objects.get(username='unknown_password')
|
||||||
|
form = UserChangeForm(instance=user)
|
||||||
|
# Just check that no error is raised.
|
||||||
|
form.as_table()
|
||||||
|
|
||||||
|
|
||||||
UserChangeFormTest = override_settings(USE_TZ=False)(UserChangeFormTest)
|
UserChangeFormTest = override_settings(USE_TZ=False)(UserChangeFormTest)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue