Ticket #8049: 8049.diff
| File 8049.diff, 10.8 KB (added by , 15 years ago) |
|---|
-
django/contrib/admin/sites.py
=== modified file 'django/contrib/admin/sites.py'
139 139 Returns True if the given HttpRequest has permission to view 140 140 *at least one* page in the admin site. 141 141 """ 142 return request.user.is_ staff142 return request.user.is_active and request.user.is_staff 143 143 144 144 def check_dependencies(self): 145 145 """ -
django/contrib/admin/templates/admin/base.html
=== modified file 'django/contrib/admin/templates/admin/base.html'
22 22 <div id="branding"> 23 23 {% block branding %}{% endblock %} 24 24 </div> 25 {% if user.is_ staff %}25 {% if user.is_active and user.is_staff %} 26 26 <div id="user-tools"> 27 27 {% trans 'Welcome,' %} 28 28 <strong>{% firstof user.first_name user.username %}</strong>. -
django/contrib/admin/views/decorators.py
=== modified file 'django/contrib/admin/views/decorators.py'
28 28 member, displaying the login page if necessary. 29 29 """ 30 30 def _checklogin(request, *args, **kwargs): 31 if request.user.is_ staff:31 if request.user.is_active and request.user.is_staff: 32 32 # The user is valid. Continue to the admin page. 33 33 return view_func(request, *args, **kwargs) 34 34 -
django/contrib/auth/tests/auth_backends.py
=== modified file 'django/contrib/auth/tests/auth_backends.py'
29 29 user.is_superuser = False 30 30 user.save() 31 31 self.assertEqual(user.has_perm('auth.test'), False) 32 user.is_staff = True 33 user.is_superuser = True 34 user.is_active = False 35 user.save() 36 self.assertEqual(user.has_perm('auth.test'), False) 32 37 33 38 def test_custom_perms(self): 34 39 user = User.objects.get(username='test') -
django/core/xheaders.py
=== modified file 'django/core/xheaders.py'
18 18 """ 19 19 from django.conf import settings 20 20 if (request.META.get('REMOTE_ADDR') in settings.INTERNAL_IPS 21 or (hasattr(request, 'user') and request.user.is_a uthenticated()21 or (hasattr(request, 'user') and request.user.is_active 22 22 and request.user.is_staff)): 23 23 response['X-Object-Type'] = "%s.%s" % (model._meta.app_label, model._meta.object_name.lower()) 24 24 response['X-Object-Id'] = str(object_id) -
django/middleware/doc.py
=== modified file 'django/middleware/doc.py'
12 12 indicating the view function. This is used by the documentation module 13 13 to lookup the view function for an arbitrary page. 14 14 """ 15 if request.method == 'HEAD' and (request.META.get('REMOTE_ADDR') in settings.INTERNAL_IPS or request.user.is_staff): 15 if request.method == 'HEAD' and (request.META.get('REMOTE_ADDR') in settings.INTERNAL_IPS or 16 (request.user.is_active and request.user.is_staff)): 16 17 response = http.HttpResponse() 17 18 response['X-View'] = "%s.%s" % (view_func.__module__, view_func.__name__) 18 19 return response -
tests/regressiontests/admin_views/tests.py
=== modified file 'tests/regressiontests/admin_views/tests.py'
602 602 self.failUnlessEqual(logged.object_id, u'1') 603 603 self.client.get('/test_admin/admin/logout/') 604 604 605 def testDisabledPermissionsWhenLoggedIn(self): 606 self.client.login(username='super', password='secret') 607 superuser = User.objects.get(username='super') 608 superuser.is_active = False 609 superuser.save() 610 611 response = self.client.get('/test_admin/admin/') 612 self.assertContains(response, 'id="login-form"') 613 self.assertNotContains(response, 'Log out') 614 615 response = self.client.get('/test_admin/admin/secure-view/') 616 open('/home/maniac/Desktop/response.html', 'w').write(response.content) 617 self.assertContains(response, 'id="login-form"') 618 605 619 class AdminViewStringPrimaryKeyTest(TestCase): 606 620 fixtures = ['admin-views-users.xml', 'string-primary-key.xml'] 607 621 … … 622 636 response = self.client.get('/test_admin/admin/admin_views/modelwithstringprimarykey/%s/history/' % quote(self.pk)) 623 637 self.assertContains(response, escape(self.pk)) 624 638 self.failUnlessEqual(response.status_code, 200) 625 639 626 640 def test_get_change_view(self): 627 641 "Retrieving the object using urlencoded form of primary key should work" 628 642 response = self.client.get('/test_admin/admin/admin_views/modelwithstringprimarykey/%s/' % quote(self.pk)) -
tests/regressiontests/special_headers/fixtures/data.xml
=== added directory 'tests/regressiontests/special_headers' === added file 'tests/regressiontests/special_headers/__init__.py' === added directory 'tests/regressiontests/special_headers/fixtures' === added file 'tests/regressiontests/special_headers/fixtures/data.xml'
1 <?xml version="1.0" encoding="utf-8"?> 2 <django-objects version="1.0"> 3 <object pk="100" model="auth.user"> 4 <field type="CharField" name="username">super</field> 5 <field type="CharField" name="first_name">Super</field> 6 <field type="CharField" name="last_name">User</field> 7 <field type="CharField" name="email">super@example.com</field> 8 <field type="CharField" name="password">sha1$995a3$6011485ea3834267d719b4c801409b8b1ddd0158</field> 9 <field type="BooleanField" name="is_staff">True</field> 10 <field type="BooleanField" name="is_active">True</field> 11 <field type="BooleanField" name="is_superuser">True</field> 12 <field type="DateTimeField" name="last_login">2007-05-30 13:20:10</field> 13 <field type="DateTimeField" name="date_joined">2007-05-30 13:20:10</field> 14 <field to="auth.group" name="groups" rel="ManyToManyRel"></field> 15 <field to="auth.permission" name="user_permissions" rel="ManyToManyRel"></field> 16 </object> 17 <object pk="1" model="special_headers.article"> 18 <field type="TextField" name="text">text</field> 19 </object> 20 </django-objects> -
tests/regressiontests/special_headers/models.py
=== added file 'tests/regressiontests/special_headers/models.py'
1 from django.db import models 2 3 class Article(models.Model): 4 text = models.TextField() -
tests/regressiontests/special_headers/templates/special_headers/article_detail.html
=== added directory 'tests/regressiontests/special_headers/templates' === added directory 'tests/regressiontests/special_headers/templates/special_headers' === added file 'tests/regressiontests/special_headers/templates/special_headers/article_detail.html'
1 {{ object }} -
tests/regressiontests/special_headers/tests.py
=== added file 'tests/regressiontests/special_headers/tests.py'
1 from django.test import TestCase 2 from django.contrib.auth.models import User 3 4 class SpecialHeadersTest(TestCase): 5 fixtures = ['data.xml'] 6 7 def test_xheaders(self): 8 user = User.objects.get(username='super') 9 response = self.client.get('/special_headers/article/1/') 10 # import pdb; pdb.set_trace() 11 self.failUnless('X-Object-Type' not in response) 12 self.client.login(username='super', password='secret') 13 response = self.client.get('/special_headers/article/1/') 14 self.failUnless('X-Object-Type' in response) 15 user.is_staff = False 16 user.save() 17 response = self.client.get('/special_headers/article/1/') 18 self.failUnless('X-Object-Type' not in response) 19 user.is_staff = True 20 user.is_active = False 21 user.save() 22 response = self.client.get('/special_headers/article/1/') 23 self.failUnless('X-Object-Type' not in response) 24 25 def test_xview(self): 26 user = User.objects.get(username='super') 27 response = self.client.head('/special_headers/xview/') 28 self.failUnless('X-View' not in response) 29 self.client.login(username='super', password='secret') 30 response = self.client.head('/special_headers/xview/') 31 self.failUnless('X-View' in response) 32 user.is_staff = False 33 user.save() 34 response = self.client.head('/special_headers/xview/') 35 self.failUnless('X-View' not in response) 36 user.is_staff = True 37 user.is_active = False 38 user.save() 39 response = self.client.head('/special_headers/xview/') 40 self.failUnless('X-View' not in response) -
tests/regressiontests/special_headers/urls.py
=== added file 'tests/regressiontests/special_headers/urls.py'
1 # coding: utf-8 2 from django.conf.urls.defaults import * 3 from django.views.generic.list_detail import object_detail 4 from models import Article 5 import views 6 7 urlpatterns = patterns('', 8 (r'^article/(?P<object_id>\d+)/$', object_detail, {'queryset': Article.objects.all()}), 9 (r'^xview/$', views.xview), 10 ) -
tests/regressiontests/special_headers/views.py
=== added file 'tests/regressiontests/special_headers/views.py'
1 # -*- coding:utf-8 -*- 2 from django.http import HttpResponse 3 from django.utils.decorators import decorator_from_middleware 4 from django.middleware.doc import XViewMiddleware 5 6 xview_dec = decorator_from_middleware(XViewMiddleware) 7 8 def xview(request): 9 return HttpResponse() 10 xview = xview_dec(xview) -
tests/urls.py
=== modified file 'tests/urls.py'
35 35 36 36 # conditional get views 37 37 (r'condition/', include('regressiontests.conditional_processing.urls')), 38 39 # special headers views 40 (r'special_headers/', include('regressiontests.special_headers.urls')), 38 41 )