Ticket #17944: ReadOnlyPasswordHashWidget_0.1.patch

File ReadOnlyPasswordHashWidget_0.1.patch, 3.9 KB (added by saxix, 3 years ago)
  • django/contrib/auth/tests/forms.py

     
    236236        # Just check we can create it
    237237        form = MyUserForm({})
    238238
     239    def test_bug_17944_empty_password(self):
     240        # Unable to access to User record in the admin if the user has a unmanageable password
     241        user = User.objects.get(username='empty_password')
     242        form = UserChangeForm(instance=user)
     243        # just check no error is raised
     244        form.as_table()
     245
     246    def test_bug_17944_unmanageable_password(self):
     247        # Unable to access to User record in the admin if the user has a unmanageable password
     248        user = User.objects.get(username='unmanageable_password')
     249        form = UserChangeForm(instance=user)
     250        #just check no error is raised
     251        form.as_table()
     252
     253
    239254UserChangeFormTest = override_settings(USE_TZ=False)(UserChangeFormTest)
    240255
    241256
  • django/contrib/auth/fixtures/authtestdata.json

     
    5252            "email": "staffmember@example.com",
    5353            "date_joined": "2006-12-17 07:03:31"
    5454        }
     55    },
     56    {
     57        "pk": "4",
     58        "model": "auth.user",
     59        "fields": {
     60            "username": "empty_password",
     61            "first_name": "Empty",
     62            "last_name": "Password",
     63            "is_active": true,
     64            "is_superuser": false,
     65            "is_staff": true,
     66            "last_login": "2006-12-17 07:03:31",
     67            "groups": [],
     68            "user_permissions": [],
     69            "password": "",
     70            "email": "empty_password@example.com",
     71            "date_joined": "2006-12-17 07:03:31"
     72        }
     73    },
     74    {
     75        "pk": "5",
     76        "model": "auth.user",
     77        "fields": {
     78            "username": "unmanageable_password",
     79            "first_name": "Unmanageable",
     80            "last_name": "Password",
     81            "is_active": true,
     82            "is_superuser": false,
     83            "is_staff": true,
     84            "last_login": "2006-12-17 07:03:31",
     85            "groups": [],
     86            "user_permissions": [],
     87            "password": "$",
     88            "email": "unmanageable_password@example.com",
     89            "date_joined": "2006-12-17 07:03:31"
     90        }
    5591    }
    5692]
  • django/contrib/auth/forms.py

     
    2828
    2929        encoded = smart_str(encoded)
    3030
    31         if len(encoded) == 32 and '$' not in encoded:
    32             hasher = get_hasher('unsalted_md5')
     31        try:
     32            if len(encoded) == 32 and '$' not in encoded:
     33                hasher = get_hasher('unsalted_md5')
     34            else:
     35                algorithm = encoded.split('$', 1)[0]
     36                hasher = get_hasher(algorithm)
     37        except ValueError:
     38            summary = "<strong>%s</strong>" % ugettext('Unknown password hashing algorithm')
    3339        else:
    34             algorithm = encoded.split('$', 1)[0]
    35             hasher = get_hasher(algorithm)
     40            summary = ""
     41            for key, value in hasher.safe_summary(encoded).iteritems():
     42                summary += "<strong>%(key)s</strong>: %(value)s " % {"key": ugettext(key), "value": value}
    3643
    37         summary = ""
    38         for key, value in hasher.safe_summary(encoded).iteritems():
    39             summary += "<strong>%(key)s</strong>: %(value)s " % {"key": ugettext(key), "value": value}
    40 
    4144        return mark_safe("<div%(attrs)s>%(summary)s</div>" % {"attrs": flatatt(final_attrs), "summary": summary})
    4245
    4346
Back to Top