Ticket #18182: 18182-3.diff

File 18182-3.diff, 4.6 KB (added by claudep, 3 years ago)

Proper display in ReadOnlyPasswordHashWidget

  • django/contrib/auth/forms.py

    diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py
    index 780b0c0..b61d149 100644
    a b class ReadOnlyPasswordHashWidget(forms.Widget): 
    2020    def render(self, name, value, attrs):
    2121        encoded = value
    2222
    23         if not is_password_usable(encoded):
    24             return "None"
    25 
    2623        final_attrs = self.build_attrs(attrs)
    2724
    28         try:
    29             hasher = identify_hasher(encoded)
    30         except ValueError:
    31             summary = "<strong>Invalid password format or unknown hashing algorithm.</strong>"
     25        if encoded == UNUSABLE_PASSWORD:
     26            summary = "<strong>%s</strong>" % ugettext(
     27                "Unusable password, the user cannot login.")
    3228        else:
    33             summary = ""
    34             for key, value in hasher.safe_summary(encoded).iteritems():
    35                 summary += "<strong>%(key)s</strong>: %(value)s " % {"key": ugettext(key), "value": value}
     29            try:
     30                hasher = identify_hasher(encoded)
     31            except ValueError:
     32                summary = "<strong>%s</strong>" % ugettext(
     33                    "Invalid password format or unknown hashing algorithm.")
     34            else:
     35                summary = ""
     36                for key, value in hasher.safe_summary(encoded).iteritems():
     37                    summary += "<strong>%(key)s</strong>: %(value)s " % {"key": ugettext(key), "value": value}
    3638
    3739        return mark_safe("<div%(attrs)s>%(summary)s</div>" % {"attrs": flatatt(final_attrs), "summary": summary})
    3840
  • django/contrib/auth/hashers.py

    diff --git a/django/contrib/auth/hashers.py b/django/contrib/auth/hashers.py
    index 96ec40b..18a11a4 100644
    a b def reset_hashers(**kwargs): 
    2727
    2828
    2929def is_password_usable(encoded):
    30     return (encoded is not None and encoded != UNUSABLE_PASSWORD)
     30    if encoded is None or encoded == UNUSABLE_PASSWORD:
     31        return False
     32    try:
     33        hasher = identify_hasher(encoded)
     34    except ValueError:
     35        return False
     36    return True
    3137
    3238
    3339def check_password(password, encoded, setter=None, preferred='default'):
  • django/contrib/auth/tests/forms.py

    diff --git a/django/contrib/auth/tests/forms.py b/django/contrib/auth/tests/forms.py
    index 2ab8958..f3d9bfb 100644
    a b class UserChangeFormTest(TestCase): 
    234234        # Just check we can create it
    235235        form = MyUserForm({})
    236236
     237    def test_unsuable_password(self):
     238        user = User.objects.get(username='empty_password')
     239        user.set_unusable_password()
     240        user.save()
     241        form = UserChangeForm(instance=user)
     242        self.assertIn(_("Unusable password, the user cannot login."),
     243            form.as_table())
     244
    237245    def test_bug_17944_empty_password(self):
    238246        user = User.objects.get(username='empty_password')
    239247        form = UserChangeForm(instance=user)
    240         # Just check that no error is raised.
    241         form.as_table()
     248        self.assertIn(_("Invalid password format or unknown hashing algorithm."),
     249            form.as_table())
    242250
    243251    def test_bug_17944_unmanageable_password(self):
    244252        user = User.objects.get(username='unmanageable_password')
    245253        form = UserChangeForm(instance=user)
    246         # Just check that no error is raised.
    247         form.as_table()
     254        self.assertIn(_("Invalid password format or unknown hashing algorithm."),
     255            form.as_table())
    248256
    249257    def test_bug_17944_unknown_password_algorithm(self):
    250258        user = User.objects.get(username='unknown_password')
    251259        form = UserChangeForm(instance=user)
    252         # Just check that no error is raised.
    253         form.as_table()
     260        self.assertIn(_("Invalid password format or unknown hashing algorithm."),
     261            form.as_table())
    254262
    255263
    256264@override_settings(USE_TZ=False, PASSWORD_HASHERS=('django.contrib.auth.hashers.SHA1PasswordHasher',))
  • django/contrib/auth/tests/hashers.py

    diff --git a/django/contrib/auth/tests/hashers.py b/django/contrib/auth/tests/hashers.py
    index 673263b..d867a57 100644
    a b class TestUtilsHashPass(unittest.TestCase): 
    100100        self.assertRaises(ValueError, doit)
    101101        self.assertRaises(ValueError, identify_hasher, "lolcat$salt$hash")
    102102
     103    def test_bad_encoded(self):
     104        self.assertFalse(is_password_usable('letmein_badencoded'))
     105        self.assertFalse(is_password_usable(''))
     106
    103107    def test_low_level_pkbdf2(self):
    104108        hasher = PBKDF2PasswordHasher()
    105109        encoded = hasher.encode('letmein', 'seasalt')
Back to Top