diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py old mode 100644 new mode 100755 index 83a0869..304df5c --- a/django/contrib/admin/sites.py +++ b/django/contrib/admin/sites.py @@ -14,6 +14,8 @@ from django.utils.text import capfirst from django.utils.translation import ugettext as _ from django.views.decorators.cache import never_cache from django.conf import settings +from django.http import HttpResponseRedirect + LOGIN_FORM_KEY = 'this_is_the_login_form' @@ -188,6 +190,8 @@ class AdminSite(object): """ def inner(request, *args, **kwargs): if not self.has_permission(request): + if request.path.endswith(reverse('admin:logout')): + return HttpResponseRedirect(reverse('admin:index')) return self.login(request) return view(request, *args, **kwargs) if not cacheable: diff --git a/tests/regressiontests/admin_views/tests.py b/tests/regressiontests/admin_views/tests.py old mode 100644 new mode 100755 index 6037c2b..4ef3e9d --- a/tests/regressiontests/admin_views/tests.py +++ b/tests/regressiontests/admin_views/tests.py @@ -3351,3 +3351,31 @@ class AdminCustomSaveRelatedTests(TestCase): self.assertEqual('Josh Stone', Parent.objects.latest('id').name) self.assertEqual([u'Catherine Stone', u'Paul Stone'], children_names) + +class AdminViewLogoutTest(TestCase): + urls = "regressiontests.admin_views.urls" + fixtures = ['admin-views-users.xml', ] + + def setUp(self): + self.client.login(username='super', password='secret') + + def tearDown(self): + self.client.logout() + + def test_client_logout_url_can_be_used_to_login(self): + response = self.client.get('/test_admin/admin/logout/') + self.assertEqual(response.status_code, 200) + self.assertEqual(response.template_name, 'registration/logged_out.html') + self.assertEqual(response.request['PATH_INFO'], '/test_admin/admin/logout/') + + # we are now logged out - issue a GET request to `/test_admin/admin/logout/` + response = self.client.get('/test_admin/admin/logout/') + self.assertEqual(response.status_code, 302) # we should be redirected to the login page. + + response = self.client.get('/test_admin/admin/logout/', follow=True) # follow the redirect and test results. + self.assertEqual(response.status_code, 200) + self.assertEqual(response.template_name, 'admin/login.html') + self.assertEqual(response.request['PATH_INFO'], '/test_admin/admin/') + + self.assertTrue( + '' in response.content)