#10694 closed (fixed)
user_change_password in UserAdmin should lookup change permission
Reported by: | james Turnbull | Owned by: | nobody |
---|---|---|---|
Component: | contrib.admin | Version: | dev |
Severity: | Keywords: | ||
Cc: | Triage Stage: | Ready for checkin | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
When subclassing UserAdmin the internal user_change_password view has a hardcoded "auth.change_user" permission check.
That requires the user to have edit permissions for the user model aswell as the subclass.
It should instead use the local has_change_permission check, which is neater anyway. Attached patch fixes this.
Attachments (1)
Change History (5)
by , 16 years ago
Attachment: | user_change_password_permissions.diff added |
---|
comment:1 by , 16 years ago
milestone: | → 1.1 |
---|---|
Triage Stage: | Unreviewed → Accepted |
comment:2 by , 16 years ago
Triage Stage: | Accepted → Ready for checkin |
---|
comment:3 by , 16 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
(In [10591]) Fixed #10694: correctly check permissions in the change password admin. Thanks, jturnbull.