Opened 16 years ago

Closed 16 years ago

Last modified 13 years ago

#10694 closed (fixed)

user_change_password in UserAdmin should lookup change permission

Reported by: james Turnbull Owned by: nobody
Component: contrib.admin Version: dev
Severity: Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

When subclassing UserAdmin the internal user_change_password view has a hardcoded "auth.change_user" permission check.

That requires the user to have edit permissions for the user model aswell as the subclass.

It should instead use the local has_change_permission check, which is neater anyway. Attached patch fixes this.

Attachments (1)

user_change_password_permissions.diff (574 bytes ) - added by james Turnbull 16 years ago.

Download all attachments as: .zip

Change History (5)

by james Turnbull, 16 years ago

comment:1 by Jacob, 16 years ago

milestone: 1.1
Triage Stage: UnreviewedAccepted

comment:2 by Alex Gaynor, 16 years ago

Triage Stage: AcceptedReady for checkin

comment:3 by Jacob, 16 years ago

Resolution: fixed
Status: newclosed

(In [10591]) Fixed #10694: correctly check permissions in the change password admin. Thanks, jturnbull.

comment:4 by Jacob, 13 years ago

milestone: 1.1

Milestone 1.1 deleted

Note: See TracTickets for help on using tickets.
Back to Top