#10694 closed (fixed)
user_change_password in UserAdmin should lookup change permission
| Reported by: | james Turnbull | Owned by: | nobody |
|---|---|---|---|
| Component: | contrib.admin | Version: | dev |
| Severity: | Keywords: | ||
| Cc: | Triage Stage: | Ready for checkin | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
When subclassing UserAdmin the internal user_change_password view has a hardcoded "auth.change_user" permission check.
That requires the user to have edit permissions for the user model aswell as the subclass.
It should instead use the local has_change_permission check, which is neater anyway. Attached patch fixes this.
Attachments (1)
Change History (5)
by , 17 years ago
| Attachment: | user_change_password_permissions.diff added |
|---|
comment:1 by , 17 years ago
| milestone: | → 1.1 |
|---|---|
| Triage Stage: | Unreviewed → Accepted |
comment:2 by , 17 years ago
| Triage Stage: | Accepted → Ready for checkin |
|---|
comment:3 by , 17 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
(In [10591]) Fixed #10694: correctly check permissions in the change password admin. Thanks, jturnbull.