Context Navigation

← Previous Ticket
Next Ticket →

#29628 closed Bug (fixed)

createsuperuser does not validate password against username or other required fields

Reported by:	Josh Schneier	Owned by:	Josh Schneier
Component:	contrib.auth	Version:	2.1
Severity:	Normal	Keywords:
Cc:		Triage Stage:	Accepted
Has patch:	yes	Needs documentation:	no
Needs tests:	no	Patch needs improvement:	no
Easy pickings:	no	UI/UX:	no

Description

Change History (8)

comment:1 by Josh Schneier, 6 years ago

Owner:	changed from nobody to Josh Schneier
Status:	new → assigned

comment:2 by Tim Graham, 6 years ago

Summary:	Createsuperuser does not validate password against username or other required fields → createsuperuser does not validate password against username or other required fields

It looks to me like it does (as of 53d28f83390aed98fab4eed187eaf1edaa92c6d0). Is there a bug with the fake_user_data approach?

comment:3 by Josh Schneier, 6 years ago

Username isn’t included in fake user data and the validation runs inside of the for loop before all fields can be collected. I have failing test cases I just pushed up in a PR.

comment:4 by Tim Graham, 6 years ago

Triage Stage:	Unreviewed → Accepted

comment:5 by Tim Graham, 6 years ago

Has patch:	set

comment:6 by Tim Graham <timograham@…>, 6 years ago

Resolution:	→ fixed
Status:	assigned → closed

In 793e9bb3:

Fixed #29628 -- Made createsuperuser validate password against username and required fields.

comment:7 by GitHub <noreply@…>, 3 years ago

In da266b3:

Refs #29628, Refs #33178 -- Made createsuperuser validate password against required fields passed in options.

comment:8 by Mariusz Felisiak <felisiak.mariusz@…>, 3 years ago

In 224fa0bc:

[4.0.x] Refs #29628, Refs #33178 -- Made createsuperuser validate password against required fields passed in options.

Backport of da266b3c5ca4bb7581d7a3cc51bc820e78cf64f0 from main

Note: See TracTickets for help on using tickets.

Download in other formats:

Issues