Context Navigation

← Previous Ticket
Next Ticket →

#33178 closed Bug (fixed)

createsuperuser does not validate REQUIRED_FIELDS values in interactive mode when passed by command-line.

Reported by:	Christophe Henry	Owned by:	Christophe Henry
Component:	contrib.auth	Version:	3.2
Severity:	Normal	Keywords:
Cc:		Triage Stage:	Accepted
Has patch:	yes	Needs documentation:	no
Needs tests:	no	Patch needs improvement:	no
Easy pickings:	no	UI/UX:	no

Description

createsuperuser command will alway perform a field validation using field.clean when creating a new user. In non-interactive mode, it is done here. In interactive mode, it is performed in `get_input_data` when the value is requested from input. But if the valued was passed using -- command, the field is never validated.

The consequence is it ends up passing a non-validated string to `UserManager.create_superuser` instead of a integer corresponding to an actual PK in DB.

Change History (10)

comment:1 by Mariusz Felisiak, 3 years ago

Has patch:	set
Owner:	changed from nobody to Christophe Henry
Status:	new → assigned
Summary:	`creratesuperuser` does not validate `REQUIRED_FIELDS` fields value in interactive mode when passed by command-line → createsuperuser does not validate REQUIRED_FIELDS values in interactive mode when passed by command-line.
Triage Stage:	Unreviewed → Accepted
Type:	Uncategorized → Bug

comment:2 by Mariusz Felisiak, 3 years ago

Needs tests:	set
Patch needs improvement:	set

comment:3 by GitHub <noreply@…>, 3 years ago

In da266b3:

Refs #29628, Refs #33178 -- Made createsuperuser validate password against required fields passed in options.

comment:4 by Mariusz Felisiak <felisiak.mariusz@…>, 3 years ago

In 224fa0bc:

[4.0.x] Refs #29628, Refs #33178 -- Made createsuperuser validate password against required fields passed in options.

Backport of da266b3c5ca4bb7581d7a3cc51bc820e78cf64f0 from main

comment:5 by Mariusz Felisiak, 3 years ago

Needs tests:	unset
Patch needs improvement:	unset

comment:6 by Mariusz Felisiak <felisiak.mariusz@…>, 3 years ago

In 57273e15:

Refs #33178 -- Added createsuperuser tests for validation of foreign keys.

comment:7 by Mariusz Felisiak <felisiak.mariusz@…>, 3 years ago

Resolution:	→ fixed
Status:	assigned → closed

In b1b26b3:

Fixed #33178 -- Made createsuperuser validate required fields passed in options in interactive mode.

comment:8 by Mariusz Felisiak <felisiak.mariusz@…>, 3 years ago

In 048fbf9c:

[4.0.x] Fixed #33178 -- Made createsuperuser validate required fields passed in options in interactive mode.

Backport of b1b26b37aff0c80d6abdf15c5ffdf0440a9a1d6a from main.

comment:9 by Christophe Henry, 2 years ago

Has patch:	unset
Resolution:	fixed
Status:	closed → new
Version:	3.1 → 3.2

The fixes for this bug were never backported to Django 3.

comment:10 by Mariusz Felisiak, 2 years ago

Has patch:	set
Resolution:	→ fixed
Status:	new → closed

Please don't reopen closed tickets. This issue is not a regression in Django 3.2, per our backporting policy this means it doesn't qualify for a backport to 3.2.x anymore. See Django’s release process for more details.

Note: See TracTickets for help on using tickets.

Download in other formats:

Issues