Opened 3 years ago
Closed 3 years ago
#33178 closed Bug (fixed)
createsuperuser does not validate REQUIRED_FIELDS values in interactive mode when passed by command-line.
Reported by: | Christophe Henry | Owned by: | Christophe Henry |
---|---|---|---|
Component: | contrib.auth | Version: | 3.2 |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Accepted | |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
createsuperuser
command will alway perform a field validation using field.clean
when creating a new user. In non-interactive mode, it is done here. In interactive mode, it is performed in `get_input_data` when the value is requested from input. But if the valued was passed using --
command, the field is never validated.
The consequence is it ends up passing a non-validated string to `UserManager.create_superuser` instead of a integer corresponding to an actual PK in DB.
Change History (10)
comment:1 by , 3 years ago
Has patch: | set |
---|---|
Owner: | changed from | to
Status: | new → assigned |
Summary: | `creratesuperuser` does not validate `REQUIRED_FIELDS` fields value in interactive mode when passed by command-line → createsuperuser does not validate REQUIRED_FIELDS values in interactive mode when passed by command-line. |
Triage Stage: | Unreviewed → Accepted |
Type: | Uncategorized → Bug |
comment:2 by , 3 years ago
Needs tests: | set |
---|---|
Patch needs improvement: | set |
comment:5 by , 3 years ago
Needs tests: | unset |
---|---|
Patch needs improvement: | unset |
comment:9 by , 3 years ago
Has patch: | unset |
---|---|
Resolution: | fixed |
Status: | closed → new |
Version: | 3.1 → 3.2 |
The fixes for this bug were never backported to Django 3.
comment:10 by , 3 years ago
Has patch: | set |
---|---|
Resolution: | → fixed |
Status: | new → closed |
Please don't reopen closed tickets. This issue is not a regression in Django 3.2, per our backporting policy this means it doesn't qualify for a backport to 3.2.x anymore. See Django’s release process for more details.
PR