Ticket #8159: 8159-2.diff

File 8159-2.diff, 4.7 KB (added by Graham King, 16 years ago)

Adds a warning when attempting to delete yourself, fixes the foreign key breakage when deleting yourself, and has a test - updated

  • django/contrib/admin/templates/admin/auth/user/delete_confirmation.html

     
     1{% extends "admin/delete_confirmation.html" %}
     2{% load i18n %}
     3
     4{% block content %}
     5{% ifequal user object %}
     6<ul class="errorlist">
     7        <li>{% trans "You are attempting to delete yourself" %}</li>
     8</ul>
     9{% endifequal %}
     10{{block.super}}
     11{% endblock %}
  • django/contrib/auth/admin.py

     
    99from django.template import RequestContext
    1010from django.utils.html import escape
    1111from django.utils.translation import ugettext, ugettext_lazy as _
     12from django.db import IntegrityError
    1213
    1314class GroupAdmin(admin.ModelAdmin):
    1415    search_fields = ('name',)
     
    124125            'root_path': self.admin_site.root_path,
    125126        }, context_instance=RequestContext(request))
    126127
     128    def log_deletion(self, request, object, object_repr):
     129        """Do not log if the user being deleted is the logged in user - ticket #8159"""
     130       
     131        try:
     132            super(UserAdmin, self).log_deletion(request, object, object_repr)
     133        except IntegrityError, e:
     134            self._raiseIfExists(e, request.user)
    127135
     136    def message_user(self, request, message):
     137        """Do not message if the user being deleted is the logged in user - ticket #8159"""
     138       
     139        try:
     140            super(UserAdmin, self).message_user(request, message)
     141        except IntegrityError, e:
     142            self._raiseIfExists(e, request.user)
     143
     144    def _raiseIfExists(self, exception, user):
     145        """Raises exception if user is in the db"""
     146       
     147        try:
     148            User.objects.get(pk=user.id)
     149            raise exception
     150        except User.DoesNotExist:
     151            pass
     152
    128153admin.site.register(Group, GroupAdmin)
    129154admin.site.register(User, UserAdmin)
    130155
  • tests/regressiontests/admin_views/urls_admin.py

     
     1from django.conf.urls.defaults import *
     2from django.contrib import admin
     3admin.autodiscover()
     4
     5urlpatterns = patterns('',
     6    (r'^admin/(.*)', admin.site.root),
     7)
  • tests/regressiontests/admin_views/tests.py

     
    721721        self.failUnlessEqual(response.status_code, 200)
    722722        response = self.client.post('/test_admin/admin/admin_views/book/1/delete/', delete_dict)
    723723        self.assertRedirects(response, '/test_admin/admin/admin_views/book/')
     724
     725
     726class DeleteSelfTest(TestCase):
     727    """Tests an admin user deleting themselves. See ticket #8159"""
     728   
     729    fixtures = ['admin-views-users.xml']
     730    urls = 'regressiontests.admin_views.urls_admin'
     731
     732    def test_delete_as_super(self):
     733        """Tests that a superuser can delete themselves"""
     734       
     735        username = 'super'
     736       
     737        self.client.login(username=username, password='secret')
     738
     739        # We exist
     740        try:
     741            u = User.objects.get(username=username)
     742        except User.DoesNotExist:
     743            self.fail("User 'super' does not exist - it should be in the fixture")
     744       
     745        # We delete ourselves
     746        response = self.client.post('/admin/auth/user/'+ str(u.id) +'/delete/', {'post': 'yes'})
     747        self.assertRedirects(response, '/admin/auth/user/')
     748
     749        # We don't exist
     750        try:
     751            User.objects.get(username=username)
     752            self.fail("User 'super' was not deleted correctly")
     753        except User.DoesNotExist:
     754            pass
     755
     756        self.client.logout()
     757   
     758    def test_delete_no_perms(self):
     759        """Test that a user without permissions still cannot delete themselves"""
     760       
     761        username= 'adduser'
     762       
     763        self.client.login(username=username, password='secret')
     764
     765        # We exist
     766        try:
     767            u = User.objects.get(username=username)
     768        except User.DoesNotExist:
     769            self.fail("User 'super' does not exist - it should be in the fixture")
     770       
     771        # We delete ourselves
     772        response = self.client.post('/admin/auth/user/'+ str(u.id) +'/delete/', {'post': 'yes'})
     773        self.failUnlessEqual(response.status_code, 403)
Back to Top