Opened 8 years ago
Last modified 8 years ago
#26988 closed Cleanup/optimization
User is_authenticated callable property confusing if used with "is False" — at Initial Version
| Reported by: | Mark Tranchant | Owned by: | nobody |
|---|---|---|---|
| Component: | contrib.auth | Version: | 1.10 |
| Severity: | Release blocker | Keywords: | user is_authenticated property test |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
Just upgraded to 1.10, converted all is_authenticated() methods into is_authenticated properties as per the Release Notes and a test in my test suite failed.
It turns out I was checking for a logged in user with if request.user.is_authenticated is False: , but the is_authenticated property is actually a CallableBool() so is not False under any circumstances.
Checking this property only gives logical results with direct if user.is_authenticated or if not user.is_authenticated . This is very misleading and non-intuitive behaviour and should be fixed or strongly called out in the documentation. Example:
In [1]: from django.contrib.auth.models import AnonymousUser, AbstractBaseUser In [2]: a = AnonymousUser() In [3]: b = AbstractBaseUser() In [4]: a.is_authenticated Out[4]: CallableBool(False) In [5]: b.is_authenticated Out[5]: CallableBool(True) In [6]: a.is_authenticated is False Out[6]: False In [7]: a.is_authenticated == False Out[7]: False In [8]: not a.is_authenticated Out[8]: True In [9]: not b.is_authenticated Out[9]: False In [10]: b.is_authenticated == False Out[10]: False In [11]: b.is_authenticated == True Out[11]: False
Note:
See TracTickets
for help on using tickets.