Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed #18979 -- Avoid endless loop caused by "val in PermLookupDict"

Fixed by defining __iter__ which raises TypeError. This was done to
PermWrapper earlier.
  • Loading branch information...
commit 50d573d2c0b3e17cbf1aa240b03b52e4ad0c32cd 1 parent 3cbe686
Anssi Kääriäinen akaariai authored
5 django/contrib/auth/context_processors.py
View
@@ -11,6 +11,11 @@ def __repr__(self):
def __getitem__(self, perm_name):
return self.user.has_perm("%s.%s" % (self.module_name, perm_name))
+ def __iter__(self):
+ # To fix 'item in perms.someapp' and __getitem__ iteraction we need to
+ # define __iter__. See #18979 for details.
+ raise TypeError("PermLookupDict is not iterable.")
+
def __bool__(self):
return self.user.has_module_perms(self.module_name)
__nonzero__ = __bool__ # Python 2
44 django/contrib/auth/tests/context_processors.py
View
@@ -3,11 +3,55 @@
from django.conf import global_settings
from django.contrib.auth import authenticate
from django.contrib.auth.tests.utils import skipIfCustomUser
+from django.contrib.auth.context_processors import PermWrapper, PermLookupDict
from django.db.models import Q
from django.test import TestCase
from django.test.utils import override_settings
+class MockUser(object):
+ def has_module_perm(self, perm):
+ if perm == 'mockapp.someapp':
+ return True
+ return False
+
+ def has_perm(self, perm):
+ if perm == 'someperm':
+ return True
+ return False
+
+
+class PermWrapperTests(TestCase):
+ """
+ Test some details of the PermWrapper implementation.
+ """
+ class EQLimiterObject(object):
+ """
+ This object makes sure __eq__ will not be called endlessly.
+ """
+ def __init__(self):
+ self.eq_calls = 0
+
+ def __eq__(self, other):
+ if self.eq_calls > 0:
+ return True
+ self.eq_calls += 1
+ return False
+
+ def test_permwrapper_in(self):
+ """
+ Test that 'something' in PermWrapper doesn't end up in endless loop.
+ """
+ perms = PermWrapper(MockUser())
+ with self.assertRaises(TypeError):
+ self.EQLimiterObject() in perms
+
+ def test_permlookupdict_in(self):
+ pldict = PermLookupDict(MockUser(), 'mockapp')
+ with self.assertRaises(TypeError):
+ self.EQLimiterObject() in pldict
+
+
@skipIfCustomUser
@override_settings(
TEMPLATE_DIRS=(
Please sign in to comment.
Something went wrong with that request. Please try again.