Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Make use of new ability to override admin add form templates and remo…

…ved a litle bit of redundancy in the templates.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit c4470e5ced090075adbef36b98b051c5a53f7a2e 1 parent a205691
@jezdez jezdez authored
View
32 django/contrib/admin/templates/admin/auth/user/add_form.html
@@ -1,33 +1,11 @@
{% extends "admin/change_form.html" %}
{% load i18n %}
-{% block after_field_sets %}
-
-<p>{% trans "First, enter a username and password. Then, you'll be able to edit more user options." %}</p>
-
-<fieldset class="module aligned">
-
-<div class="form-row">
- {{ form.username.errors }}
- {# TODO: get required class on label_tag #}
- <label for="id_username" class="required">{% trans 'Username' %}:</label> {{ form.username }}
- <p class="help">{{ form.username.help_text }}</p>
-</div>
-
-<div class="form-row">
- {{ form.password1.errors }}
- {# TODO: get required class on label_tag #}
- <label for="id_password1" class="required">{% trans 'Password' %}:</label> {{ form.password1 }}
-</div>
-
-<div class="form-row">
- {{ form.password2.errors }}
- {# TODO: get required class on label_tag #}
- <label for="id_password2" class="required">{% trans 'Password (again)' %}:</label> {{ form.password2 }}
- <p class="help">{% trans 'Enter the same password as above, for verification.' %}</p>
-</div>
+{% block form_top %}
+ <p>{% trans "First, enter a username and password. Then, you'll be able to edit more user options." %}</p>
+ <input type="hidden" name="_continue" value="1" />
+{% endblock %}
+{% block after_field_sets %}
<script type="text/javascript">document.getElementById("id_username").focus();</script>
-
-</fieldset>
{% endblock %}
View
44 django/contrib/admin/templates/registration/password_change_form.html
@@ -1,26 +1,50 @@
{% extends "admin/base_site.html" %}
-{% load i18n %}
+{% load i18n adminmedia %}
+{% block extrastyle %}{{ block.super }}<link rel="stylesheet" type="text/css" href="{% admin_media_prefix %}css/forms.css" />{% endblock %}
{% block userlinks %}{% url django-admindocs-docroot as docsroot %}{% if docsroot %}<a href="{{ docsroot }}">{% trans 'Documentation' %}</a> / {% endif %} {% trans 'Change password' %} / <a href="../logout/">{% trans 'Log out' %}</a>{% endblock %}
{% block breadcrumbs %}<div class="breadcrumbs"><a href="../">{% trans 'Home' %}</a> &rsaquo; {% trans 'Password change' %}</div>{% endblock %}
{% block title %}{% trans 'Password change' %}{% endblock %}
-{% block content %}
+{% block content %}<div id="content-main">
+
+<form action="" method="post">{% csrf_token %}
+<div>
+{% if form.errors %}
+ <p class="errornote">
+ {% blocktrans count form.errors.items|length as counter %}Please correct the error below.{% plural %}Please correct the errors below.{% endblocktrans %}
+ </p>
+{% endif %}
<h1>{% trans 'Password change' %}</h1>
<p>{% trans "Please enter your old password, for security's sake, and then enter your new password twice so we can verify you typed it in correctly." %}</p>
-<form action="" method="post">{% csrf_token %}
+<fieldset class="module aligned wide">
+
+<div class="form-row">
+ {{ form.old_password.errors }}
+ <label for="id_old_password" class="required">{% trans 'Old password' %}:</label>{{ form.old_password }}
+</div>
-{{ form.old_password.errors }}
-<p class="aligned wide"><label for="id_old_password">{% trans 'Old password:' %}</label>{{ form.old_password }}</p>
-{{ form.new_password1.errors }}
-<p class="aligned wide"><label for="id_new_password1">{% trans 'New password:' %}</label>{{ form.new_password1 }}</p>
+<div class="form-row">
+ {{ form.new_password1.errors }}
+ <label for="id_new_password1" class="required">{% trans 'New password' %}:</label>{{ form.new_password1 }}
+</div>
+
+<div class="form-row">
{{ form.new_password2.errors }}
-<p class="aligned wide"><label for="id_new_password2">{% trans 'Confirm password:' %}</label>{{ form.new_password2 }}</p>
+ <label for="id_new_password2" class="required">{% trans 'Password (again)' %}:</label>{{ form.new_password2 }}
+</div>
+
+</fieldset>
+
+<div class="submit-row">
+ <input type="submit" value="{% trans 'Change my password' %}" class="default" />
+</div>
-<p><input type="submit" value="{% trans 'Change my password' %}" /></p>
-</form>
+<script type="text/javascript">document.getElementById("id_old_password").focus();</script>
+</div>
+</form></div>
{% endblock %}
View
81 django/contrib/auth/admin.py
@@ -1,4 +1,5 @@
from django import template
+from django.db import transaction
from django.conf import settings
from django.contrib import admin
from django.contrib.auth.forms import UserCreationForm, UserChangeForm, AdminPasswordChangeForm
@@ -10,6 +11,7 @@
from django.template import RequestContext
from django.utils.html import escape
from django.utils.translation import ugettext, ugettext_lazy as _
+from django.views.decorators.csrf import csrf_protect
class GroupAdmin(admin.ModelAdmin):
search_fields = ('name',)
@@ -17,6 +19,8 @@ class GroupAdmin(admin.ModelAdmin):
filter_horizontal = ('permissions',)
class UserAdmin(admin.ModelAdmin):
+ add_form_template = 'admin/auth/user/add_form.html'
+ change_user_password_template = None
fieldsets = (
(None, {'fields': ('username', 'password')}),
(_('Personal info'), {'fields': ('first_name', 'last_name', 'email')}),
@@ -24,6 +28,12 @@ class UserAdmin(admin.ModelAdmin):
(_('Important dates'), {'fields': ('last_login', 'date_joined')}),
(_('Groups'), {'fields': ('groups',)}),
)
+ add_fieldsets = (
+ (None, {
+ 'classes': ('wide',),
+ 'fields': ('username', 'password1', 'password2')}
+ ),
+ )
form = UserChangeForm
add_form = UserCreationForm
change_password_form = AdminPasswordChangeForm
@@ -41,14 +51,34 @@ def __call__(self, request, url):
if url.endswith('password'):
return self.user_change_password(request, url.split('/')[0])
return super(UserAdmin, self).__call__(request, url)
-
+
+ def get_fieldsets(self, request, obj=None):
+ if not obj:
+ return self.add_fieldsets
+ return super(UserAdmin, self).get_fieldsets(request, obj)
+
+ def get_form(self, request, obj=None, **kwargs):
+ """
+ Use special form during user creation
+ """
+ defaults = {}
+ if not obj:
+ defaults = {
+ 'form': UserCreationForm,
+ 'fields': ['username'],
+ }
+ defaults.update(kwargs)
+ return super(UserAdmin, self).get_form(request, obj, **defaults)
+
def get_urls(self):
from django.conf.urls.defaults import patterns
return patterns('',
(r'^(\d+)/password/$', self.admin_site.admin_view(self.user_change_password))
) + super(UserAdmin, self).get_urls()
- def add_view(self, request):
+ @csrf_protect
+ @transaction.commit_on_success
+ def add_view(self, request, form_url='', extra_context=None):
# It's an error for a user to have add permission but NOT change
# permission for users. If we allowed such users to add users, they
# could create superusers, which would mean they would essentially have
@@ -61,41 +91,14 @@ def add_view(self, request):
# error message.
raise Http404('Your user does not have the "Change user" permission. In order to add users, Django requires that your user account have both the "Add user" and "Change user" permissions set.')
raise PermissionDenied
- if request.method == 'POST':
- form = self.add_form(request.POST)
- if form.is_valid():
- new_user = form.save()
- msg = _('The %(name)s "%(obj)s" was added successfully.') % {'name': 'user', 'obj': new_user}
- self.log_addition(request, new_user)
- if "_addanother" in request.POST:
- messages.success(request, msg)
- return HttpResponseRedirect(request.path)
- elif '_popup' in request.REQUEST:
- return self.response_add(request, new_user)
- else:
- messages.success(request, msg + ' ' +
- ugettext("You may edit it again below."))
- return HttpResponseRedirect('../%s/' % new_user.id)
- else:
- form = self.add_form()
- return render_to_response('admin/auth/user/add_form.html', {
- 'title': _('Add user'),
- 'form': form,
- 'is_popup': '_popup' in request.REQUEST,
- 'add': True,
- 'change': False,
- 'has_add_permission': True,
- 'has_delete_permission': False,
- 'has_change_permission': True,
- 'has_file_field': False,
- 'has_absolute_url': False,
+ if extra_context is None:
+ extra_context = {}
+ defaults = {
'auto_populated_fields': (),
- 'opts': self.model._meta,
- 'save_as': False,
'username_help_text': self.model._meta.get_field('username').help_text,
- 'root_path': self.admin_site.root_path,
- 'app_label': self.model._meta.app_label,
- }, context_instance=template.RequestContext(request))
+ }
+ extra_context.update(defaults)
+ return super(UserAdmin, self).add_view(request, form_url, extra_context)
def user_change_password(self, request, id):
if not self.has_change_permission(request):
@@ -110,8 +113,14 @@ def user_change_password(self, request, id):
return HttpResponseRedirect('..')
else:
form = self.change_password_form(user)
- return render_to_response('admin/auth/user/change_password.html', {
+
+ fieldsets = [(None, {'fields': form.base_fields.keys()})]
+ adminForm = admin.helpers.AdminForm(form, fieldsets, {})
+ print adminForm, form
+
+ return render_to_response(self.change_user_password_template or 'admin/auth/user/change_password.html', {
'title': _('Change password: %s') % escape(user.username),
+ 'adminForm': adminForm,
'form': form,
'is_popup': '_popup' in request.REQUEST,
'add': True,
View
3  django/contrib/auth/forms.py
@@ -15,7 +15,8 @@ class UserCreationForm(forms.ModelForm):
help_text = _("Required. 30 characters or fewer. Alphanumeric characters only (letters, digits and underscores)."),
error_message = _("This value must contain only letters, numbers and underscores."))
password1 = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
- password2 = forms.CharField(label=_("Password confirmation"), widget=forms.PasswordInput)
+ password2 = forms.CharField(label=_("Password confirmation"), widget=forms.PasswordInput,
+ help_text = _("Enter the same password as above, for verification."))
class Meta:
model = User
View
39 tests/regressiontests/admin_views/tests.py
@@ -1795,27 +1795,30 @@ class IncompleteFormTest(TestCase):
fixtures = ['admin-views-users.xml']
def setUp(self):
- self.client.login(username='super', password='secret')
+ self.client.login(username='super', password='secret')
def tearDown(self):
- self.client.logout()
+ self.client.logout()
def test_user_creation(self):
- response = self.client.post('/test_admin/admin/auth/user/add/', {
- 'username': 'newuser',
- 'password1': 'newpassword',
- 'password2': 'newpassword',
- })
- new_user = User.objects.order_by('-id')[0]
- self.assertRedirects(response, '/test_admin/admin/auth/user/%s/' % new_user.pk)
- self.assertNotEquals(new_user.password, UNUSABLE_PASSWORD)
+ response = self.client.post('/test_admin/admin/auth/user/add/', {
+ 'username': 'newuser',
+ 'password1': 'newpassword',
+ 'password2': 'newpassword',
+ '_continue': '1',
+ })
+ new_user = User.objects.order_by('-id')[0]
+ self.assertRedirects(response, '/test_admin/admin/auth/user/%s/' % new_user.pk)
+ self.assertNotEquals(new_user.password, UNUSABLE_PASSWORD)
def test_password_mismatch(self):
- response = self.client.post('/test_admin/admin/auth/user/add/', {
- 'username': 'newuser',
- 'password1': 'newpassword',
- 'password2': 'mismatch',
- })
- self.assertEquals(response.status_code, 200)
- self.assert_('password' not in response.context['form'].errors)
- self.assertFormError(response, 'form', 'password2', ["The two password fields didn't match."])
+ response = self.client.post('/test_admin/admin/auth/user/add/', {
+ 'username': 'newuser',
+ 'password1': 'newpassword',
+ 'password2': 'mismatch',
+ })
+ self.assertEquals(response.status_code, 200)
+ adminform = response.context['adminform']
+ self.assert_('password' not in adminform.form.errors)
+ self.assertEquals(adminform.form.errors['password2'],
+ [u"The two password fields didn't match."])
Please sign in to comment.
Something went wrong with that request. Please try again.