Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Adjust password field length in user admin to match db column size (b…

…ug 722816)
  • Loading branch information...
commit aedc50a1794c00e7757a9ef9fb464562eab729d3 1 parent ef93e5a
@washort authored
View
19 apps/users/admin.py
@@ -1,5 +1,8 @@
+from django.core.validators import MaxLengthValidator
from django.contrib import admin, messages
+from django.contrib.auth.admin import UserAdmin as DjangoUserAdmin
from django.db.utils import IntegrityError
+from django.contrib.auth.models import User
import jingo
@@ -8,6 +11,22 @@
from . import forms
+class BetterDjangoUserAdmin(DjangoUserAdmin):
+
+ def formfield_for_dbfield(self, db_field, **kwargs):
+ """
+ Override password field to allow AMO's longer hashed passwords.
+ """
+ f = DjangoUserAdmin.formfield_for_dbfield(self, db_field, **kwargs)
+ if db_field.name == 'password':
+ f.max_length = 255

what was the old value? is it still compatible with our db schema?

@washort Owner
washort added a note

Django's default here is 128. Our db schema has been changed to 255; this code change is to match that, so the form validator doesn't reject stuff that the db will accept.

aha, gotcha. In playdoh we do this by base 64 encoding it (for 128) but this is less hacky. R+, ship it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ f.validators = [MaxLengthValidator(255)]
+ db_field.validators = [MaxLengthValidator(255)]
+ return f
+
+admin.site.unregister(User)
+admin.site.register(User, BetterDjangoUserAdmin)
+
class UserAdmin(admin.ModelAdmin):
list_display = ('__unicode__', 'email')
search_fields = ('^email',)
View
2  apps/users/fixtures/users/test_backends.json
@@ -92,7 +92,7 @@
"deleted": 0,
"lastname": "Scott",
"emailhidden": 1,
- "user": null,
+ "user": 9945,
"password": "sha512$32e15df727a054aa56cf69accc142d1573372641a176aab9b0f1458e27dc6f3b$5bd3bd7811569776a07fbbb5e50156aa6ebdd0bec9267249b57da065340f0324190f1ad0d5f609dca19179a86c64807e22f789d118e6f7109c95b9c64ae8f619",
"nickname": "fligtar",
"username": "fligtar",
View
24 apps/users/tests/test_forms.py
@@ -151,6 +151,30 @@ def test_developer_attempt(self, f):
self.assertContains(r, 'You cannot delete your account')
+class TestUserAdminForm(UserFormBase):
+
+ def test_long_hash(self):
+ self.client.login(username='fligtar@gmail.com', password='foo')
+ data = {'password': 'sha512$32e15df727a054aa56cf69accc142d1573372641a176aab9b0f1458e27dc6f3b$5bd3bd7811569776a07fbbb5e50156aa6ebdd0bec9267249b57da065340f0324190f1ad0d5f609dca19179a86c64807e22f789d118e6f7109c95b9c64ae8f619',

if you could split this into two lines then our lint checker won't complain about it being more than 80 chars

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ 'username': 'alice',
+ 'last_login': '2010-07-03 23:03:11',
+ 'date_joined': '2010-07-03 23:03:11'}
+ r = self.client.post(reverse('admin:auth_user_change',
+ args=[self.user.id]),
+ data)
+ eq_(pq(r.content)('#user_form div.password .errorlist').text(), None)
+
+ def test_toolong_hash(self):
+ self.client.login(username='fligtar@gmail.com', password='foo')
+ data = {'password': 'sha512$32e15df727a054aa56cf69accc142d1573372641a176aab9b0f1458e27dc6f3b$5bd3bd7811569776a07fbbb5e50156aa6ebdd0bec9267249b57da065340f0324190f1ad0d5f609dca19179a86c64807e22f789d118e6f7109c95b9c64ae8f6190000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000',
+ 'username': 'alice'}
+ r = self.client.post(reverse('admin:auth_user_change',
+ args=[self.user.id]),
+ data)
+ eq_(pq(r.content)('#user_form div.password .errorlist').text(),
+ 'Ensure this value has at most 255 characters (it has 489).')
+
+
class TestUserEditForm(UserFormBase):
def setUp(self):
Please sign in to comment.
Something went wrong with that request. Please try again.