Loading django/contrib/admin/sites.py +13 −2 Original line number Diff line number Diff line Loading @@ -232,14 +232,25 @@ class AdminSite(object): url(r'^password_change/done/$', wrap(self.password_change_done, cacheable=True), name='password_change_done'), url(r'^jsi18n/$', wrap(self.i18n_javascript, cacheable=True), name='jsi18n'), url(r'^r/(?P<content_type_id>\d+)/(?P<object_id>.+)/$', wrap(contenttype_views.shortcut), name='view_on_site'), url(r'^(?P<app_label>\w+)/$', wrap(self.app_index), name='app_list'), ) # Add in each model's views. # Add in each model's views, and create a list of valid URLS for the # app_index valid_app_labels = [] for model, model_admin in six.iteritems(self._registry): urlpatterns += patterns('', url(r'^%s/%s/' % (model._meta.app_label, model._meta.model_name), include(model_admin.urls)) ) if model._meta.app_label not in valid_app_labels: valid_app_labels.append(model._meta.app_label) # If there were ModelAdmins registered, we should have a list of app # labels for which we need to allow access to the app_index view, if valid_app_labels: regex = r'^(?P<app_label>' + '|'.join(valid_app_labels) + ')/$' urlpatterns += patterns('', url(regex, wrap(self.app_index), name='app_list'), ) return urlpatterns @property Loading tests/admin_views/tests.py +15 −1 Original line number Diff line number Diff line Loading @@ -9,7 +9,7 @@ import unittest from django.conf import settings, global_settings from django.core import mail from django.core.files import temp as tempfile from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse, NoReverseMatch # Register auth models with the admin. from django.contrib.auth import get_permission_codename from django.contrib.admin.helpers import ACTION_CHECKBOX_NAME Loading Loading @@ -640,6 +640,20 @@ class AdminViewBasicTest(AdminViewBasicTestCase): # Check the format of the shown object -- shouldn't contain a change link self.assertContains(response, '<th class="field-__str__">UnchangeableObject object</th>', html=True) def test_invalid_appindex_url(self): """ #21056 -- URL reversing shouldn't work for nonexistent apps. """ good_url = '/test_admin/admin/admin_views/' confirm_good_url = reverse('admin:app_list', kwargs={'app_label': 'admin_views'}) self.assertEqual(good_url, confirm_good_url) with self.assertRaises(NoReverseMatch): reverse('admin:app_list', kwargs={'app_label': 'this_should_fail'}) with self.assertRaises(NoReverseMatch): reverse('admin:app_list', args=('admin_views2',)) @override_settings(PASSWORD_HASHERS=('django.contrib.auth.hashers.SHA1PasswordHasher',)) class AdminViewFormUrlTest(TestCase): Loading Loading
django/contrib/admin/sites.py +13 −2 Original line number Diff line number Diff line Loading @@ -232,14 +232,25 @@ class AdminSite(object): url(r'^password_change/done/$', wrap(self.password_change_done, cacheable=True), name='password_change_done'), url(r'^jsi18n/$', wrap(self.i18n_javascript, cacheable=True), name='jsi18n'), url(r'^r/(?P<content_type_id>\d+)/(?P<object_id>.+)/$', wrap(contenttype_views.shortcut), name='view_on_site'), url(r'^(?P<app_label>\w+)/$', wrap(self.app_index), name='app_list'), ) # Add in each model's views. # Add in each model's views, and create a list of valid URLS for the # app_index valid_app_labels = [] for model, model_admin in six.iteritems(self._registry): urlpatterns += patterns('', url(r'^%s/%s/' % (model._meta.app_label, model._meta.model_name), include(model_admin.urls)) ) if model._meta.app_label not in valid_app_labels: valid_app_labels.append(model._meta.app_label) # If there were ModelAdmins registered, we should have a list of app # labels for which we need to allow access to the app_index view, if valid_app_labels: regex = r'^(?P<app_label>' + '|'.join(valid_app_labels) + ')/$' urlpatterns += patterns('', url(regex, wrap(self.app_index), name='app_list'), ) return urlpatterns @property Loading
tests/admin_views/tests.py +15 −1 Original line number Diff line number Diff line Loading @@ -9,7 +9,7 @@ import unittest from django.conf import settings, global_settings from django.core import mail from django.core.files import temp as tempfile from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse, NoReverseMatch # Register auth models with the admin. from django.contrib.auth import get_permission_codename from django.contrib.admin.helpers import ACTION_CHECKBOX_NAME Loading Loading @@ -640,6 +640,20 @@ class AdminViewBasicTest(AdminViewBasicTestCase): # Check the format of the shown object -- shouldn't contain a change link self.assertContains(response, '<th class="field-__str__">UnchangeableObject object</th>', html=True) def test_invalid_appindex_url(self): """ #21056 -- URL reversing shouldn't work for nonexistent apps. """ good_url = '/test_admin/admin/admin_views/' confirm_good_url = reverse('admin:app_list', kwargs={'app_label': 'admin_views'}) self.assertEqual(good_url, confirm_good_url) with self.assertRaises(NoReverseMatch): reverse('admin:app_list', kwargs={'app_label': 'this_should_fail'}) with self.assertRaises(NoReverseMatch): reverse('admin:app_list', args=('admin_views2',)) @override_settings(PASSWORD_HASHERS=('django.contrib.auth.hashers.SHA1PasswordHasher',)) class AdminViewFormUrlTest(TestCase): Loading
