Loading django/contrib/admin/templates/admin/login.html +10 −0 Original line number Diff line number Diff line Loading @@ -31,6 +31,16 @@ {% endif %} <div id="content-main"> {% if user.is_authenticated %} <p class="errornote"> {% blocktrans with username=request.user.username %} You are authenticated as {{ username }}, but are not authorized to access this page. Would you like to login to a different account? {% endblocktrans %} </p> {% endif %} <form action="{{ app_path }}" method="post" id="login-form">{% csrf_token %} <div class="form-row"> {{ form.username.errors }} Loading tests/admin_views/tests.py +19 −0 Original line number Diff line number Diff line Loading @@ -1558,6 +1558,25 @@ class AdminViewPermissionsTest(TestCase): self.assertFalse(login.context) self.client.get(reverse('admin:logout')) def test_login_page_notice_for_non_staff_users(self): """ A logged-in non-staff user trying to access the admin index should be presented with the login page and a hint indicating that the current user doesn't have access to it. """ hint_template = 'You are authenticated as {}' # Anonymous user should not be shown the hint response = self.client.get(self.index_url, follow=True) self.assertContains(response, 'login-form') self.assertNotContains(response, hint_template.format(''), status_code=200) # Non-staff user should be shown the hint self.client.login(**self.nostaff_login) response = self.client.get(self.index_url, follow=True) self.assertContains(response, 'login-form') self.assertContains(response, hint_template.format(self.u6.username), status_code=200) def test_add_view(self): """Test add view restricts access and actually adds items.""" Loading Loading
django/contrib/admin/templates/admin/login.html +10 −0 Original line number Diff line number Diff line Loading @@ -31,6 +31,16 @@ {% endif %} <div id="content-main"> {% if user.is_authenticated %} <p class="errornote"> {% blocktrans with username=request.user.username %} You are authenticated as {{ username }}, but are not authorized to access this page. Would you like to login to a different account? {% endblocktrans %} </p> {% endif %} <form action="{{ app_path }}" method="post" id="login-form">{% csrf_token %} <div class="form-row"> {{ form.username.errors }} Loading
tests/admin_views/tests.py +19 −0 Original line number Diff line number Diff line Loading @@ -1558,6 +1558,25 @@ class AdminViewPermissionsTest(TestCase): self.assertFalse(login.context) self.client.get(reverse('admin:logout')) def test_login_page_notice_for_non_staff_users(self): """ A logged-in non-staff user trying to access the admin index should be presented with the login page and a hint indicating that the current user doesn't have access to it. """ hint_template = 'You are authenticated as {}' # Anonymous user should not be shown the hint response = self.client.get(self.index_url, follow=True) self.assertContains(response, 'login-form') self.assertNotContains(response, hint_template.format(''), status_code=200) # Non-staff user should be shown the hint self.client.login(**self.nostaff_login) response = self.client.get(self.index_url, follow=True) self.assertContains(response, 'login-form') self.assertContains(response, hint_template.format(self.u6.username), status_code=200) def test_add_view(self): """Test add view restricts access and actually adds items.""" Loading
