Loading django/contrib/auth/admin.py +4 −3 Original line number Diff line number Diff line Loading @@ -17,6 +17,8 @@ from django.views.decorators.csrf import csrf_protect from django.views.decorators.debug import sensitive_post_parameters csrf_protect_m = method_decorator(csrf_protect) sensitive_post_parameters_m = method_decorator(sensitive_post_parameters()) class GroupAdmin(admin.ModelAdmin): search_fields = ('name',) Loading Loading @@ -83,7 +85,7 @@ class UserAdmin(admin.ModelAdmin): self.admin_site.admin_view(self.user_change_password)) ) + super(UserAdmin, self).get_urls() @sensitive_post_parameters() @sensitive_post_parameters_m @csrf_protect_m @transaction.commit_on_success def add_view(self, request, form_url='', extra_context=None): Loading Loading @@ -113,7 +115,7 @@ class UserAdmin(admin.ModelAdmin): return super(UserAdmin, self).add_view(request, form_url, extra_context) @sensitive_post_parameters() @sensitive_post_parameters_m def user_change_password(self, request, id, form_url=''): if not self.has_change_permission(request): raise PermissionDenied Loading Loading @@ -170,4 +172,3 @@ class UserAdmin(admin.ModelAdmin): admin.site.register(Group, GroupAdmin) admin.site.register(User, UserAdmin) django/views/decorators/debug.py +6 −0 Original line number Diff line number Diff line import functools from django.http import HttpRequest def sensitive_variables(*variables): """ Loading Loading @@ -62,6 +64,10 @@ def sensitive_post_parameters(*parameters): def decorator(view): @functools.wraps(view) def sensitive_post_parameters_wrapper(request, *args, **kwargs): assert isinstance(request, HttpRequest), ( "sensitive_post_parameters didn't receive an HttpRequest. If you " "are decorating a classmethod, be sure to use @method_decorator." ) if parameters: request.sensitive_post_parameters = parameters else: Loading Loading
django/contrib/auth/admin.py +4 −3 Original line number Diff line number Diff line Loading @@ -17,6 +17,8 @@ from django.views.decorators.csrf import csrf_protect from django.views.decorators.debug import sensitive_post_parameters csrf_protect_m = method_decorator(csrf_protect) sensitive_post_parameters_m = method_decorator(sensitive_post_parameters()) class GroupAdmin(admin.ModelAdmin): search_fields = ('name',) Loading Loading @@ -83,7 +85,7 @@ class UserAdmin(admin.ModelAdmin): self.admin_site.admin_view(self.user_change_password)) ) + super(UserAdmin, self).get_urls() @sensitive_post_parameters() @sensitive_post_parameters_m @csrf_protect_m @transaction.commit_on_success def add_view(self, request, form_url='', extra_context=None): Loading Loading @@ -113,7 +115,7 @@ class UserAdmin(admin.ModelAdmin): return super(UserAdmin, self).add_view(request, form_url, extra_context) @sensitive_post_parameters() @sensitive_post_parameters_m def user_change_password(self, request, id, form_url=''): if not self.has_change_permission(request): raise PermissionDenied Loading Loading @@ -170,4 +172,3 @@ class UserAdmin(admin.ModelAdmin): admin.site.register(Group, GroupAdmin) admin.site.register(User, UserAdmin)
django/views/decorators/debug.py +6 −0 Original line number Diff line number Diff line import functools from django.http import HttpRequest def sensitive_variables(*variables): """ Loading Loading @@ -62,6 +64,10 @@ def sensitive_post_parameters(*parameters): def decorator(view): @functools.wraps(view) def sensitive_post_parameters_wrapper(request, *args, **kwargs): assert isinstance(request, HttpRequest), ( "sensitive_post_parameters didn't receive an HttpRequest. If you " "are decorating a classmethod, be sure to use @method_decorator." ) if parameters: request.sensitive_post_parameters = parameters else: Loading
