Commit f0e7dca9 authored by Jacob Kaplan-Moss's avatar Jacob Kaplan-Moss
Browse files

[1.0.X] Fixed #10694: correctly check permissions in the change password... 

[1.0.X] Fixed #10694: correctly check permissions in the change password admin. Thanks, jturnbull. Backport of r10591 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@10592 bcc190cf-cafb-0310-a4f2-bffc1f526a37
parent 283442a5

django/contrib/auth/admin.py

+1 −1
Original line number Diff line number Diff line
@@ -90,7 +90,7 @@ class UserAdmin(admin.ModelAdmin): 
        }, context_instance=template.RequestContext(request))



    def user_change_password(self, request, id):

        if not request.user.has_perm('auth.change_user'):

        if not self.has_change_permission(request):

            raise PermissionDenied

        user = get_object_or_404(self.model, pk=id)

        if request.method == 'POST':