[Django] #22515: Change user password creates a LogEntry with incorrect user
Django
-------------------------------+--------------------
Reporter: ross@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.admin | Version: 1.6
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------+--------------------
When changing the password of a user in the Admin, an admin log entry is
created (LogEntry) that records the password change.
'''What I expected:'''
Changing the password of a user I expect the LogEntry to record the user
who performed the action, and the user upon whom the action was completed.
'''What I got:'''
The LogEntry records my user changing the password of my user.
'''Repro:'''
1. Log in as a super-user (in my case 'ross')
2. Change the password of any other user (in my case 'bob')
3. Check the LogEntry which will show an action by 'ross' against 'ross'.
I believe the issue may be at
https://github.com/django/django/blob/fd23c06023a0585ee743c0752dc94da66694cf63/django/contrib/auth/admin.py#L132
and that user should be passed in, rather than request.user.
--
Ticket URL: <https://code.djangoproject.com/ticket/22515>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Reporter: ross@… | Owner: timo
Type: Bug | Status: assigned
Component: contrib.admin | Version: 1.6
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
Changes (by timo):
* status: new => assigned
* severity: Normal => Release blocker
* needs_better_patch: => 0
* needs_tests: => 0
* owner: nobody => timo
* needs_docs: => 0
* stage: Unreviewed => Accepted
Comment:
Confirmed as a bug from #19019.
--
Ticket URL: <https://code.djangoproject.com/ticket/22515#comment:1>
Django
Reporter: ross@… | Owner: timo
Component: contrib.admin | Version: 1.6
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 1 | UI/UX: 0
Changes (by Tim Graham <timograham@…>):
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"9e7f86b890a71bcc86ec7bcd9ee0c05801b5e807"]:
{{{
#!CommitTicketReference repository=""
revision="9e7f86b890a71bcc86ec7bcd9ee0c05801b5e807"
Fixed #22515 -- Fixed the object_id of the LogEntry that's created after a
user password change in the admin.
Thanks ross at servercode.co.uk for the report.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22515#comment:2>
Django
Reporter: ross@… | Owner: timo
Type: Bug | Status: closed
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 1 | UI/UX: 0
Comment (by Tim Graham <timograham@…>):
In [changeset:"d16948bd19737a60811eeaae77b8eb282de8bdb3"]:
{{{
#!CommitTicketReference repository=""
revision="d16948bd19737a60811eeaae77b8eb282de8bdb3"
[1.6.x] Fixed #22515 -- Fixed the object_id of the LogEntry that's created
after a user password change in the admin.
Thanks ross at servercode.co.uk for the report.
Backport of 9e7f86b890 from master
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22515#comment:3>
Django
Reporter: ross@… | Owner: timo
Type: Bug | Status: closed
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 1 | UI/UX: 0
Comment (by Tim Graham <timograham@…>):
In [changeset:"6d87acc390d96b78423031a4c1c16f15ce202b85"]:
{{{
#!CommitTicketReference repository=""
revision="6d87acc390d96b78423031a4c1c16f15ce202b85"
[1.7.x] Fixed #22515 -- Fixed the object_id of the LogEntry that's created
after a user password change in the admin.
Thanks ross at servercode.co.uk for the report.
Backport of 9e7f86b890 from master
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22515#comment:4>