[Django] #22192: PasswordResetForm fails on custom user models without an is_active DB field

6 views
Skip to first unread message

Django

unread,
Mar 3, 2014, 5:56:04 AM3/3/14
to django-...@googlegroups.com
#22192: PasswordResetForm fails on custom user models without an is_active DB field
------------------------------+--------------------
Reporter: frasern | Owner: nobody
Type: Bug | Status: new
Component: contrib.auth | Version: 1.6
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------
The change made for ticket #21291 results in the standard
`PasswordResetForm` breaking if the custom user model being used doesn't
have `is_active` defined as a database field. It raises:

`Cannot resolve keyword 'is_active' into field.`

As far as I can tell from the docs and code, Django requires `is_active`
to be present on the custom user model as an '''attribute''', not an
actual database field.

In my case, I have `is_active` defined as a property on the model that is
calculated from other information.

The filtering of active users should therefore be done in Python rather
than at the database-level. Instead of:

{{{#!python
active_users = UserModel._default_manager.filter(
email__iexact=email, is_active=True)
for user in active_users:
}}}

It should be something like:

{{{#!python
users = UserModel._default_manager.filter(email__iexact=email)
active_users = filter(lambda u: u.is_active, users)
for user in active_users:
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/22192>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

Django

unread,
Mar 3, 2014, 6:19:47 AM3/3/14
to django-...@googlegroups.com
#22192: PasswordResetForm fails on custom user models without an is_active DB field
------------------------------+--------------------------------------
Reporter: frasern | Owner: nobody
Type: Bug | Status: closed
Component: contrib.auth | Version: 1.6
Severity: Normal | Resolution: invalid
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0

Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------
Changes (by bmispelon):

* status: new => closed
* needs_better_patch: => 0
* resolution: => invalid
* needs_tests: => 0
* needs_docs: => 0


Comment:

Hi,

The documentation on custom user models and builtin auth forms [1] says:

> Assumes that the user model has [...] a boolean field named is_active to
prevent password resets for inactive users.

So I'd argue that things are working as intended.


There may be a case for making the form a bit more flexible when it comes
to custom user models (in fact, there's already some tickets regarding
this issue with other builtin auth forms I believe) so if you have some
ideas on how to improve things, feel free to open a new ticket describing
your proposal.


Thanks.

[1] https://docs.djangoproject.com/en/1.6/topics/auth/customizing/#custom-
users-and-the-built-in-auth-forms

--
Ticket URL: <https://code.djangoproject.com/ticket/22192#comment:1>

Reply all
Reply to author
Forward
0 new messages