summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Graham <timograham@gmail.com>2018-05-26 20:58:41 -0400
committerTim Graham <timograham@gmail.com>2018-05-26 21:07:19 -0400
commit483f5d6c4f66c8dfca5770de7b1af8aea05a5e7c (patch)
treeb3bffa86aa0fd8c906f4fd490a9b77ce32a27c89
parent39e61669e0c4299228dca751852002946ebe5d5e (diff)
[2.1.x] Reverted "Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is accessed and not set."
This reverts commit b3cffde5559c4fa97625512d7ec41a674be26076 due to a regression and performance concerns. Backport of 5cc81cd9eb69f5f7a711412c02039b435c393135 from master
-rw-r--r--django/conf/__init__.py11
-rw-r--r--django/conf/global_settings.py5
-rw-r--r--docs/ref/settings.txt10
-rw-r--r--tests/admin_scripts/tests.py13
-rw-r--r--tests/settings_tests/tests.py14
5 files changed, 13 insertions, 40 deletions
diff --git a/django/conf/__init__.py b/django/conf/__init__.py
index 9b3e350a50..05c603786e 100644
--- a/django/conf/__init__.py
+++ b/django/conf/__init__.py
@@ -116,15 +116,15 @@ class Settings:
if setting.isupper():
setting_value = getattr(mod, setting)
- if setting == 'SECRET_KEY' and not setting_value:
- raise ImproperlyConfigured('The SECRET_KEY setting must not be empty.')
-
if (setting in tuple_settings and
not isinstance(setting_value, (list, tuple))):
raise ImproperlyConfigured("The %s setting must be a list or a tuple. " % setting)
setattr(self, setting, setting_value)
self._explicit_settings.add(setting)
+ if not self.SECRET_KEY:
+ raise ImproperlyConfigured("The SECRET_KEY setting must not be empty.")
+
if self.is_overridden('DEFAULT_CONTENT_TYPE'):
warnings.warn('The DEFAULT_CONTENT_TYPE setting is deprecated.', RemovedInDjango30Warning)
@@ -140,11 +140,6 @@ class Settings:
os.environ['TZ'] = self.TIME_ZONE
time.tzset()
- def __getattr__(self, name):
- if name == 'SECRET_KEY':
- raise ImproperlyConfigured('The SECRET_KEY setting must be set.')
- raise AttributeError("'%s' object has no attribute '%s'" % (self.__class__.__name__, name))
-
def is_overridden(self, setting):
return setting in self._explicit_settings
diff --git a/django/conf/global_settings.py b/django/conf/global_settings.py
index 26fa492892..befade160f 100644
--- a/django/conf/global_settings.py
+++ b/django/conf/global_settings.py
@@ -256,6 +256,11 @@ ABSOLUTE_URL_OVERRIDES = {}
# ]
IGNORABLE_404_URLS = []
+# A secret key for this particular Django installation. Used in secret-key
+# hashing algorithms. Set this in your settings, or Django will complain
+# loudly.
+SECRET_KEY = ''
+
# Default file storage mechanism that holds media.
DEFAULT_FILE_STORAGE = 'django.core.files.storage.FileSystemStorage'
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt
index 635cadc848..3647e60663 100644
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@@ -2074,7 +2074,7 @@ object. See :ref:`how-django-processes-a-request` for details.
``SECRET_KEY``
--------------
-Default: Not defined
+Default: ``''`` (Empty string)
A secret key for a particular Django installation. This is used to provide
:doc:`cryptographic signing </topics/signing>`, and should be set to a unique,
@@ -2087,9 +2087,7 @@ Uses of the key shouldn't assume that it's text or bytes. Every use should go
through :func:`~django.utils.encoding.force_text` or
:func:`~django.utils.encoding.force_bytes` to convert it to the desired type.
-Django will refuse to start if :setting:`SECRET_KEY` is set to an empty value.
-:class:`~django.core.exceptions.ImproperlyConfigured` is raised if
-``SECRET_KEY`` is accessed but not set.
+Django will refuse to start if :setting:`SECRET_KEY` is not set.
.. warning::
@@ -2122,10 +2120,6 @@ affect them.
startproject <startproject>` creates a unique ``SECRET_KEY`` for
convenience.
-.. versionchanged:: 2.1
-
- In older versions, ``SECRET_KEY`` defaults to an empty string.
-
.. setting:: SECURE_BROWSER_XSS_FILTER
``SECURE_BROWSER_XSS_FILTER``
diff --git a/tests/admin_scripts/tests.py b/tests/admin_scripts/tests.py
index 17347a476b..3c4e01dfac 100644
--- a/tests/admin_scripts/tests.py
+++ b/tests/admin_scripts/tests.py
@@ -2213,11 +2213,7 @@ class DiffSettings(AdminScriptTestCase):
out, err = self.run_manage(args)
self.assertNoOutput(err)
self.assertOutput(out, "+ FOO = 'bar'")
- self.assertOutput(out, "- INSTALLED_APPS = []")
- self.assertOutput(
- out,
- "+ INSTALLED_APPS = ['django.contrib.auth', 'django.contrib.contenttypes', 'admin_scripts']"
- )
+ self.assertOutput(out, "- SECRET_KEY = ''")
self.assertOutput(out, "+ SECRET_KEY = 'django_tests_secret_key'")
self.assertNotInOutput(out, " APPEND_SLASH = True")
@@ -2233,12 +2229,7 @@ class DiffSettings(AdminScriptTestCase):
self.assertNoOutput(err)
self.assertOutput(out, " APPEND_SLASH = True")
self.assertOutput(out, "+ FOO = 'bar'")
- self.assertOutput(out, "- INSTALLED_APPS = []")
- self.assertOutput(
- out,
- "+ INSTALLED_APPS = ['django.contrib.auth', 'django.contrib.contenttypes', 'admin_scripts']"
- )
- self.assertOutput(out, "+ SECRET_KEY = 'django_tests_secret_key'")
+ self.assertOutput(out, "- SECRET_KEY = ''")
class Dumpdata(AdminScriptTestCase):
diff --git a/tests/settings_tests/tests.py b/tests/settings_tests/tests.py
index 53a9ea98f6..383345494d 100644
--- a/tests/settings_tests/tests.py
+++ b/tests/settings_tests/tests.py
@@ -291,20 +291,8 @@ class SettingsTests(SimpleTestCase):
def test_no_secret_key(self):
settings_module = ModuleType('fake_settings_module')
sys.modules['fake_settings_module'] = settings_module
- msg = 'The SECRET_KEY setting must be set.'
+ msg = 'The SECRET_KEY setting must not be empty.'
try:
- settings = Settings('fake_settings_module')
- with self.assertRaisesMessage(ImproperlyConfigured, msg):
- settings.SECRET_KEY
- finally:
- del sys.modules['fake_settings_module']
-
- def test_secret_key_empty_string(self):
- settings_module = ModuleType('fake_settings_module')
- settings_module.SECRET_KEY = ''
- sys.modules['fake_settings_module'] = settings_module
- try:
- msg = 'The SECRET_KEY setting must not be empty.'
with self.assertRaisesMessage(ImproperlyConfigured, msg):
Settings('fake_settings_module')
finally: