diff options
| author | Timo Ludwig <ti.ludwig@web.de> | 2020-12-02 11:23:52 +0100 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2020-12-03 09:32:08 +0100 |
| commit | d8dfff2ab0edf7a1ca5255eccf45c447b2f9d57e (patch) | |
| tree | c2c495e141f168692e81f8deac03e8e30384e311 /docs | |
| parent | d746f28949c009251a8741ba03d156964050717f (diff) | |
Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/3.2.txt | 5 | ||||
| -rw-r--r-- | docs/topics/auth/customizing.txt | 15 |
2 files changed, 13 insertions, 7 deletions
diff --git a/docs/releases/3.2.txt b/docs/releases/3.2.txt index 7d374da0a7..2ab8546026 100644 --- a/docs/releases/3.2.txt +++ b/docs/releases/3.2.txt @@ -625,6 +625,11 @@ Miscellaneous using :option:`makemessages --locale` option, when they contain hyphens (``'-'``). +* The ``django.contrib.auth.forms.ReadOnlyPasswordHashField`` form field is now + :attr:`~django.forms.Field.disabled` by default. Therefore + ``UserChangeForm.clean_password()`` is no longer required to return the + initial value. + .. _deprecated-features-3.2: Features deprecated in 3.2 diff --git a/docs/topics/auth/customizing.txt b/docs/topics/auth/customizing.txt index 6ab8305468..8314d9f171 100644 --- a/docs/topics/auth/customizing.txt +++ b/docs/topics/auth/customizing.txt @@ -1129,7 +1129,7 @@ code would be required in the app's ``admin.py`` file:: class UserChangeForm(forms.ModelForm): """A form for updating users. Includes all the fields on the user, but replaces the password field with admin's - password hash display field. + disabled password hash display field. """ password = ReadOnlyPasswordHashField() @@ -1137,12 +1137,6 @@ code would be required in the app's ``admin.py`` file:: model = MyUser fields = ('email', 'password', 'date_of_birth', 'is_active', 'is_admin') - def clean_password(self): - # Regardless of what the user provides, return the initial value. - # This is done here, rather than on the field, because the - # field does not have access to the initial value - return self.initial["password"] - class UserAdmin(BaseUserAdmin): # The forms to add and change user instances @@ -1182,3 +1176,10 @@ Finally, specify the custom model as the default user model for your project using the :setting:`AUTH_USER_MODEL` setting in your ``settings.py``:: AUTH_USER_MODEL = 'customauth.MyUser' + +.. versionchanged:: 3.2 + + In older versions, ``ReadOnlyPasswordHashField`` is not + :attr:`~django.forms.Field.disabled` by default and + ``UserChangeForm.clean_password()`` is required to return the initial + value, whatever the user provides. |
