summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--AUTHORS1
-rw-r--r--django/contrib/admin/sites.py8
-rw-r--r--docs/releases/1.8.9.txt3
-rw-r--r--tests/admin_views/tests.py10
4 files changed, 15 insertions, 7 deletions
diff --git a/AUTHORS b/AUTHORS
index 06d9882df1..1a355d6283 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -611,6 +611,7 @@ answer newbie questions, and generally made Django that much better:
schwank@gmail.com
Scot Hacker <shacker@birdhouse.org>
Scott Barr <scott@divisionbyzero.com.au>
+ Scott Pashley <github@scottpashley.co.uk>
scott@staplefish.com
Sean Brant
Sebastian Hillig <sebastian.hillig@gmail.com>
diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py
index af408806ae..e08b9326ba 100644
--- a/django/contrib/admin/sites.py
+++ b/django/contrib/admin/sites.py
@@ -355,7 +355,13 @@ class AdminSite(object):
from django.contrib.auth.views import logout
defaults = {
'current_app': self.name,
- 'extra_context': dict(self.each_context(request), **(extra_context or {})),
+ 'extra_context': dict(
+ self.each_context(request),
+ # Since the user isn't logged out at this point, the value of
+ # has_permission must be overridden.
+ has_permission=False,
+ **(extra_context or {})
+ ),
}
if self.logout_template is not None:
defaults['template_name'] = self.logout_template
diff --git a/docs/releases/1.8.9.txt b/docs/releases/1.8.9.txt
index d5735fc0d4..be3b719b1e 100644
--- a/docs/releases/1.8.9.txt
+++ b/docs/releases/1.8.9.txt
@@ -9,4 +9,5 @@ Django 1.8.9 fixes several bugs in 1.8.8.
Bugfixes
========
-* ...
+* Fixed a regression that caused the "user-tools" items to display on the
+ admin's logout page (:ticket:`26035`).
diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py
index a64e4d76d9..881ef51d56 100644
--- a/tests/admin_views/tests.py
+++ b/tests/admin_views/tests.py
@@ -4832,19 +4832,19 @@ class AdminCustomSaveRelatedTests(TestCase):
@override_settings(PASSWORD_HASHERS=('django.contrib.auth.hashers.SHA1PasswordHasher',),
ROOT_URLCONF="admin_views.urls")
-class AdminViewLogoutTest(TestCase):
+class AdminViewLogoutTests(TestCase):
fixtures = ['admin-views-users.xml']
- def setUp(self):
+ def test_logout(self):
self.client.login(username='super', password='secret')
-
- def test_client_logout_url_can_be_used_to_login(self):
response = self.client.get(reverse('admin:logout'))
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'registration/logged_out.html')
self.assertEqual(response.request['PATH_INFO'], reverse('admin:logout'))
+ self.assertFalse(response.context['has_permission'])
+ self.assertNotContains(response, 'user-tools') # user-tools div shouldn't visible.
- # we are now logged out
+ def test_client_logout_url_can_be_used_to_login(self):
response = self.client.get(reverse('admin:logout'))
self.assertEqual(response.status_code, 302) # we should be redirected to the login page.