Merged the newforms-admin branch into trunk.

This is a backward incompatible change. The admin contrib app has been
refactored. The newforms module has several improvements including FormSets
and Media definitions.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@7967 bcc190cf-cafb-0310-a4f2-bffc1f526a37

1 files changed, 61 insertions, 30 deletions

diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py
index 524710327a..0a52240631 100644
--- a/django/contrib/auth/views.py
+++ b/django/contrib/auth/views.py
@@ -1,42 +1,42 @@
-from django import oldforms
 from django.contrib.auth import REDIRECT_FIELD_NAME
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth.forms import AuthenticationForm
-from django.contrib.auth.forms import PasswordResetForm, PasswordChangeForm
+from django.contrib.auth.forms import PasswordResetForm, PasswordChangeForm, AdminPasswordChangeForm
+from django.core.exceptions import PermissionDenied
+from django.shortcuts import render_to_response, get_object_or_404
 from django.contrib.sites.models import Site, RequestSite
 from django.http import HttpResponseRedirect
-from django.shortcuts import render_to_response
 from django.template import RequestContext
 from django.utils.http import urlquote
+from django.utils.html import escape
 from django.utils.translation import ugettext as _
+from django.contrib.auth.models import User
+import re
 
 def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
     "Displays the login form and handles the login action."
-    manipulator = AuthenticationForm()
     redirect_to = request.REQUEST.get(redirect_field_name, '')
-    if request.POST:
-        errors = manipulator.get_validation_errors(request.POST)
-        if not errors:
+    if request.method == "POST":
+        form = AuthenticationForm(data=request.POST)
+        if form.is_valid():
             # Light security check -- make sure redirect_to isn't garbage.
             if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
                 from django.conf import settings
                 redirect_to = settings.LOGIN_REDIRECT_URL
             from django.contrib.auth import login
-            login(request, manipulator.get_user())
+            login(request, form.get_user())
             if request.session.test_cookie_worked():
                 request.session.delete_test_cookie()
             return HttpResponseRedirect(redirect_to)
     else:
-        errors = {}
+        form = AuthenticationForm(request)
     request.session.set_test_cookie()
-
     if Site._meta.installed:
         current_site = Site.objects.get_current()
     else:
         current_site = RequestSite(request)
-
     return render_to_response(template_name, {
-        'form': oldforms.FormWrapper(manipulator, request.POST, errors),
+        'form': form,
         redirect_field_name: redirect_to,
         'site_name': current_site.name,
     }, context_instance=RequestContext(request))
@@ -66,13 +66,11 @@ def redirect_to_login(next, login_url=None, redirect_field_name=REDIRECT_FIELD_N
     return HttpResponseRedirect('%s?%s=%s' % (login_url, urlquote(redirect_field_name), urlquote(next)))
 
 def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html',
-        email_template_name='registration/password_reset_email.html'):
-    new_data, errors = {}, {}
-    form = PasswordResetForm()
-    if request.POST:
-        new_data = request.POST.copy()
-        errors = form.get_validation_errors(new_data)
-        if not errors:
+        email_template_name='registration/password_reset_email.html',
+        password_reset_form=PasswordResetForm):
+    if request.method == "POST":
+        form = password_reset_form(request.POST)
+        if form.is_valid():
             if is_admin_site:
                 form.save(domain_override=request.META['HTTP_HOST'])
             else:
@@ -81,24 +79,57 @@ def password_reset(request, is_admin_site=False, template_name='registration/pas
                 else:
                     form.save(domain_override=RequestSite(request).domain, email_template_name=email_template_name)
             return HttpResponseRedirect('%sdone/' % request.path)
-    return render_to_response(template_name, {'form': oldforms.FormWrapper(form, new_data, errors)},
-        context_instance=RequestContext(request))
+    else:
+        form = password_reset_form()
+    return render_to_response(template_name, {
+        'form': form,
+    }, context_instance=RequestContext(request))
 
 def password_reset_done(request, template_name='registration/password_reset_done.html'):
     return render_to_response(template_name, context_instance=RequestContext(request))
 
 def password_change(request, template_name='registration/password_change_form.html'):
-    new_data, errors = {}, {}
-    form = PasswordChangeForm(request.user)
-    if request.POST:
-        new_data = request.POST.copy()
-        errors = form.get_validation_errors(new_data)
-        if not errors:
-            form.save(new_data)
+    if request.method == "POST":
+        form = PasswordChangeForm(request.user, request.POST)
+        if form.is_valid():
+            form.save()
             return HttpResponseRedirect('%sdone/' % request.path)
-    return render_to_response(template_name, {'form': oldforms.FormWrapper(form, new_data, errors)},
-        context_instance=RequestContext(request))
+    else:
+        form = PasswordChangeForm(request.user)
+    return render_to_response(template_name, {
+        'form': form,
+    }, context_instance=RequestContext(request))
 password_change = login_required(password_change)
 
 def password_change_done(request, template_name='registration/password_change_done.html'):
     return render_to_response(template_name, context_instance=RequestContext(request))
+
+# TODO: move to admin.py in the ModelAdmin
+def user_change_password(request, id):
+    if not request.user.has_perm('auth.change_user'):
+        raise PermissionDenied
+    user = get_object_or_404(User, pk=id)
+    if request.method == 'POST':
+        form = AdminPasswordChangeForm(user, request.POST)
+        if form.is_valid():
+            new_user = form.save()
+            msg = _('Password changed successfully.')
+            request.user.message_set.create(message=msg)
+            return HttpResponseRedirect('..')
+    else:
+        form = AdminPasswordChangeForm(user)
+    return render_to_response('admin/auth/user/change_password.html', {
+        'title': _('Change password: %s') % escape(user.username),
+        'form': form,
+        'is_popup': '_popup' in request.REQUEST,
+        'add': True,
+        'change': False,
+        'has_delete_permission': False,
+        'has_change_permission': True,
+        'has_absolute_url': False,
+        'opts': User._meta,
+        'original': user,
+        'save_as': False,
+        'show_save': True,
+        'root_path': re.sub('auth/user/(\d+)/password/$', '', request.path),
+    }, context_instance=RequestContext(request))