diff --git a/django/contrib/admin/views/decorators.py b/django/contrib/admin/views/decorators.py index f58375f283..f14570c24d 100644 --- a/django/contrib/admin/views/decorators.py +++ b/django/contrib/admin/views/decorators.py @@ -2,13 +2,17 @@ from django.contrib.auth import REDIRECT_FIELD_NAME from django.contrib.auth.decorators import user_passes_test -def staff_member_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='admin:login'): +def staff_member_required(view_func=None, redirect_field_name=REDIRECT_FIELD_NAME, + login_url='admin:login'): """ Decorator for views that checks that the user is logged in and is a staff - member, displaying the login page if necessary. + member, redirecting to the login page if necessary. """ - return user_passes_test( + actual_decorator = user_passes_test( lambda u: u.is_active and u.is_staff, login_url=login_url, redirect_field_name=redirect_field_name - )(view_func) + ) + if view_func: + return actual_decorator(view_func) + return actual_decorator diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py index d57a321951..5ec7bc0de2 100644 --- a/tests/admin_views/tests.py +++ b/tests/admin_views/tests.py @@ -2125,6 +2125,15 @@ class SecureViewTests(TestCase): self.assertTemplateUsed(response, 'admin/login.html') self.assertEqual(response.context[REDIRECT_FIELD_NAME], secure_url) + def test_staff_member_required_decorator_works_with_argument(self): + """ + Ensure that staff_member_required decorator works with an argument + (redirect_field_name). + """ + secure_url = '/test_admin/admin/secure-view2/' + response = self.client.get(secure_url) + self.assertRedirects(response, '%s?myfield=%s' % (reverse('admin:login'), secure_url)) + @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher'], ROOT_URLCONF="admin_views.urls") diff --git a/tests/admin_views/urls.py b/tests/admin_views/urls.py index ba6a89424b..679ae916af 100644 --- a/tests/admin_views/urls.py +++ b/tests/admin_views/urls.py @@ -5,6 +5,7 @@ from . import admin, custom_has_permission_admin, customadmin, views urlpatterns = [ url(r'^test_admin/admin/doc/', include('django.contrib.admindocs.urls')), url(r'^test_admin/admin/secure-view/$', views.secure_view, name='secure_view'), + url(r'^test_admin/admin/secure-view2/$', views.secure_view2, name='secure_view2'), url(r'^test_admin/admin/', include(admin.site.urls)), url(r'^test_admin/admin2/', include(customadmin.site.urls)), url(r'^test_admin/admin3/', include(admin.site.get_urls(), 'admin3', 'admin'), dict(form_url='pony')), diff --git a/tests/admin_views/views.py b/tests/admin_views/views.py index cfae496aba..2cda42fe54 100644 --- a/tests/admin_views/views.py +++ b/tests/admin_views/views.py @@ -5,3 +5,8 @@ from django.http import HttpResponse @staff_member_required def secure_view(request): return HttpResponse('%s' % request.POST) + + +@staff_member_required(redirect_field_name='myfield') +def secure_view2(request): + return HttpResponse('%s' % request.POST)