From 7339f43c718008394cf5c5119994f956e27bce70 Mon Sep 17 00:00:00 2001
From: Aymeric Augustin <aymeric.augustin@m4x.org>
Date: Sun, 9 Mar 2014 20:29:00 +0100
Subject: [PATCH] Prevented admin from importing auth.User.

Since we don't enforce order between apps, root packages of contrib apps
cannot import models from unrelated apps.

Fix #22005, refs #21719.
---
 django/contrib/admin/sites.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py
index 90f160d450..efac3c7521 100644
--- a/django/contrib/admin/sites.py
+++ b/django/contrib/admin/sites.py
@@ -2,7 +2,6 @@ from functools import update_wrapper
 from django.http import Http404, HttpResponseRedirect
 from django.contrib.admin import ModelAdmin, actions
 from django.contrib.auth import REDIRECT_FIELD_NAME
-from django.contrib.auth.views import redirect_to_login
 from django.views.decorators.csrf import csrf_protect
 from django.db.models.base import ModelBase
 from django.apps import apps
@@ -195,6 +194,9 @@ class AdminSite(object):
                 if request.path == reverse('admin:logout', current_app=self.name):
                     index_path = reverse('admin:index', current_app=self.name)
                     return HttpResponseRedirect(index_path)
+                # Inner import to prevent django.contrib.admin (app) from
+                # importing django.contrib.auth.models.User (unrelated model).
+                from django.contrib.auth.views import redirect_to_login
                 return redirect_to_login(
                     request.get_full_path(),
                     reverse('admin:login', current_app=self.name)