[Changeset] r10592 - django/branches/releases/1.0.X/django/contrib/auth

Sat, 18 Apr 2009 14:06:22 -0700 

Author: jacob
Date: 2009-04-18 16:06:19 -0500 (Sat, 18 Apr 2009)
New Revision: 10592

Modified:
   django/branches/releases/1.0.X/django/contrib/auth/admin.py
Log:
[1.0.X] Fixed #10694: correctly check permissions in the change password admin. 
Thanks, jturnbull. Backport of r10591 from trunk.

Modified: django/branches/releases/1.0.X/django/contrib/auth/admin.py
===================================================================
--- django/branches/releases/1.0.X/django/contrib/auth/admin.py 2009-04-18 
21:04:40 UTC (rev 10591)
+++ django/branches/releases/1.0.X/django/contrib/auth/admin.py 2009-04-18 
21:06:19 UTC (rev 10592)
@@ -90,7 +90,7 @@
         }, context_instance=template.RequestContext(request))
 
     def user_change_password(self, request, id):
-        if not request.user.has_perm('auth.change_user'):
+        if not self.has_change_permission(request):
             raise PermissionDenied
         user = get_object_or_404(self.model, pk=id)
         if request.method == 'POST':


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to