From 939e03176059f17df576bbc5d1cc72db9fa14b1b Mon Sep 17 00:00:00 2001 From: Matt Westcott Date: Fri, 3 Aug 2018 21:19:42 +0100 Subject: [PATCH] Fix passwordless user creation tests for Django 2.1 and clarify WAGTAILUSERS_PASSWORD_REQUIRED docs The behaviour of `has_usable_password` has changed in Django 2.1, such that `None` is no longer considered a 'non-usable' password: https://docs.djangoproject.com/en/2.1/ref/contrib/auth/#django.contrib.auth.models.User.has_usable_password As a consequence of the fix applied in Django https://code.djangoproject.com/ticket/28718 , Wagtail users created without a password will now be able to complete the password reset process to gain access to Wagtail. Sites that do not want this behaviour (e.g. because those users should be using an LDAP login instead) should disable password changes via WAGTAIL_PASSWORD_MANAGEMENT_ENABLED and WAGTAIL_PASSWORD_RESET_ENABLED. --- docs/advanced_topics/settings.rst | 2 +- wagtail/users/tests.py | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/advanced_topics/settings.rst b/docs/advanced_topics/settings.rst index 59f6a2dc67..9b185086d0 100644 --- a/docs/advanced_topics/settings.rst +++ b/docs/advanced_topics/settings.rst @@ -288,7 +288,7 @@ This specifies whether password fields are shown when creating or editing users WAGTAILUSERS_PASSWORD_REQUIRED = True -This specifies whether password is a required field when creating a new user. True by default; ignored if ``WAGTAILUSERS_PASSWORD_ENABLED`` is false. If this is set to False, and the password field is left blank when creating a user, then that user will have no usable password, and will not be able to log in unless an alternative authentication system such as LDAP is set up. +This specifies whether password is a required field when creating a new user. True by default; ignored if ``WAGTAILUSERS_PASSWORD_ENABLED`` is false. If this is set to False, and the password field is left blank when creating a user, then that user will have no usable password; in order to log in, they will have to reset their password (if ``WAGTAIL_PASSWORD_RESET_ENABLED`` is True) or use an alternative authentication system such as LDAP (if one is set up). .. _email_notifications: diff --git a/wagtail/users/tests.py b/wagtail/users/tests.py index 2b9565ae3c..06c1a18fc3 100644 --- a/wagtail/users/tests.py +++ b/wagtail/users/tests.py @@ -287,7 +287,7 @@ class TestUserCreateView(TestCase, WagtailTestUtils): users = get_user_model().objects.filter(username='testuser') self.assertEqual(users.count(), 1) self.assertEqual(users.first().email, 'test@user.com') - self.assertFalse(users.first().has_usable_password()) + self.assertEqual(users.first().password, '') @override_settings(WAGTAILUSERS_PASSWORD_REQUIRED=False) def test_optional_password_is_still_validated(self): @@ -330,7 +330,6 @@ class TestUserCreateView(TestCase, WagtailTestUtils): users = get_user_model().objects.filter(username='testuser') self.assertEqual(users.count(), 1) self.assertEqual(users.first().email, 'test@user.com') - self.assertTrue(users.first().has_usable_password()) self.assertTrue(users.first().check_password('banana')) @override_settings(WAGTAILUSERS_PASSWORD_ENABLED=False) @@ -344,7 +343,7 @@ class TestUserCreateView(TestCase, WagtailTestUtils): @override_settings(WAGTAILUSERS_PASSWORD_ENABLED=False) def test_password_fields_ignored_when_disabled(self): - """When WAGTAILUSERS_PASSWORD_REQUIRED is False, users should always be created without a usable password""" + """When WAGTAILUSERS_PASSWORD_ENABLED is False, users should always be created without a usable password""" response = self.post({ 'username': "testuser", 'email': "test@user.com", @@ -361,7 +360,7 @@ class TestUserCreateView(TestCase, WagtailTestUtils): users = get_user_model().objects.filter(username='testuser') self.assertEqual(users.count(), 1) self.assertEqual(users.first().email, 'test@user.com') - self.assertFalse(users.first().has_usable_password()) + self.assertEqual(users.first().password, '') def test_before_create_user_hook(self): def hook_func(request):