search

PiRSquared17 / app-engine-patch

Automatically exported from code.google.com/p/app-engine-patch
0 stars 0 forks source link

Staff status getting wiped out on login in Google Authentication #229

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Use Google based authentication. Keep default setting 
AUTH_ADMIN_USER_AS_SUPERUSER = False.
2. Now login as admin and from Admin site, create a non-admin user and 
assign him staff status (mark checked).
3. Login as non-admin user. You will observe in Admin site that his staff 
status is unchecked.

What is the expected output? What do you see instead?
The staff status should have been checked.

What version of the product are you using? On what operating system?
1.0.2.2. Windows Vista.

Please provide any additional information below.
The problem is due to appenginepatch/ragendja/auth/google_models.py:
if getattr(settings, 'AUTH_ADMIN_USER_AS_SUPERUSER', True):
                is_admin = users.is_current_user_admin()
                if django_user.is_staff != is_admin or \
                        django_user.is_superuser != is_admin:
                    django_user.is_superuser = django_user.is_staff = 
is_admin
                    django_user.put()
The inner if should be:
if is_admin and \
     (django_user.is_staff != is_admin or \
      django_user.is_superuser != is_admin):

For now I have workaround the issue by setting AUTH_ADMIN_USER_AS_SUPERUSER 
= False after creating one superadmin.

Original issue reported on code.google.com by careerpi...@gmail.com on 10 Oct 2009 at 5:58

GoogleCodeExporter commented 9 years ago 
Correction:
What steps will reproduce the problem?
1. Use Google based authentication. Keep default setting 
AUTH_ADMIN_USER_AS_SUPERUSER = True. (Not False as mentioned)

Original comment by careerpi...@gmail.com on 10 Oct 2009 at 5:59