search

carlxaeron / django-rosetta

Automatically exported from code.google.com/p/django-rosetta
MIT License
0 stars 0 forks source link

Redirecting to /admin/ when not logged #48

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Configure your admin by an url not starting with '/admin/'
2. Try to access to rosetta when not connected

What is the expected output? What do you see instead?
We should be redirected to admin logging page, instead it shows a 404 error 
page.

Original issue reported on code.google.com by timothee...@gmail.com on 5 Jul 2009 at 9:14

GoogleCodeExporter commented 8 years ago 
This is a patch that fix it by using settings.LOGIN_URL

Original comment by timothee...@gmail.com on 7 Jul 2009 at 6:21

Attachments:

GoogleCodeExporter commented 8 years ago 
Timothée, salut, thank you for your feedback.

I have a problem with using settings.LOGIN_URL because the default value 
exported by Django isn't very 
reliable (i.e. nothing forces the developer to actually implement and use that 
URL)

I've considered using AdminSite reversing ( 
http://docs.djangoproject.com/en/dev/ref/contrib/admin/#reversing-admin-urls ) 
but this isn't reliably 
applicable across the different Django versions Rosetta is supposed to support, 
and has some pretty obscure 
requirements (see: 
http://stackoverflow.com/questions/694477/getting-django-admin-url-for-an-object
 ).

So, short of testing whether the URL defined in settings.LOGIN_URL actually 
exists and falling back to 
"/admin/" if the former fails, I see no simple way of fixing this. 

Any suggestions are welcome!

Original comment by mbonetti on 10 Jul 2009 at 9:51

GoogleCodeExporter commented 8 years ago 
Okay, this is fixed as of r68 but I'm not particularly fond of how it was done.

Original comment by mbonetti on 11 Jul 2009 at 7:39

GoogleCodeExporter commented 8 years ago 
The best way might be to don't pass any login_url to user_passes_test, since 
hardcoding 'admin' or checking if it 
resolve is a bit hackish.
I don't think that LOGIN_URL reliability is an issue since : it's the default 
fallback for django auth decorators, it's 
easily configurable and even people still using 0.96 can override it easily too.
And even if bad developers don't implement or use it, at least it's 
configurable, quite elegant and it shows them 
how to code better ;)
Bon dimanche! (Ah, si j'étais à Montreux le 18 ...)

Original comment by timothee...@gmail.com on 11 Jul 2009 at 8:44

Attachments: