Make @superuser_required delegate to @login_required.

Review Request #12005 — Created Jan. 26, 2022 and submitted

david
Review Board
master
reviewboard

We had implemented our own login-required functionality inside the
@superuser_required decorator, but this didn't handle some of the API
changes that have happened upstream in Django. This change updates it so
that we just delegate to the built-in @login_required first.

  • Ran unit tests.
  • Tested that accessing various admin pages (DB, siteconfig forms) when
    logged out correctly redirected to the login form, and then back to
    the expected page.
Summary
Make @superuser_required delegate to @login_required.
Description From Last Updated

Can you check on the login experience now with the admin UI, by going to both a database page and …

chipx86chipx86
chipx86
  1. 
      
  2. Can you check on the login experience now with the admin UI, by going to both a database page and something more under our control (say, extensions list) as an anonymous user? I want to make sure everything is identical and points to our login page.

    Can you also turn on an auth backend that customizes the login form in some way and verify that those customizations are reflected?

    1. I'm not sure how customized login forms would matter. @login_required just redirects to the login URL.

  3. 
      
david
chipx86
  1. Ship It!
  2. 
      
david
Review request changed

Status: Closed (submitted)

Change Summary:

Pushed to django-3.2 (c009ead)
Loading...