From c5a19642574e81ee5c0871fdbaecb42c7cf8a669 Mon Sep 17 00:00:00 2001 From: "hasnain.naveed" Date: Fri, 10 Jan 2020 14:44:02 +0500 Subject: [PATCH] ENT-2511 | Disabled the admin panel's login page. --- lms/urls.py | 4 ++++ openedx/core/djangoapps/user_authn/views/login.py | 13 +++++++++++++ openedx/core/tests/test_admin_view.py | 7 +++++++ 3 files changed, 24 insertions(+) diff --git a/lms/urls.py b/lms/urls.py index 885262dc9a..bfa76fa269 100644 --- a/lms/urls.py +++ b/lms/urls.py @@ -43,6 +43,7 @@ from openedx.core.djangoapps.plugins import plugin_urls from openedx.core.djangoapps.programs.models import ProgramsApiConfig from openedx.core.djangoapps.self_paced.models import SelfPacedConfiguration from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers +from openedx.core.djangoapps.user_authn.views.login import redirect_to_lms_login from openedx.core.djangoapps.verified_track_content import views as verified_track_content_views from openedx.core.apidocs import schema_view from openedx.features.enterprise_support.api import enterprise_enabled @@ -772,6 +773,9 @@ if settings.DEBUG or settings.FEATURES.get('ENABLE_DJANGO_ADMIN_SITE'): # changes go through our user portal and follow complexity requirements. url(r'^admin/password_change/$', handler404), url(r'^admin/auth/user/\d+/password/$', handler404), + # We are enforcing users to login through third party auth in site's + # login page so we are disabling the admin panel's login page. + url(r'^admin/login/$', redirect_to_lms_login), url(r'^admin/', admin.site.urls), ] diff --git a/openedx/core/djangoapps/user_authn/views/login.py b/openedx/core/djangoapps/user_authn/views/login.py index de6bb2cdcb..c69e13660a 100644 --- a/openedx/core/djangoapps/user_authn/views/login.py +++ b/openedx/core/djangoapps/user_authn/views/login.py @@ -15,7 +15,9 @@ from django.contrib.auth import authenticate from django.contrib.auth import login as django_login from django.contrib.auth.decorators import login_required from django.contrib.auth.models import User +from django.contrib import admin from django.http import HttpRequest, HttpResponse +from django.shortcuts import redirect from django.urls import reverse from django.utils.decorators import method_decorator from django.utils.translation import ugettext as _ @@ -467,6 +469,17 @@ def login_refresh(request): return JsonResponse(error.get_response(), status=400) +def redirect_to_lms_login(request): + """ + This view redirect the admin/login url to the site's login page if + waffle switch is on otherwise returns the admin site's login view. + """ + if ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY.is_enabled(): + return redirect('/login?next=/admin') + else: + return admin.site.login(request) + + class LoginSessionView(APIView): """HTTP end-points for logging in users. """ diff --git a/openedx/core/tests/test_admin_view.py b/openedx/core/tests/test_admin_view.py index 247cdd9751..c1d45e6911 100644 --- a/openedx/core/tests/test_admin_view.py +++ b/openedx/core/tests/test_admin_view.py @@ -7,6 +7,7 @@ This is not inside a django app because it is a global property of the system. from django.test import TestCase, Client from django.urls import reverse from student.tests.factories import UserFactory, TEST_PASSWORD +from openedx.core.djangoapps.user_authn.views.login import ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY class TestAdminView(TestCase): @@ -34,3 +35,9 @@ class TestAdminView(TestCase): self.client.login(username=student.username, password=TEST_PASSWORD) response = self.client.get(reverse('admin:index')) assert response.status_code == 302 + + def test_admin_login_redirect(self): + with ENABLE_LOGIN_USING_THIRDPARTY_AUTH_ONLY.override(True): + response = self.client.get(reverse('admin:login')) + assert response.url == '/login?next=/admin' + assert response.status_code == 302