Fixed #24294 -- Allowed staff_member_required decorator to handle args.

django/contrib/admin/views/decorators.py

@@ -2,13 +2,17 @@ from django.contrib.auth import REDIRECT_FIELD_NAME
 from django.contrib.auth.decorators import user_passes_test
 
 
-def staff_member_required(view_func, redirect_field_name=REDIRECT_FIELD_NAME, login_url='admin:login'):
+def staff_member_required(view_func=None, redirect_field_name=REDIRECT_FIELD_NAME,
+                          login_url='admin:login'):
     """
     Decorator for views that checks that the user is logged in and is a staff
-    member, displaying the login page if necessary.
+    member, redirecting to the login page if necessary.
     """
-    return user_passes_test(
+    actual_decorator = user_passes_test(
         lambda u: u.is_active and u.is_staff,
         login_url=login_url,
         redirect_field_name=redirect_field_name
-    )(view_func)
+    )
+    if view_func:
+        return actual_decorator(view_func)
+    return actual_decorator

tests/admin_views/tests.py

@@ -2125,6 +2125,15 @@ class SecureViewTests(TestCase):
         self.assertTemplateUsed(response, 'admin/login.html')
         self.assertEqual(response.context[REDIRECT_FIELD_NAME], secure_url)
 
+    def test_staff_member_required_decorator_works_with_argument(self):
+        """
+        Ensure that staff_member_required decorator works with an argument
+        (redirect_field_name).
+        """
+        secure_url = '/test_admin/admin/secure-view2/'
+        response = self.client.get(secure_url)
+        self.assertRedirects(response, '%s?myfield=%s' % (reverse('admin:login'), secure_url))
+
 
 @override_settings(PASSWORD_HASHERS=['django.contrib.auth.hashers.SHA1PasswordHasher'],
     ROOT_URLCONF="admin_views.urls")

tests/admin_views/urls.py

@@ -5,6 +5,7 @@ from . import admin, custom_has_permission_admin, customadmin, views
 urlpatterns = [
     url(r'^test_admin/admin/doc/', include('django.contrib.admindocs.urls')),
     url(r'^test_admin/admin/secure-view/$', views.secure_view, name='secure_view'),
+    url(r'^test_admin/admin/secure-view2/$', views.secure_view2, name='secure_view2'),
     url(r'^test_admin/admin/', include(admin.site.urls)),
     url(r'^test_admin/admin2/', include(customadmin.site.urls)),
     url(r'^test_admin/admin3/', include(admin.site.get_urls(), 'admin3', 'admin'), dict(form_url='pony')),

tests/admin_views/views.py

@@ -5,3 +5,8 @@ from django.http import HttpResponse
 @staff_member_required
 def secure_view(request):
     return HttpResponse('%s' % request.POST)
+
+
+@staff_member_required(redirect_field_name='myfield')
+def secure_view2(request):
+    return HttpResponse('%s' % request.POST)