Fix build

misago/admin/middleware.py

@@ -4,7 +4,7 @@ from django.utils.deprecation import MiddlewareMixin
 from .auth import (
     is_admin_authorized,
     remove_admin_authorization,
-    update_admin_authorization
+    update_admin_authorization,
 )
 from .views import get_protected_namespace
 from .views.auth import login

misago/admin/tests/test_auth.py

@@ -47,18 +47,14 @@ def test_anonymous_user_admin_authorization_is_never_valid(user, anonymous_user)
     assert not is_admin_authorized(request)
 
 
-def test_superuser_without_staff_flag_admin_authorization_is_never_valid(
-    staffuser
-):
+def test_superuser_without_staff_flag_admin_authorization_is_never_valid(staffuser):
     request = Mock(session={}, user=staffuser)
     authorize_admin(request)
     request.user.is_staff = False
     assert not is_admin_authorized(request)
 
 
-def test_admin_authorization_is_invalidated_by_user_pk_change(
-    admin_request, superuser
-):
+def test_admin_authorization_is_invalidated_by_user_pk_change(admin_request, superuser):
     admin_request.user.pk = superuser.pk + 1
     assert not is_admin_authorized(admin_request)
 
@@ -112,4 +108,4 @@ def test_removing_authorization_removes_autorization_from_request_session(
 def test_removing_authorization_invalidates_autorization(admin_request):
     admin_request.session[UPDATED_KEY] = 0
     remove_admin_authorization(admin_request)
-    assert not is_admin_authorized(admin_request)
+    assert not is_admin_authorized(admin_request)

misago/admin/tests/test_login_to_admin.py

@@ -60,4 +60,4 @@ def test_login_form_redirects_user_to_admin_index_after_successful_login(
     response = client.post(
         admin_link, {"username": staffuser.username, "password": user_password}
     )
-    assert response["location"] == admin_link
+    assert response["location"] == admin_link

misago/admin/tests/test_logout_from_admin.py

@@ -9,9 +9,7 @@ site_logout_link = reverse("misago:logout")
 site_link = reverse("misago:index")
 
 
-def test_admin_can_logout_from_admin_site_but_stay_logged(
-    admin_client, superuser
-):
+def test_admin_can_logout_from_admin_site_but_stay_logged(admin_client, superuser):
     response = admin_client.post(admin_logout_link)
     assert response.wsgi_request.user == superuser
     assert not is_admin_authorized(response.wsgi_request)

misago/admin/tests/test_protected_urls_detection.py

@@ -46,4 +46,4 @@ def test_request_to_site_subpath_url_is_not_protected():
 
 def test_request_to_site_non_reversable_url_is_not_protected():
     request = Mock(path=site_url + "somewhere-custom/")
-    assert get_protected_namespace(request) is None
+    assert get_protected_namespace(request) is None

misago/test.py

@@ -1,4 +1,4 @@
 def assert_contains(response, string, status_code=200):
     assert response.status_code == status_code
     fail_message = f'"{string}" not found in response.content'
-    assert string in response.content.decode("utf-8"), fail_message
+    assert string in response.content.decode("utf-8"), fail_message

misago/users/views/admin/users.py

@@ -304,14 +304,8 @@ class EditUser(UserAdmin, generic.ModelFormView):
         if form.cleaned_data.get("new_password"):
             target.set_password(form.cleaned_data["new_password"])
 
-            if target.pk == request.user.pk:
-                authorize_admin(request, target)
-                update_session_auth_hash(request, target)
-
         if form.cleaned_data.get("email"):
             target.set_email(form.cleaned_data["email"])
-            if target.pk == request.user.pk:
-                authorize_admin(request, target)
 
         if form.cleaned_data.get("is_avatar_locked"):
             if not target.old_is_avatar_locked:
@@ -342,6 +336,10 @@ class EditUser(UserAdmin, generic.ModelFormView):
         target.update_acl_key()
         target.save()
 
+        if target.pk == request.user.pk:
+            authorize_admin(request)
+            update_session_auth_hash(request, target)
+
         messages.success(request, self.message_submit % {"user": target.username})