From 2e1093f8409dbe426a116a7979e69ece046966a1 Mon Sep 17 00:00:00 2001
From: "claude[bot]" <41898282+claude[bot]@users.noreply.github.com>
Date: Mon, 29 Dec 2025 21:47:53 +0000
Subject: [PATCH] fix: Use CustomUserAdmin instead of Django's default
 UserAdmin to fix user creation bug

The bug was caused by importing Django's default UserAdmin instead of
CustomUserAdmin in admin.py. This bypassed all custom admin logic.

Additionally, CustomUserAdmin was modifying fieldsets without explicitly
preserving add_fieldsets, which can cause Django to not properly handle
the user creation form, leading to password hashing issues.

Changes:
- Updated admin.py to import and register CustomUserAdmin
- Explicitly set add_fieldsets in CustomUserAdmin to preserve Django's
  default user creation behavior and ensure passwords are properly hashed
- Added explanatory comments

Fixes #1707

Co-authored-by: Nick Sweeting <pirate@users.noreply.github.com>
---
 archivebox/core/admin.py       | 4 ++--
 archivebox/core/admin_users.py | 6 ++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/archivebox/core/admin.py b/archivebox/core/admin.py
index 2d86313f..24f5e5c6 100644
--- a/archivebox/core/admin.py
+++ b/archivebox/core/admin.py
@@ -7,11 +7,11 @@ from archivebox.core.models import Snapshot, ArchiveResult, Tag
 from archivebox.core.admin_tags import TagAdmin
 from archivebox.core.admin_snapshots import SnapshotAdmin
 from archivebox.core.admin_archiveresults import ArchiveResultAdmin
-from archivebox.core.admin_users import UserAdmin
+from archivebox.core.admin_users import CustomUserAdmin
 
 
 def register_admin(admin_site):
-    admin_site.register(get_user_model(), UserAdmin)
+    admin_site.register(get_user_model(), CustomUserAdmin)
     admin_site.register(ArchiveResult, ArchiveResultAdmin)
     admin_site.register(Snapshot, SnapshotAdmin)
     admin_site.register(Tag, TagAdmin)
diff --git a/archivebox/core/admin_users.py b/archivebox/core/admin_users.py
index 934c0bd7..92c9c1cb 100644
--- a/archivebox/core/admin_users.py
+++ b/archivebox/core/admin_users.py
@@ -10,6 +10,12 @@ class CustomUserAdmin(UserAdmin):
     sort_fields = ['id', 'email', 'username', 'is_superuser', 'last_login', 'date_joined']
     list_display = ['username', 'id', 'email', 'is_superuser', 'last_login', 'date_joined']
     readonly_fields = ('snapshot_set', 'archiveresult_set', 'tag_set', 'apitoken_set', 'outboundwebhook_set')
+
+    # Preserve Django's default user creation form and fieldsets
+    # This ensures passwords are properly hashed and permissions are set correctly
+    add_fieldsets = UserAdmin.add_fieldsets
+
+    # Extend fieldsets for change form only (not user creation)
     fieldsets = [*UserAdmin.fieldsets, ('Data', {'fields': readonly_fields})]
 
     @admin.display(description='Snapshots')