[soc2009/admin-ui] The Kaplan-Moss commandeth that thou shalt not allow any ol' anonymous user to make arbitrary queries. And so it was done.

git-svn-id: http://code.djangoproject.com/svn/django/branches/soc2009/admin-ui@11411 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Author: zain

django/contrib/admin/views/autocomplete.py

@@ -4,6 +4,7 @@
 from django.utils.encoding import smart_str
 from django.http import HttpResponse, HttpResponseNotFound
 from django.conf import settings
+from django.contrib.admin.views import staff_member_required
 
 def foreignkey_autocomplete(request, related_string_functions=None):
     """
@@ -55,4 +56,5 @@ def construct_search(field_name):
             else:
                 data = to_string_function(obj)
         return HttpResponse(data)
-    return HttpResponseNotFound()
+    return HttpResponseNotFound()
+foreignkey_autocomplete = staff_member_required(foreignkey_autocomplete)