p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[1.0.X] Fixed #9252 -- Moved the try/except protecting against incorrect lookup params to where the error is now raised, and added a test for this case. 

Backport of [9245] from trunk.


git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@9246 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Karen Tracey 2008-10-22 23:14:48 +00:00
parent d7ebda8d08
commit 74997f95de
2 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
django/contrib/admin/views/main.py
View File

@ -99,14 +99,7 @@ class ChangeList(object):
def get_results(self, request): def get_results(self, request):
paginator = Paginator(self.query_set, self.list_per_page) paginator = Paginator(self.query_set, self.list_per_page)
# Get the number of objects, with admin filters applied. # Get the number of objects, with admin filters applied.
try: result_count = paginator.count
result_count = paginator.count
# Naked except! Because we don't have any other way of validating
# "params". They might be invalid if the keyword arguments are
# incorrect, or if the values are not in the correct type (which would
# result in a database error).
except:
raise IncorrectLookupParameters
# Get the total number of objects, with no admin filters applied. # Get the total number of objects, with no admin filters applied.
# Perform a slight optimization: Check to see whether any filters were # Perform a slight optimization: Check to see whether any filters were
@ -192,7 +185,15 @@ class ChangeList(object):
lookup_params[key] = value.split(',') lookup_params[key] = value.split(',')
# Apply lookup parameters from the query string. # Apply lookup parameters from the query string.
qs = qs.filter(**lookup_params) try:
qs = qs.filter(**lookup_params)
# Naked except! Because we don't have any other way of validating "params".
# They might be invalid if the keyword arguments are incorrect, or if the
# values are not in the correct type, so we might get FieldError, ValueError,
# ValicationError, or ? from a custom field that raises yet something else
# when handed impossible data.
except:
raise IncorrectLookupParameters
# Use select_related() if one of the list_display options is a field # Use select_related() if one of the list_display options is a field
# with a relationship. # with a relationship.

9
tests/regressiontests/admin_views/tests.py
View File

@ -160,7 +160,14 @@ class AdminViewBasicTest(TestCase):
'<a href="?color__id__exact=3">Blue</a>' in response.content, '<a href="?color__id__exact=3">Blue</a>' in response.content,
"Changelist filter not correctly limited by limit_choices_to." "Changelist filter not correctly limited by limit_choices_to."
) )
def testIncorrectLookupParameters(self):
"""Ensure incorrect lookup parameters are handled gracefully."""
response = self.client.get('/test_admin/admin/admin_views/thing/', {'notarealfield': '5'})
self.assertRedirects(response, '/test_admin/admin/admin_views/thing/?e=1')
response = self.client.get('/test_admin/admin/admin_views/thing/', {'color__id__exact': 'StringNotInteger!'})
self.assertRedirects(response, '/test_admin/admin/admin_views/thing/?e=1')
def get_perm(Model, perm): def get_perm(Model, perm):
"""Return the permission object, for the Model""" """Return the permission object, for the Model"""
ct = ContentType.objects.get_for_model(Model) ct = ContentType.objects.get_for_model(Model)