Changed the comments post view code to avoid raising an exception if handed invalid data for the object pk. Thanks to Leo for the test.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12800 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Karen Tracey 2010-03-16 22:37:45 +00:00
parent f482984af1
commit e434573ef1
4 changed files with 41 additions and 9 deletions

View File

@ -1,7 +1,7 @@
from django import http from django import http
from django.conf import settings from django.conf import settings
from utils import next_redirect, confirmation_view from utils import next_redirect, confirmation_view
from django.core.exceptions import ObjectDoesNotExist from django.core.exceptions import ObjectDoesNotExist, ValidationError
from django.db import models from django.db import models
from django.shortcuts import render_to_response from django.shortcuts import render_to_response
from django.template import RequestContext from django.template import RequestContext
@ -62,6 +62,10 @@ def post_comment(request, next=None, using=None):
return CommentPostBadRequest( return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." % \ "No object matching content-type %r and object PK %r exists." % \
(escape(ctype), escape(object_pk))) (escape(ctype), escape(object_pk)))
except (ValueError, ValidationError), e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s" % \
(escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment? # Do we want to preview the comment?
preview = "preview" in data preview = "preview" in data

View File

@ -1,4 +1,11 @@
[ [
{
"model" : "comment_tests.book",
"pk" : 1,
"fields" : {
"dewey_decimal" : "12.34"
}
},
{ {
"model" : "comment_tests.author", "model" : "comment_tests.author",
"pk" : 1, "pk" : 1,

View File

@ -28,3 +28,7 @@ class Entry(models.Model):
def __str__(self): def __str__(self):
return self.title return self.title
class Book(models.Model):
dewey_decimal = models.DecimalField(primary_key = True, decimal_places=2, max_digits=5)

View File

@ -3,7 +3,7 @@ from django.conf import settings
from django.contrib.auth.models import User from django.contrib.auth.models import User
from django.contrib.comments import signals from django.contrib.comments import signals
from django.contrib.comments.models import Comment from django.contrib.comments.models import Comment
from regressiontests.comment_tests.models import Article from regressiontests.comment_tests.models import Article, Book
from regressiontests.comment_tests.tests import CommentTestCase from regressiontests.comment_tests.tests import CommentTestCase
post_redirect_re = re.compile(r'^http://testserver/posted/\?c=(?P<pk>\d+$)') post_redirect_re = re.compile(r'^http://testserver/posted/\?c=(?P<pk>\d+$)')
@ -45,6 +45,22 @@ class CommentViewTests(CommentTestCase):
response = self.client.post("/post/", data) response = self.client.post("/post/", data)
self.assertEqual(response.status_code, 400) self.assertEqual(response.status_code, 400)
def testPostInvalidIntegerPK(self):
a = Article.objects.get(pk=1)
data = self.getValidData(a)
data["comment"] = "This is another comment"
data["object_pk"] = u'\ufffd'
response = self.client.post("/post/", data)
self.assertEqual(response.status_code, 400)
def testPostInvalidDecimalPK(self):
b = Book.objects.get(pk='12.34')
data = self.getValidData(b)
data["comment"] = "This is another comment"
data["object_pk"] = 'cookies'
response = self.client.post("/post/", data)
self.assertEqual(response.status_code, 400)
def testCommentPreview(self): def testCommentPreview(self):
a = Article.objects.get(pk=1) a = Article.objects.get(pk=1)
data = self.getValidData(a) data = self.getValidData(a)
@ -187,11 +203,11 @@ class CommentViewTests(CommentTestCase):
location = response["Location"] location = response["Location"]
match = post_redirect_re.match(location) match = post_redirect_re.match(location)
self.failUnless(match != None, "Unexpected redirect location: %s" % location) self.failUnless(match != None, "Unexpected redirect location: %s" % location)
data["next"] = "/somewhere/else/" data["next"] = "/somewhere/else/"
data["comment"] = "This is another comment" data["comment"] = "This is another comment"
response = self.client.post("/post/", data) response = self.client.post("/post/", data)
location = response["Location"] location = response["Location"]
match = re.search(r"^http://testserver/somewhere/else/\?c=\d+$", location) match = re.search(r"^http://testserver/somewhere/else/\?c=\d+$", location)
self.failUnless(match != None, "Unexpected redirect location: %s" % location) self.failUnless(match != None, "Unexpected redirect location: %s" % location)
@ -199,7 +215,7 @@ class CommentViewTests(CommentTestCase):
a = Article.objects.get(pk=1) a = Article.objects.get(pk=1)
data = self.getValidData(a) data = self.getValidData(a)
response = self.client.post("/post/", data) response = self.client.post("/post/", data)
location = response["Location"] location = response["Location"]
match = post_redirect_re.match(location) match = post_redirect_re.match(location)
self.failUnless(match != None, "Unexpected redirect location: %s" % location) self.failUnless(match != None, "Unexpected redirect location: %s" % location)
pk = int(match.group('pk')) pk = int(match.group('pk'))
@ -216,14 +232,14 @@ class CommentViewTests(CommentTestCase):
data["next"] = "/somewhere/else/?foo=bar" data["next"] = "/somewhere/else/?foo=bar"
data["comment"] = "This is another comment" data["comment"] = "This is another comment"
response = self.client.post("/post/", data) response = self.client.post("/post/", data)
location = response["Location"] location = response["Location"]
match = re.search(r"^http://testserver/somewhere/else/\?foo=bar&c=\d+$", location) match = re.search(r"^http://testserver/somewhere/else/\?foo=bar&c=\d+$", location)
self.failUnless(match != None, "Unexpected redirect location: %s" % location) self.failUnless(match != None, "Unexpected redirect location: %s" % location)
def testCommentDoneReSubmitWithInvalidParams(self): def testCommentPostRedirectWithInvalidIntegerPK(self):
""" """
Tests that attempting to retrieve the location specified in the Tests that attempting to retrieve the location specified in the
post redirect, after adding some invalid data to the expected post redirect, after adding some invalid data to the expected
querystring it ends with, doesn't cause a server error. querystring it ends with, doesn't cause a server error.
""" """
a = Article.objects.get(pk=1) a = Article.objects.get(pk=1)
@ -234,3 +250,4 @@ class CommentViewTests(CommentTestCase):
broken_location = location + u"\ufffd" broken_location = location + u"\ufffd"
response = self.client.get(broken_location) response = self.client.get(broken_location)
self.assertEqual(response.status_code, 200) self.assertEqual(response.status_code, 200)