From a7c813ba045044ec23bb656ef9a23a0e38e36514 Mon Sep 17 00:00:00 2001 From: Akshesh Date: Mon, 28 Mar 2016 11:58:51 +0530 Subject: [PATCH] Fixed #21734 -- Handled ProtectedError in a POST to admin's delete_selected action. --- django/contrib/admin/actions.py | 2 +- tests/admin_views/tests.py | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/django/contrib/admin/actions.py b/django/contrib/admin/actions.py index 80b0ac83d6..6fdf070694 100644 --- a/django/contrib/admin/actions.py +++ b/django/contrib/admin/actions.py @@ -38,7 +38,7 @@ def delete_selected(modeladmin, request, queryset): # The user has already confirmed the deletion. # Do the deletion and return a None to display the change list view again. - if request.POST.get('post'): + if request.POST.get('post') and not protected: if perms_needed: raise PermissionDenied n = queryset.count() diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py index 4802827a5c..ab82f64793 100644 --- a/tests/admin_views/tests.py +++ b/tests/admin_views/tests.py @@ -3123,6 +3123,8 @@ class AdminActionsTest(TestCase): 'action': 'delete_selected', 'index': 0, } + delete_confirmation_data = action_data.copy() + delete_confirmation_data['post'] = 'yes' response = self.client.post(reverse('admin:admin_views_question_changelist'), action_data) @@ -3138,6 +3140,12 @@ class AdminActionsTest(TestCase): html=True ) + # A POST request to delete protected objects should display the page + # which says the deletion is prohibited. + response = self.client.post(reverse('admin:admin_views_question_changelist'), delete_confirmation_data) + self.assertContains(response, "would require deleting the following protected related objects") + self.assertEqual(Question.objects.count(), 2) + def test_model_admin_default_delete_action_no_change_url(self): """ Default delete action shouldn't break if a user's ModelAdmin removes the url for change_view.