Commit 74997f95 authored by Karen Tracey's avatar Karen Tracey
Browse files

[1.0.X] Fixed #9252 -- Moved the try/except protecting against incorrect... 

[1.0.X] Fixed #9252 -- Moved the try/except protecting against incorrect lookup params to where the error is now raised, and added a test for this case.

Backport of [9245] from trunk.


git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@9246 bcc190cf-cafb-0310-a4f2-bffc1f526a37
parent d7ebda8d

django/contrib/admin/views/main.py

+10 −9
Original line number Diff line number Diff line
@@ -99,14 +99,7 @@ class ChangeList(object): 
    def get_results(self, request):

        paginator = Paginator(self.query_set, self.list_per_page)

        # Get the number of objects, with admin filters applied.

        try:

        result_count = paginator.count

        # Naked except! Because we don't have any other way of validating

        # "params". They might be invalid if the keyword arguments are

        # incorrect, or if the values are not in the correct type (which would

        # result in a database error).

        except:

            raise IncorrectLookupParameters



        # Get the total number of objects, with no admin filters applied.

        # Perform a slight optimization: Check to see whether any filters were
@@ -192,7 +185,15 @@ class ChangeList(object): 
                lookup_params[key] = value.split(',')



        # Apply lookup parameters from the query string.

        try:

            qs = qs.filter(**lookup_params)

        # Naked except! Because we don't have any other way of validating "params".

        # They might be invalid if the keyword arguments are incorrect, or if the

        # values are not in the correct type, so we might get FieldError, ValueError,

        # ValicationError, or ? from a custom field that raises yet something else 

        # when handed impossible data.

        except:

            raise IncorrectLookupParameters



        # Use select_related() if one of the list_display options is a field

        # with a relationship.

tests/regressiontests/admin_views/tests.py

+8 −1
Original line number Diff line number Diff line
@@ -161,6 +161,13 @@ class AdminViewBasicTest(TestCase): 
            "Changelist filter not correctly limited by limit_choices_to."

        )

        

    def testIncorrectLookupParameters(self):

        """Ensure incorrect lookup parameters are handled gracefully."""

        response = self.client.get('/test_admin/admin/admin_views/thing/', {'notarealfield': '5'})

        self.assertRedirects(response, '/test_admin/admin/admin_views/thing/?e=1')        

        response = self.client.get('/test_admin/admin/admin_views/thing/', {'color__id__exact': 'StringNotInteger!'})

        self.assertRedirects(response, '/test_admin/admin/admin_views/thing/?e=1')

            

def get_perm(Model, perm):

    """Return the permission object, for the Model"""

    ct = ContentType.objects.get_for_model(Model)