Ticket #11191: 11191.2.diff

File 11191.2.diff, 3.5 KB (added by SmileyChris, 6 years ago)
  • django/contrib/admin/options.py

     
    66from django.contrib.admin import widgets
    77from django.contrib.admin import helpers
    88from django.contrib.admin.util import unquote, flatten_fieldsets, get_deleted_objects, model_ngettext, model_format_dict
    9 from django.core.exceptions import PermissionDenied
     9from django.core.exceptions import PermissionDenied, ValidationError, ObjectDoesNotExist
    1010from django.db import models, transaction
    1111from django.db.models.fields import BLANK_CHOICE_DASH
    1212from django.http import Http404, HttpResponse, HttpResponseRedirect
     
    347347        defaults.update(kwargs)
    348348        return modelform_factory(self.model, **defaults)
    349349
     350    def get_object(self, request, object_id):
     351        """
     352        Returns an instance matching the primary key provided.
     353
     354        The most two errors which may be raised by this method are
     355        ``ValidationError`` (if the object_id was of an invalid type) or
     356        ``model.DoesNotExist`` (if no match was found).
     357        """
     358        queryset = self.queryset(request)
     359        object_id = queryset.model._meta.pk.to_python(object_id)
     360        return queryset.get(pk=object_id)
     361
    350362    def get_changelist_form(self, request, **kwargs):
    351363        """
    352364        Returns a Form class for use in the Formset on the changelist page.
     
    789801        opts = model._meta
    790802
    791803        try:
    792             obj = self.queryset(request).get(pk=unquote(object_id))
    793         except model.DoesNotExist:
     804            obj = self.get_object(request, unquote(object_id))
     805        except (ObjectDoesNotExist, ValidationError):
    794806            # Don't raise Http404 just yet, because we haven't checked
    795807            # permissions yet. We don't want an unauthenticated user to be able
    796808            # to determine whether a given object exists.
     
    9891001        app_label = opts.app_label
    9901002
    9911003        try:
    992             obj = self.queryset(request).get(pk=unquote(object_id))
    993         except self.model.DoesNotExist:
     1004            obj = self.get_object(request, unquote(object_id))
     1005        except (ObjectDoesNotExist, ValidationError):
    9941006            # Don't raise Http404 just yet, because we haven't checked
    9951007            # permissions yet. We don't want an unauthenticated user to be able
    9961008            # to determine whether a given object exists.
  • tests/regressiontests/admin_views/tests.py

     
    6363
    6464    def testBasicEditGet(self):
    6565        """
    66         A smoke test to ensureGET on the change_view works.
     66        A smoke test to ensure GET on the change_view works.
    6767        """
    6868        response = self.client.get('/test_admin/%s/admin_views/section/1/' % self.urlbit)
    6969        self.failUnlessEqual(response.status_code, 200)
    7070
     71    def testBasicEditGetStringPK(self):
     72        """
     73        A smoke test to ensure GET on the change_view works (returns an HTTP
     74        404 error, see #11191) when passing a string as the PK argument for a
     75        model with an integer PK field.
     76        """
     77        response = self.client.get('/test_admin/%s/admin_views/section/abc/' % self.urlbit)
     78        self.failUnlessEqual(response.status_code, 404)
     79
    7180    def testBasicAddPost(self):
    7281        """
    7382        A smoke test to ensure POST on add_view works.
Back to Top