Ticket #13149: django-13149.patch

File django-13149.patch, 3.7 KB (added by jbronn, 5 years ago)
  • django/contrib/admin/widgets.py

    From 784b77b46d84e7c7ff94d976982a50670cb5513c Mon Sep 17 00:00:00 2001
    From: Chris Adams <chris@improbable.org>
    Date: Fri, 10 Sep 2010 11:26:19 -0700
    Subject: [PATCH 1/2] Patch for ForeignKeyRawIdWidget error handling
    
    This adds some error handling for invalid (i.e. ValueError-raising)
    inputs in raw id fields, where a user may currently enter arbitrary
    string values.
    
    See http://code.djangoproject.com/ticket/13149
    ---
     django/contrib/admin/widgets.py |    6 +++---
     django/forms/models.py          |    2 +-
     2 files changed, 4 insertions(+), 4 deletions(-)
    
    diff --git a/django/contrib/admin/widgets.py b/django/contrib/admin/widgets.py
    index 1d321d0..5832f82 100644
    a b class ForeignKeyRawIdWidget(forms.TextInput): 
    154154        key = self.rel.get_related_field().name
    155155        try:
    156156            obj = self.rel.to._default_manager.using(self.db).get(**{key: value})
    157         except self.rel.to.DoesNotExist:
     157            return '&nbsp;<strong>%s</strong>' % escape(truncate_words(obj, 14))
     158        except (ValueError, self.rel.to.DoesNotExist):
    158159            return ''
    159         return '&nbsp;<strong>%s</strong>' % escape(truncate_words(obj, 14))
    160160
    161161class ManyToManyRawIdWidget(ForeignKeyRawIdWidget):
    162162    """
    class ManyToManyRawIdWidget(ForeignKeyRawIdWidget): 
    169169    def render(self, name, value, attrs=None):
    170170        attrs['class'] = 'vManyToManyRawIdAdminField'
    171171        if value:
    172             value = ','.join([str(v) for v in value])
     172            value = ','.join([force_unicode(v) for v in value])
    173173        else:
    174174            value = ''
    175175        return super(ManyToManyRawIdWidget, self).render(name, value, attrs)
  • django/forms/models.py

    diff --git a/django/forms/models.py b/django/forms/models.py
    index 8accd61..98a3979 100644
    a b class ModelChoiceField(ChoiceField): 
    987987        try:
    988988            key = self.to_field_name or 'pk'
    989989            value = self.queryset.get(**{key: value})
    990         except self.queryset.model.DoesNotExist:
     990        except (ValueError, self.queryset.model.DoesNotExist):
    991991            raise ValidationError(self.error_messages['invalid_choice'])
    992992        return value
    993993
  • tests/regressiontests/admin_widgets/tests.py

    -- 
    1.7.0.2
    
    
    From efa4d66386fac54b1b6f683e198e448730d62143 Mon Sep 17 00:00:00 2001
    From: Chris Adams <chris@improbable.org>
    Date: Fri, 10 Sep 2010 12:08:29 -0700
    Subject: [PATCH 2/2] Tests for #13149
    
    This adds some basic tests to confirm that incorrect values in M2M
    raw_id fields result in form errors rather than unhandled exceptions
    ---
     tests/regressiontests/admin_widgets/tests.py |   12 ++++++++++++
     1 files changed, 12 insertions(+), 0 deletions(-)
    
    diff --git a/tests/regressiontests/admin_widgets/tests.py b/tests/regressiontests/admin_widgets/tests.py
    index fd0c25c..c445644 100644
    a b  
     1# encoding: utf-8
     2
    13from django import forms
    24from django.contrib import admin
    35from django.contrib.admin import widgets
    class AdminForeignKeyRawIdWidget(DjangoTestCase): 
    151153            post_data)
    152154        self.assertContains(response,
    153155            'Select a valid choice. That choice is not one of the available choices.')
     156
     157    def test_invalid_target_id(self):
     158
     159        for test_str in ('Iñtërnâtiônàlizætiøn', "1234'", -1234):
     160            # This should result in an error message, not a server exception.
     161            response = self.client.post('%s/admin_widgets/event/add/' % self.admin_root,
     162                {"band": test_str})
     163
     164            self.assertContains(response,
     165                'Select a valid choice. That choice is not one of the available choices.')
Back to Top