Opened 14 years ago

Closed 12 years ago

#12065 closed Bug (fixed)

URL clash between FlatPages causes middleware error

Reported by: Michał Sałaban Owned by:
Component: contrib.flatpages Version: 1.1
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: yes Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description

Steps to reproduce:

  1. Install flatpages app, as described in the documentation.
  2. Create flatpage with URL /bar/ and assign it to site foo.
  3. Create another flatpage with URL /bar/ and also assign it to site foo.
  4. Go to http://foo/bar/

It looks FUBAR, I mean 500. This is not a good way to handle it, even if admins receive an email about exception. Why?

Usually content editors are not admins. After adding such page, they can only guess what happened and why the content doesn't appear.

The attached patch fixes it. It does two things:

  1. Validates flatpage when saved through admin panel. If there is an URL clash for some of the sites, validation errors are generated for 'sites' field.
  2. For installations where a clash has already occured and is present in the database, it just serves the first page found by query. It may be misleading to hide the error, but I assume that (i) it's better to serve content than 500 to end user and (ii) any doubt would eventually cause content editor to go to the admin panel and try to edit the page, running the new validation.

Attachments (2)

django-flatpages-url_clash.patch (2.2 KB ) - added by Michał Sałaban 14 years ago.
admin.patch (1.0 KB ) - added by ryazwinski 14 years ago.
patch to admin only to disallow url collisions - view continues to throw exception

Download all attachments as: .zip

Change History (13)

by Michał Sałaban, 14 years ago

comment:1 by Russell Keith-Magee, 14 years ago

Has patch: set
milestone: 1.2
Needs tests: set
Patch needs improvement: set
Triage Stage: UnreviewedAccepted

It would be good if this was validated at the model level, rather than just in the admin form.

comment:2 by ryazwinski, 14 years ago

Owner: changed from nobody to ryazwinski

comment:3 by ryazwinski, 14 years ago

This ticket has spawned ticket 12938 to for general validation of models with many-to-many fields.

by ryazwinski, 14 years ago

Attachment: admin.patch added

patch to admin only to disallow url collisions - view continues to throw exception

comment:4 by ryazwinski, 14 years ago

In discussions today with Joseph and others decision was made to leave the view throwing a 500 when the database is in an inconsistent state that allows for URL collisions, but to apply the portion of the patch that stops users from corrupting the data from the admin panel.

Hoping to get tests sorted out soon. Currently no tests exist at all for flatpages middleware.

comment:5 by ryazwinski, 14 years ago

Owner: ryazwinski removed

After spending way too many hours beating on testing for flatpages, and not making very much progress, I'm going to give up. Hopefully someone else can sort out how to test the admin panel and the view. Sorry :(

comment:6 by Russell Keith-Magee, 14 years ago

milestone: 1.2

Not critical for 1.2.

comment:7 by Russell Keith-Magee, 14 years ago

milestone: 1.3

comment:8 by Gabriel Hurley, 13 years ago

Component: Contrib appscontrib.flatpages

comment:9 by Julien Phalip, 13 years ago

Severity: Normal
Type: Bug

comment:10 by Jacob, 13 years ago

milestone: 1.3

Milestone 1.3 deleted

comment:11 by Claude Paroz, 12 years ago

Easy pickings: unset
Resolution: fixed
Status: newclosed
UI/UX: unset

Same issue now resolved in #14678.

Note: See TracTickets for help on using tickets.
Back to Top