Opened 13 years ago
Closed 11 years ago
#12065 closed Bug (fixed)
URL clash between FlatPages causes middleware error
| Reported by: | Michał Sałaban | Owned by: | |
|---|---|---|---|
| Component: | contrib.flatpages | Version: | 1.1 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | yes | Patch needs improvement: | yes |
| Easy pickings: | no | UI/UX: | no |
Description
Steps to reproduce:
- Install flatpages app, as described in the documentation.
- Create flatpage with URL /bar/ and assign it to site foo.
- Create another flatpage with URL /bar/ and also assign it to site foo.
- Go to http://foo/bar/
It looks FUBAR, I mean 500. This is not a good way to handle it, even if admins receive an email about exception. Why?
Usually content editors are not admins. After adding such page, they can only guess what happened and why the content doesn't appear.
The attached patch fixes it. It does two things:
- Validates flatpage when saved through admin panel. If there is an URL clash for some of the sites, validation errors are generated for 'sites' field.
- For installations where a clash has already occured and is present in the database, it just serves the first page found by query. It may be misleading to hide the error, but I assume that (i) it's better to serve content than 500 to end user and (ii) any doubt would eventually cause content editor to go to the admin panel and try to edit the page, running the new validation.
Attachments (2)
Change History (13)
Changed 13 years ago by
| Attachment: | django-flatpages-url_clash.patch added |
|---|
comment:1 Changed 13 years ago by
| Has patch: | set |
|---|---|
| milestone: | → 1.2 |
| Needs tests: | set |
| Patch needs improvement: | set |
| Triage Stage: | Unreviewed → Accepted |
comment:2 Changed 13 years ago by
| Owner: | changed from nobody to ryazwinski |
|---|
comment:3 Changed 13 years ago by
This ticket has spawned ticket 12938 to for general validation of models with many-to-many fields.
Changed 13 years ago by
| Attachment: | admin.patch added |
|---|
patch to admin only to disallow url collisions - view continues to throw exception
comment:4 Changed 13 years ago by
In discussions today with Joseph and others decision was made to leave the view throwing a 500 when the database is in an inconsistent state that allows for URL collisions, but to apply the portion of the patch that stops users from corrupting the data from the admin panel.
Hoping to get tests sorted out soon. Currently no tests exist at all for flatpages middleware.
comment:5 Changed 13 years ago by
| Owner: | ryazwinski deleted |
|---|
After spending way too many hours beating on testing for flatpages, and not making very much progress, I'm going to give up. Hopefully someone else can sort out how to test the admin panel and the view. Sorry :(
comment:7 Changed 13 years ago by
| milestone: | → 1.3 |
|---|
comment:8 Changed 12 years ago by
| Component: | Contrib apps → contrib.flatpages |
|---|
comment:9 Changed 12 years ago by
| Severity: | → Normal |
|---|---|
| Type: | → Bug |
comment:11 Changed 11 years ago by
| Easy pickings: | unset |
|---|---|
| Resolution: | → fixed |
| Status: | new → closed |
| UI/UX: | unset |
Same issue now resolved in #14678.
It would be good if this was validated at the model level, rather than just in the admin form.