Opened 15 years ago

Closed 15 years ago

Last modified 13 years ago

#12962 closed (fixed)

Broken Admin Delete Action With Confirmation

Reported by: leveille Owned by: Mark Lavin
Component: contrib.admin Version: 1.2-beta
Severity: Keywords: admin delete
Cc: preston@…, adam.skevy@…, i@…, drmeers@…, aarond10@…, Maniac@…, jedie, aaloy, sir.Gollum@… Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: yes Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description

After updating to head this morning I noticed that I was unable to delete items in the administrator via the delete dropdown action (and confirmation). I was able to track the issue back to [12525]. Specifically, the introduced check looks for 'index', which will not be present when coming from the delete confirmation page:

pprint of request.POST in response_action after clicking GO

<QueryDict: {u'action': [u'delete_selected'], u'select_across': [u'0'], u'csrfmiddlewaretoken': [u'9e1ca9bc4deb4f7750b1ade512afdf8d'], u'_selected_action': [u'12'], u'index': [u'0']}>

pprint of request.POST in response_action after confirming I want to delete the record

<QueryDict: {u'action': [u'delete_selected'], u'_selected_action': [u'12'], u'csrfmiddlewaretoken': [u'9e1ca9bc4deb4f7750b1ade512afdf8d'], u'post': [u'yes']}>

To be sure my code wasn't introducing any issues, I testing with a fresh django project/app and the bug was still present.

Attachments (3)

modeladmin-12595.diff (1.4 KB ) - added by Preston Holmes 15 years ago.
with_test_change-12812.diff (2.0 KB ) - added by Mark Lavin 15 years ago.
ptone's patch with updated test
modeladmin-12962.diff (3.5 KB ) - added by Paul Smith 15 years ago.
Ambiguous form actions

Download all attachments as: .zip

Change History (25)

comment:1 by Jannis Leidel, 15 years ago

milestone: 1.2
Triage Stage: UnreviewedAccepted

comment:2 by Karen Tracey, 15 years ago

#12973 reported this again and has a patch.

by Preston Holmes, 15 years ago

Attachment: modeladmin-12595.diff added

comment:3 by Preston Holmes, 15 years ago

Cc: preston@… added
Has patch: set
Needs tests: set

Moving my patch from #12973 to the open ticket for this issue

comment:4 by skevy, 15 years ago

Cc: adam.skevy@… added

I've done a bit more research into this ticket.

The patch does indeed work, and all currently written tests (including those written in changeset 12525) pass correctly.

However, what I found interesting was that in the admin_view test suite, in the following test:

def test_model_admin_default_delete_action(self):
        "Tests the default delete action defined as a ModelAdmin method"
        action_data = {
            ACTION_CHECKBOX_NAME: [1, 2],
            'action' : 'delete_selected',
            'index': 0,
        }
        delete_confirmation_data = {
            ACTION_CHECKBOX_NAME: [1, 2],
            'action' : 'delete_selected',
            'index': 0,
            'post': 'yes',
        }
        confirmation = self.client.post('/test_admin/admin/admin_views/subscriber/', action_data)
        self.assertContains(confirmation, "Are you sure you want to delete the selected subscriber objects")
        self.failUnless(confirmation.content.count(ACTION_CHECKBOX_NAME) == 2)
        response = self.client.post('/test_admin/admin/admin_views/subscriber/', delete_confirmation_data)
        self.failUnlessEqual(Subscriber.objects.count(), 0)

Notice that it sets 'index' equal to 0 in delete_confirmation_data. This is not what happens for real. In fact, when you confirm you want to delete objects, 'index' is never set in the post data. The fact that 'index' is set to 0 in this test is what caused this test to pass way back when 12525 actually happened.

So, I don't know if index SHOULD be set in the post data when the objects are actually deleted, or if the test is incorrect. Some more info on how to proceed from someone who knows WAY more about this code than me would be awesome :-)

Thanks,
-Adam

comment:5 by skevy, 15 years ago

Version: SVN1.2-beta

comment:6 by Paul Smith, 15 years ago

Patch needs improvement: set

With the patch applied, deleting is working. However, we still have a few issues:

  1. If you hit 'Go' while an action is selected and no list_editable changes are made, the action is applied but no, "# items have changed" message is sent.
  2. If you hit 'Go' while an action is selected, and list_editable changes have been made, both changes are applied (not what we want)
  3. If you hit the list_editable save button with items selected and an action chosen, you get the, "No action selected" message.

I'm working on an additional patch.

comment:7 by skevy, 15 years ago

@blinkylights

does this patch cause this error? or was the error already there before the patch is applied?

comment:8 by Paul Smith, 15 years ago

@skevy

Oh, no... there was definitely a problem before the patch. The patch makes how we're differentiating between action POSTs and list_editable POSTs more explicit (and it works). In doing so, it also reveals why we actually need to be even more explicit to cover cases where users might intend to launch an action, but do a list_editable submit, or vice-versa. So no: the patch is fine, it just needs to do a little more.

Think I have something that works, but you're absolutely right - we need to get some up-to-date tests written so this doesn't come back up.

comment:9 by Ari Flinkman, 15 years ago

Cc: i@… added

comment:10 by Simon Meers, 15 years ago

Cc: drmeers@… added

in reply to:  10 comment:11 by aarond10, 15 years ago

Cc: aarond10@… added

comment:12 by Ivan Sagalaev, 15 years ago

Cc: Maniac@… added

comment:13 by jedie, 15 years ago

Cc: jedie added

comment:14 by aaloy, 15 years ago

Cc: aaloy added

I can also reproduce the bug. It affects any model, even the most basic ones (User).

comment:15 by sir_Gollum, 15 years ago

Cc: sir.Gollum@… added

comment:16 by Mark Lavin, 15 years ago

Owner: changed from nobody to Mark Lavin

comment:17 by Mark Lavin, 15 years ago

Removing 'index' from delete_confirmation_data in test_model_admin_default_delete_action fails on the current revision [12812] and passes with the patch. I started a blank project which included the admin. I created a new user and then selected it to be deleted with the admin action. Inspecting what is actually posted in each step in Firebug I see:

_selected_action:	2
action:	delete_selected
csrfmiddlewaretoken:	ec77fa407235521666739722702efee1
index:	0
select_across:	0

followed by the confirmation:

_selected_action:	2
action:	delete_selected
csrfmiddlewaretoken:	ec77fa407235521666739722702efee1
post:	yes

I think this confirms that 'index' is not included in the confirmation post and should be removed from test_model_admin_default_delete_action.

by Mark Lavin, 15 years ago

Attachment: with_test_change-12812.diff added

ptone's patch with updated test

comment:18 by Karen Tracey, 15 years ago

Resolution: fixed
Status: newclosed

(In [12813]) Fixed #12962: Made admin delete action work again. Thanks ptone, skevy, mlavin and anyone else I've missed.

comment:19 by Karen Tracey, 15 years ago

(In [12815]) [1.1.X] Fixed #12707. Admin action messages are no longer displayed when submitting list_editable content. Thanks, copelco.

and

Fixed #12962: Made admin delete action work again. Thanks ptone, skevy, mlavin and anyone else I've missed.

r12525 and r12813 from trunk, together to avoid the regression introduced by r12525 alone.

comment:20 by Paul Smith, 15 years ago

Resolution: fixed
Status: closedreopened

I have another patch that covers cases where the user might change list_editable elements and hit the action 'Go' button, or select an action to execute and hit 'Save' (which will be there for 'list_editable' fields). In our current state BOTH interactions are handled in the same form, and both sets of changes get handled - an ambiguous and confusing situation that this patch fixes.

by Paul Smith, 15 years ago

Attachment: modeladmin-12962.diff added

Ambiguous form actions

comment:21 by Paul Smith, 15 years ago

Resolution: fixed
Status: reopenedclosed

Closing this ticket and opening #13166 to handle action/list_editable ambiguity.

comment:22 by Jacob, 13 years ago

milestone: 1.2

Milestone 1.2 deleted

Note: See TracTickets for help on using tickets.
Back to Top