Problems with BaseInlineFormSet.validate_max
|Reported by:||yoyoma||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
I've noticed a couple problems with the validation of BaseInlineFormSet.max_num (when using the new BaseInlineFormSet.validate_max feature. The first one is way more important, but the second one is a nuisances as well. Both can be reproduced with a normal inline formset. I am using master @ 1267d2d9bc.
1) User can click back in their browser and exceed max_num after maxing out a formset and submitting the form.
If I click "submit" on a form that has a max_num of 1, then hit back and repopulate the same form again, clicking "submit" again, another record will be created, and this is boundless. I can take a formset with max_num set to 1 and create 500 records. I would venture to guess that you could even exceed the hard stop of 1000 by doing this.
2) Attempting to delete existing records when max_num is already exceeded results in a validation error, even when not adding or editing records.
When validate_max is in effect, but max_num has already been exceeded (i.e., if I turn down max_num after users create objects) Django doesn't allow the user to even delete the existing records, meaning there is no way to remedy the situation. (see http://cl.ly/image/1k1Z1j2L2J3f - I merely checked the "delete" checkbox without adding any new "uploads" or editing the existing ones)
Change History (3)
comment:1 Changed 3 years ago by yoyoma
- Cc yoyoma added
- Component changed from Uncategorized to Forms
- Keywords formsets validation added
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
- Type changed from Uncategorized to Bug