Opened 2 months ago

Last modified 7 weeks ago

#28589 assigned Cleanup/optimization

When saving in admin, readonly fields are potentially overwritten

Reported by: Fingal Plumpton Owned by: Fingal Plumpton
Component: contrib.admin Version: master
Severity: Normal Keywords: Admin SQL Overwrite
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description (last modified by Fingal Plumpton)

On the admin page for a model, if a field is in readonly_fields or has editable=False, then saving that model from the admin will create an SQL query that sets the readonly field to it's value at the time the save button was clicked. This field might have been changed (e.g. by a command or some other process) during the time that the model is being saved, and with current behaviour it would then be overwritten to it's old value.

Correct behaviour would be to not set the readonly/uneditable field at all in the SQL query.

The exception to this is a DateTimeField with auto_now or auto_now_add, which have editable=False but should be updated when the SQL query is made.

Change History (6)

comment:1 Changed 2 months ago by Fingal Plumpton

Owner: changed from nobody to Fingal Plumpton
Status: newassigned

comment:2 Changed 2 months ago by Fingal Plumpton

Summary: When saving in admin, readonly fields are saved againWhen saving in admin, readonly fields are potentially overwritten

comment:3 Changed 2 months ago by Fingal Plumpton

Description: modified (diff)

comment:4 Changed 2 months ago by Fingal Plumpton

Description: modified (diff)

comment:5 Changed 2 months ago by Fingal Plumpton

Last edited 8 weeks ago by Tim Graham (previous) (diff)

comment:6 Changed 7 weeks ago by Tim Graham

Easy pickings: unset
Patch needs improvement: set
Triage Stage: UnreviewedAccepted
Type: BugCleanup/optimization

Recently, someone raised a similar issue for model forms. I think the problem should be solved at that level first. Perhaps that'll help simplify the code at the admin level -- the current code looks too complicated.

Note: See TracTickets for help on using tickets.
Back to Top