#35087 closed Bug (fixed)
DisallowedModelAdminLookup raised when filtering on a ForeignKey not listed in list_filters
| Reported by: | Maxime Lorant | Owned by: | Sarah Boyce |
|---|---|---|---|
| Component: | contrib.admin | Version: | 5.0 |
| Severity: | Release blocker | Keywords: | admin filters foreignkey |
| Cc: | Sarah Boyce | Triage Stage: | Ready for checkin |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description (last modified by )
Since Django 5.0.1, the exception DisallowedModelAdminLookup is raised when I'm trying to filter a list in the Django admin with a foreign key attribute not listed in list_filters. It looks like a regression from #35020, but I'm not exactly sure at 100 %. The exception is not raised when I'm filtering against a foreign key attribute listed in list_filters neither for a standard CharField not listed. Using the following simple example, on a fresh new Django project:
# models.py
class Client(models.Model):
name = models.CharField("name", max_length=100)
class Invoice(models.Model):
client = models.ForeignKey(Client, models.CASCADE, null=False)
number = models.CharField("number", max_length=100)
# admin.py
@admin.register(models.Invoice)
class InvoiceAdmin(admin.ModelAdmin):
pass # note that no list_filters is defined
The URL /admin/core/invoice/?client=1 in local:
- returns a 200, with proper results in Django 4.2.9
- returns a 200, with proper results in Django 5.0.0
- returns a 500, from the exception below in Django 5.0.1
The exception raised in Django 5.0.1:
File "<VENV>/lib/python3.12/site-packages/django/core/handlers/exception.py", line 55, in inner
response = get_response(request)
^^^^^^^^^^^^^^^^^^^^^
[...]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<VENV>/lib/python3.12/site-packages/django/contrib/admin/options.py", line 1981, in changelist_view
cl = self.get_changelist_instance(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<VENV>/lib/python3.12/site-packages/django/contrib/admin/options.py", line 862, in get_changelist_instance
return ChangeList(
^^^^^^^^^^^
File "<VENV>/lib/python3.12/site-packages/django/contrib/admin/views/main.py", line 144, in __init__
self.queryset = self.get_queryset(request)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "<VENV>/lib/python3.12/site-packages/django/contrib/admin/views/main.py", line 539, in get_queryset
) = self.get_filters(request)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "<VENV>/lib/python3.12/site-packages/django/contrib/admin/views/main.py", line 193, in get_filters
raise DisallowedModelAdminLookup(f"Filtering by {key} not allowed")
django.contrib.admin.exceptions.DisallowedModelAdminLookup: Filtering by client not allowed
The URL /admin/core/invoice/?number=ABC works in the three versions with the same behaviour each time (make an exact match on the charfield)
Change History (6)
comment:1 by , 4 months ago
| Description: | modified (diff) |
|---|
comment:2 by , 4 months ago
| Cc: | added |
|---|---|
| Severity: | Normal → Release blocker |
| Triage Stage: | Unreviewed → Accepted |
comment:3 by , 4 months ago
| Has patch: | set |
|---|---|
| Owner: | changed from to |
| Status: | new → assigned |
comment:4 by , 4 months ago
| Triage Stage: | Accepted → Ready for checkin |
|---|
Note:
See TracTickets
for help on using tickets.
Thanks for the report!
Regression in f80669d2f5a5f1db9e9b73ca893fefba34f955e7.