Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed #7982 -- Corrected ModelAdmin url dispatching to ensure it matc…

…hing exactly what it needs and doesn't stomp on primary key space. 'add' is a lost cause for now. This originated from #6470. Thanks jdetaeye for the original patch and basith for providing test cases.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@8704 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit cd0b65bcf79dc61481d94a415a1598bb510d21c9 1 parent ddf7d7a
@brosner brosner authored
View
6 django/contrib/admin/options.py
@@ -186,11 +186,11 @@ def __call__(self, request, url):
# Delegate to the appropriate method, based on the URL.
if url is None:
return self.changelist_view(request)
- elif url.endswith('add'):
+ elif url == "add":
return self.add_view(request)
- elif url.endswith('history'):
+ elif url.endswith('/history'):
return self.history_view(request, unquote(url[:-8]))
- elif url.endswith('delete'):
+ elif url.endswith('/delete'):
return self.delete_view(request, unquote(url[:-7]))
else:
return self.change_view(request, unquote(url))
View
25 tests/regressiontests/admin_views/tests.py
@@ -458,6 +458,31 @@ def test_deleteconfirmation_link(self):
response = self.client.get('/test_admin/admin/admin_views/modelwithstringprimarykey/%s/delete/' % quote(self.pk))
should_contain = """<a href="../../%s/">%s</a>""" % (quote(self.pk), escape(self.pk))
self.assertContains(response, should_contain)
+
+ def test_url_conflicts_with_add(self):
+ "A model with a primary key that ends with add should be visible"
+ add_model = ModelWithStringPrimaryKey(id="i have something to add")
+ add_model.save()
+ response = self.client.get('/test_admin/admin/admin_views/modelwithstringprimarykey/%s/' % quote(add_model.pk))
+ should_contain = """<h1>Change model with string primary key</h1>"""
+ self.assertContains(response, should_contain)
+
+ def test_url_conflicts_with_delete(self):
+ "A model with a primary key that ends with delete should be visible"
+ delete_model = ModelWithStringPrimaryKey(id="delete")
+ delete_model.save()
+ response = self.client.get('/test_admin/admin/admin_views/modelwithstringprimarykey/%s/' % quote(delete_model.pk))
+ should_contain = """<h1>Change model with string primary key</h1>"""
+ self.assertContains(response, should_contain)
+
+ def test_url_conflicts_with_history(self):
+ "A model with a primary key that ends with history should be visible"
+ history_model = ModelWithStringPrimaryKey(id="history")
+ history_model.save()
+ response = self.client.get('/test_admin/admin/admin_views/modelwithstringprimarykey/%s/' % quote(history_model.pk))
+ should_contain = """<h1>Change model with string primary key</h1>"""
+ self.assertContains(response, should_contain)
+
class SecureViewTest(TestCase):
fixtures = ['admin-views-users.xml']
Please sign in to comment.
Something went wrong with that request. Please try again.