New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Admin interface should disallow entering illegal values for party duedates. #60

Open
zenhack opened this Issue May 11, 2016 · 0 comments

Comments

Projects
None yet
1 participant
@zenhack
Copy link
Owner

zenhack commented May 11, 2016

I'm working on #59, and I've come up with a solution that's pretty solid. We get assertion errors early if we mix up types, and this exposed the fact that our database has non-duedates in the Party table's last/first duedate columns. The Admin UI allows entering arbitrary dates, and it's annoying (if not impossible) to specify the due date exactly.

The admin UI ought to ensure that only legal values enter the database. The simple thing would be to just call duedate() on the result; it may not be worth doing more than that until we get around to re-vamping the admin UI.

zenhack added a commit that referenced this issue May 11, 2016

Strict type discipline for dates & times
Fixes #59. All date and time handling is now such that mixing up types
will result in a loud error. We pass things around as arrows, so
forgetting a to_dbtime will give us an error from sqlalchemy, and our
helper functions all verify the types of their arguments. See the
docstring in ironblogger/date.py for details.

This also runs afoul of #60; databases which contain parties with bad
duedates will spit out 500 errors. Next on the agenda is fixing that
issue.

zenhack added a commit that referenced this issue May 11, 2016

Migration script to partially address #60
This fixes existing databases, but does nothing to prevent them from
having the same problem in the future. I'm fighting with Flask-Admin and
not enjoying it.

@zenhack zenhack added the admin-ui label May 20, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment