Fixed #9252 -- Moved the try/except protecting against incorrect lookup params to where the error is now raised, and added a test for this case.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@9245 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2025-10-30 17:16:10 +00:00 · 2008-10-22 23:09:35 +00:00
parent 5e5af8a8aa
commit 30241385d5
2 changed files with 18 additions and 10 deletions
--- a/django/contrib/admin/views/main.py
+++ b/django/contrib/admin/views/main.py
@@ -99,14 +99,7 @@ class ChangeList(object):
    def get_results(self, request):
        paginator = Paginator(self.query_set, self.list_per_page)
        # Get the number of objects, with admin filters applied.
-        try:
-            result_count = paginator.count
-        # Naked except! Because we don't have any other way of validating
-        # "params". They might be invalid if the keyword arguments are
-        # incorrect, or if the values are not in the correct type (which would
-        # result in a database error).
-        except:
-            raise IncorrectLookupParameters
+        result_count = paginator.count

        # Get the total number of objects, with no admin filters applied.
        # Perform a slight optimization: Check to see whether any filters were
@@ -192,7 +185,15 @@ class ChangeList(object):
                lookup_params[key] = value.split(',')

        # Apply lookup parameters from the query string.
-        qs = qs.filter(**lookup_params)
+        try:
+            qs = qs.filter(**lookup_params)
+        # Naked except! Because we don't have any other way of validating "params".
+        # They might be invalid if the keyword arguments are incorrect, or if the
+        # values are not in the correct type, so we might get FieldError, ValueError,
+        # ValicationError, or ? from a custom field that raises yet something else 
+        # when handed impossible data.
+        except:
+            raise IncorrectLookupParameters

        # Use select_related() if one of the list_display options is a field
        # with a relationship.
--- a/tests/regressiontests/admin_views/tests.py
+++ b/tests/regressiontests/admin_views/tests.py
@@ -160,7 +160,14 @@ class AdminViewBasicTest(TestCase):
            '<a href="?color__id__exact=3">Blue</a>' in response.content,
            "Changelist filter not correctly limited by limit_choices_to."
        )
-    
+        
+    def testIncorrectLookupParameters(self):
+        """Ensure incorrect lookup parameters are handled gracefully."""
+        response = self.client.get('/test_admin/admin/admin_views/thing/', {'notarealfield': '5'})
+        self.assertRedirects(response, '/test_admin/admin/admin_views/thing/?e=1')        
+        response = self.client.get('/test_admin/admin/admin_views/thing/', {'color__id__exact': 'StringNotInteger!'})
+        self.assertRedirects(response, '/test_admin/admin/admin_views/thing/?e=1')
+            
 def get_perm(Model, perm):
    """Return the permission object, for the Model"""
    ct = ContentType.objects.get_for_model(Model)