From 49ac10b4de03279da9d67aeac5cb8561fc055085 Mon Sep 17 00:00:00 2001 From: Akshesh Date: Mon, 21 Mar 2016 16:20:30 +0530 Subject: [PATCH] Fixed #26235 -- Handled ProtectedError in a POST to admin's delete_view(). --- django/contrib/admin/options.py | 2 +- tests/admin_views/tests.py | 12 ++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/django/contrib/admin/options.py b/django/contrib/admin/options.py index bdd988f4c7..5b574d038a 100644 --- a/django/contrib/admin/options.py +++ b/django/contrib/admin/options.py @@ -1684,7 +1684,7 @@ class ModelAdmin(BaseModelAdmin): (deleted_objects, model_count, perms_needed, protected) = get_deleted_objects( [obj], opts, request.user, self.admin_site, using) - if request.POST: # The user has already confirmed the deletion. + if request.POST and not protected: # The user has confirmed the deletion. if perms_needed: raise PermissionDenied obj_display = force_text(obj) diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py index a6b77dd44b..a0c7e51c2b 100644 --- a/tests/admin_views/tests.py +++ b/tests/admin_views/tests.py @@ -2062,6 +2062,18 @@ class AdminViewDeletedObjectsTest(TestCase): '
  • Answer: Yes.
    • ' % reverse('admin:admin_views_answer_change', args=(a2.pk,)) ) + def test_post_delete_protected(self): + """ + A POST request to delete protected objects should display the page + which says the deletion is prohibited. + """ + q = Question.objects.create(question='Why?') + a = Answer.objects.create(question=q, answer='Because.') + + response = self.client.post(reverse('admin:admin_views_question_delete', args=(q.pk,)), {'post': 'yes'}) + self.assertEqual(Question.objects.count(), 1) + self.assertContains(response, "would require deleting the following protected related objects") + def test_not_registered(self): should_contain = """
  • Secret hideout: underground bunker""" response = self.client.get(reverse('admin:admin_views_villain_delete', args=(self.v1.pk,)))