mirror of
https://github.com/django/django.git
synced 2024-12-22 17:16:24 +00:00
Fixed #21734 -- Handled ProtectedError in a POST to admin's delete_selected action.
This commit is contained in:
parent
724a279849
commit
a7c813ba04
@ -38,7 +38,7 @@ def delete_selected(modeladmin, request, queryset):
|
||||
|
||||
# The user has already confirmed the deletion.
|
||||
# Do the deletion and return a None to display the change list view again.
|
||||
if request.POST.get('post'):
|
||||
if request.POST.get('post') and not protected:
|
||||
if perms_needed:
|
||||
raise PermissionDenied
|
||||
n = queryset.count()
|
||||
|
@ -3123,6 +3123,8 @@ class AdminActionsTest(TestCase):
|
||||
'action': 'delete_selected',
|
||||
'index': 0,
|
||||
}
|
||||
delete_confirmation_data = action_data.copy()
|
||||
delete_confirmation_data['post'] = 'yes'
|
||||
|
||||
response = self.client.post(reverse('admin:admin_views_question_changelist'), action_data)
|
||||
|
||||
@ -3138,6 +3140,12 @@ class AdminActionsTest(TestCase):
|
||||
html=True
|
||||
)
|
||||
|
||||
# A POST request to delete protected objects should display the page
|
||||
# which says the deletion is prohibited.
|
||||
response = self.client.post(reverse('admin:admin_views_question_changelist'), delete_confirmation_data)
|
||||
self.assertContains(response, "would require deleting the following protected related objects")
|
||||
self.assertEqual(Question.objects.count(), 2)
|
||||
|
||||
def test_model_admin_default_delete_action_no_change_url(self):
|
||||
"""
|
||||
Default delete action shouldn't break if a user's ModelAdmin removes the url for change_view.
|
||||
|
Loading…
Reference in New Issue
Block a user