mirror
/
wagtail
kopia lustrzana https://github.com/wagtail/wagtail
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Avoid assuming an integer PK named 'id' on multiple upload views 

Fixes #6512
pull/9057/head
Matt Westcott 2022-08-12 12:07:15 +01:00 zatwierdzone przez LB (Ben Johnston)
rodzic 9e810ce5b0
commit ab610df620
3 zmienionych plików z 14 dodań i 9 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

1
CHANGELOG.txt
Wyświetl plik

@ -22,6 +22,7 @@ Changelog
* Refine designs for disabled buttons throughout the admin interface (Paarth Agarwal) * Refine designs for disabled buttons throughout the admin interface (Paarth Agarwal)
* Update expanding formset add buttons to use `button` not link for behaviour (LB (Ben) Johnston) * Update expanding formset add buttons to use `button` not link for behaviour (LB (Ben) Johnston)
* Add robust unit testing for authentication scenarios across the user management admin pages (Mehrdad Moradizadeh) * Add robust unit testing for authentication scenarios across the user management admin pages (Mehrdad Moradizadeh)
* Avoid assuming an integer PK named 'id' on multiple upload views (Matt Westcott)
* Fix: Prevent `PageQuerySet.not_public` from returning all pages when no page restrictions exist (Mehrdad Moradizadeh) * Fix: Prevent `PageQuerySet.not_public` from returning all pages when no page restrictions exist (Mehrdad Moradizadeh)
* Fix: Ensure that duplicate block ids are unique when duplicating stream blocks in the page editor (Joshua Munn) * Fix: Ensure that duplicate block ids are unique when duplicating stream blocks in the page editor (Joshua Munn)
* Fix: Revise colour usage so that privacy & locked indicators can be seen in Windows High Contrast mode (LB (Ben Johnston)) * Fix: Revise colour usage so that privacy & locked indicators can be seen in Windows High Contrast mode (LB (Ben Johnston))

1
docs/releases/4.1.md
Wyświetl plik

@ -31,6 +31,7 @@ Wagtail 4.1 is designated a Long Term Support (LTS) release. Long Term Support r
* Refine designs for disabled buttons throughout the admin interface (Paarth Agarwal) * Refine designs for disabled buttons throughout the admin interface (Paarth Agarwal)
* Update expanding formset add buttons to use `button` not link for behaviour and remove support for disabled as a class (LB (Ben) Johnston) * Update expanding formset add buttons to use `button` not link for behaviour and remove support for disabled as a class (LB (Ben) Johnston)
* Add robust unit testing for authentication scenarios across the user management admin pages (Mehrdad Moradizadeh) * Add robust unit testing for authentication scenarios across the user management admin pages (Mehrdad Moradizadeh)
* Avoid assuming an integer PK named 'id' on multiple upload views (Matt Westcott)
### Bug fixes ### Bug fixes

21
wagtail/admin/views/generic/multiple_upload.py
Wyświetl plik

@ -54,13 +54,13 @@ class AddView(PermissionCheckedMixin, TemplateView):
edit_form_class = self.get_edit_form_class() edit_form_class = self.get_edit_form_class()
return { return {
self.context_object_name: self.object, self.context_object_name: self.object,
"edit_action": reverse(self.edit_object_url_name, args=(self.object.id,)), "edit_action": reverse(self.edit_object_url_name, args=(self.object.pk,)),
"delete_action": reverse( "delete_action": reverse(
self.delete_object_url_name, args=(self.object.id,) self.delete_object_url_name, args=(self.object.pk,)
), ),
"form": edit_form_class( "form": edit_form_class(
instance=self.object, instance=self.object,
prefix="%s-%d" % (self.edit_object_form_prefix, self.object.id), prefix="%s-%d" % (self.edit_object_form_prefix, self.object.pk),
user=self.request.user, user=self.request.user,
), ),
} }
@ -71,7 +71,7 @@ class AddView(PermissionCheckedMixin, TemplateView):
""" """
return { return {
"success": True, "success": True,
self.context_object_id_name: int(self.object.id), self.context_object_id_name: self.object.pk,
"form": render_to_string( "form": render_to_string(
self.edit_form_template_name, self.edit_form_template_name,
self.get_edit_object_form_context_data(), self.get_edit_object_form_context_data(),
@ -213,7 +213,7 @@ class EditView(View):
self.model = self.get_model() self.model = self.get_model()
self.form_class = self.get_edit_form_class() self.form_class = self.get_edit_form_class()
self.object = get_object_or_404(self.model, id=object_id) self.object = get_object_or_404(self.model, pk=object_id)
if not self.permission_policy.user_has_permission_for_instance( if not self.permission_policy.user_has_permission_for_instance(
request.user, "change", self.object request.user, "change", self.object
@ -234,14 +234,14 @@ class EditView(View):
return JsonResponse( return JsonResponse(
{ {
"success": True, "success": True,
self.context_object_id_name: int(object_id), self.context_object_id_name: self.object.pk,
} }
) )
else: else:
return JsonResponse( return JsonResponse(
{ {
"success": False, "success": False,
self.context_object_id_name: int(object_id), self.context_object_id_name: self.object.pk,
"form": render_to_string( "form": render_to_string(
self.edit_form_template_name, self.edit_form_template_name,
{ {
@ -271,7 +271,10 @@ class DeleteView(View):
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
object_id = kwargs[self.pk_url_kwarg] object_id = kwargs[self.pk_url_kwarg]
self.model = self.get_model() self.model = self.get_model()
self.object = get_object_or_404(self.model, id=object_id) self.object = get_object_or_404(self.model, pk=object_id)
object_id = (
self.object.pk
) # retrieve object id cast to the appropriate type (usually int)
if not self.permission_policy.user_has_permission_for_instance( if not self.permission_policy.user_has_permission_for_instance(
request.user, "delete", self.object request.user, "delete", self.object
@ -283,7 +286,7 @@ class DeleteView(View):
return JsonResponse( return JsonResponse(
{ {
"success": True, "success": True,
self.context_object_id_name: int(object_id), self.context_object_id_name: object_id,
} }
) )