diff options
| author | Akshesh <aksheshdoshi@gmail.com> | 2016-03-28 11:58:51 +0530 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2016-03-29 07:42:23 -0400 |
| commit | a7c813ba045044ec23bb656ef9a23a0e38e36514 (patch) | |
| tree | 55e7035ca19d517dbb707922e1583451677d198a | |
| parent | 724a279849a5cd09cdb5ef201fe6958a4c26fe73 (diff) | |
Fixed #21734 -- Handled ProtectedError in a POST to admin's delete_selected action.
| -rw-r--r-- | django/contrib/admin/actions.py | 2 | ||||
| -rw-r--r-- | tests/admin_views/tests.py | 8 |
2 files changed, 9 insertions, 1 deletions
diff --git a/django/contrib/admin/actions.py b/django/contrib/admin/actions.py index 80b0ac83d6..6fdf070694 100644 --- a/django/contrib/admin/actions.py +++ b/django/contrib/admin/actions.py @@ -38,7 +38,7 @@ def delete_selected(modeladmin, request, queryset): # The user has already confirmed the deletion. # Do the deletion and return a None to display the change list view again. - if request.POST.get('post'): + if request.POST.get('post') and not protected: if perms_needed: raise PermissionDenied n = queryset.count() diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py index 4802827a5c..ab82f64793 100644 --- a/tests/admin_views/tests.py +++ b/tests/admin_views/tests.py @@ -3123,6 +3123,8 @@ class AdminActionsTest(TestCase): 'action': 'delete_selected', 'index': 0, } + delete_confirmation_data = action_data.copy() + delete_confirmation_data['post'] = 'yes' response = self.client.post(reverse('admin:admin_views_question_changelist'), action_data) @@ -3138,6 +3140,12 @@ class AdminActionsTest(TestCase): html=True ) + # A POST request to delete protected objects should display the page + # which says the deletion is prohibited. + response = self.client.post(reverse('admin:admin_views_question_changelist'), delete_confirmation_data) + self.assertContains(response, "would require deleting the following protected related objects") + self.assertEqual(Question.objects.count(), 2) + def test_model_admin_default_delete_action_no_change_url(self): """ Default delete action shouldn't break if a user's ModelAdmin removes the url for change_view. |
