[Django] #23839: Regression in the admin's handling of querystring allowed fields
Django
-------------------------------------------+---------------------------
Reporter: jphalip | Owner: charettes
Type: Bug | Status: new
Component: contrib.admin | Version: 1.6
Severity: Release blocker | Keywords:
Triage Stage: Accepted | Has patch: 1
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------------+---------------------------
Recent security patches have introduced a number of regressions. Most of
those regressions have already been addressed in #23329 and #23604.
However, there is still at least one remaining regression, where a model
with a FK cannot be referenced by its primary key. This issue happens in
particular when the said model is not registered as an inline, which
occurs in a third-party like FeinCMS.
FeinCMS implemented a work-around:
https://github.com/feincms/feincms/commit/30e93f33ffb17d9a3544c9bbc83c8bfa57b24a60
Impending pull request loosens the check by always allowing the primary
key to be referenced in the querystring.
--
Ticket URL: <https://code.djangoproject.com/ticket/23839>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Reporter: jphalip | Owner: charettes
Type: Bug | Status: new
Component: contrib.admin | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
Comment (by jphalip):
See PR: https://github.com/django/django/pull/3538
--
Ticket URL: <https://code.djangoproject.com/ticket/23839#comment:1>
Django
Reporter: jphalip | Owner: charettes
Type: Bug | Status: new
Component: contrib.admin | Version: 1.6
Keywords: | Triage Stage: Ready for
Has patch: 1 | checkin
Needs tests: 0 | Needs documentation: 0
Easy pickings: 0 | Patch needs improvement: 0
| UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by collinanderson):
* stage: Accepted => Ready for checkin
--
Ticket URL: <https://code.djangoproject.com/ticket/23839#comment:2>
Django
Reporter: jphalip | Owner: charettes
Type: Bug | Status: new
Component: contrib.admin | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Changes (by timgraham):
* needs_better_patch: 0 => 1
* stage: Ready for checkin => Accepted
Comment:
Bumping off RFC per Simon's comment on the PR: "Please don't merge yet,
I'd like to discuss the whole subject of `to_field_allowed` regressions on
the developers mailing list first."
--
Ticket URL: <https://code.djangoproject.com/ticket/23839#comment:3>
Django
Reporter: jphalip | Owner: charettes
Type: Bug | Status: closed
Component: contrib.admin | Version: 1.6
Severity: Release blocker | Resolution: duplicate
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Changes (by charettes):
* status: new => closed
* resolution: => duplicate
Comment:
After further analysis this should be considered a duplicate of #23754.
--
Ticket URL: <https://code.djangoproject.com/ticket/23839#comment:4>