[Django] #30126: Incorrect validation of forms.DecimalField
Django
--------------------------------------------+------------------------
Reporter: Roman Paranichev | Owner: nobody
Type: Uncategorized | Status: new
Component: Forms | Version: 2.1
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
--------------------------------------------+------------------------
Steps to reproduce:
1. create html form
{{{
<form action="/payment/">
<input type="number" step="0.01" name="amount" value="0.02" required>
<input type="submit" value="Submit">
</form>
}}}
2. create django-form for validation:
{{{
from django import forms
class CreatePaymentForm(forms.Form):
amount = forms.DecimalField(min_value=0.02, max_digits=12,
decimal_places=2)
}}}
3. Try to validate from in a view class:
{{{
import json
from django.http import HttpResponse
from django.views.generic import View
from django.contrib.auth.decorators import login_required
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt
from api.forms import CreatePaymentForm
@method_decorator(login_required, name='dispatch')
@method_decorator(csrf_exempt, name='dispatch')
class PaymentView(View):
def post(self, request):
form = CreatePaymentForm(request.POST)
if form.is_valid():
pass
print("post: %s, errors: %s" % (request.POST, form.errors))
return HttpResponse(json.dumps({'errors': form.errors}),
status=400)
}}}
The output will be:
post: <QueryDict: {'amount': ['0.02']}>, errors: <ul
class="errorlist"><li>amount<ul class="errorlist"><li>Ensure this value is
greater than or equal to 0.02.</li></ul></li></ul>
--
Ticket URL: <https://code.djangoproject.com/ticket/30126>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Reporter: Roman Paranichev | Owner: nobody
Type: Uncategorized | Status: new
Component: Forms | Version: 2.1
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
Comment (by Roman Paranichev):
runserver output
{{{
System check identified no issues (0 silenced).
January 23, 2019 - 22:19:34
Django version 2.1.4, using settings 'mif2.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
post: <QueryDict: {'amount': ['0.02']}>, errors: <ul
class="errorlist"><li>amount<ul class="errorlist"><li>Убедитесь, что это
значение больше либо равно 0.02.</li></ul></li></ul>
Bad Request: /api/payment/
[23/Jan/2019 22:19:38] "POST /api/payment/ HTTP/1.1" 400 269
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/30126#comment:1>
Django
Reporter: Roman Paranichev | Owner: nobody
Component: Forms | Version: 2.1
Severity: Normal | Resolution: invalid
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
Changes (by Tim Graham):
* status: new => closed
* type: Uncategorized => Bug
* resolution: => invalid
Comment:
As I said in #30125, please try with `min_value=Decimal('0.02')` -- floats
like 0.02 may not keep precision. Ideally, you would debug the issue
yourself and explain where the issue is. Also, try to put together a more
minimal example that reproduces the issue. For example,
`@method_decorator(login_required, name='dispatch')` isn't required.
Please reopen if you investigate further and find Django at fault.
--
Ticket URL: <https://code.djangoproject.com/ticket/30126#comment:2>