0001-search-return-404-if-cell-does-not-exist-49876.patch
| combo/apps/search/models.py | ||
|---|---|---|
| 24 | 24 |
from django.core.exceptions import PermissionDenied |
| 25 | 25 |
from django.utils.functional import cached_property |
| 26 | 26 |
from django.utils.http import quote |
| 27 |
from django.shortcuts import get_object_or_404 |
|
| 27 | 28 |
from django.template import RequestContext, Template |
| 28 | 29 | |
| 29 | 30 |
from jsonfield import JSONField |
| ... | ... | |
| 172 | 173 | |
| 173 | 174 |
@classmethod |
| 174 | 175 |
def ajax_results_view(cls, request, cell_pk, service_slug): |
| 175 |
cell = cls.objects.get(pk=cell_pk)
|
|
| 176 |
cell = get_object_or_404(cls, pk=cell_pk)
|
|
| 176 | 177 |
if not cell.is_visible(user=request.user) or not cell.page.is_visible(request.user): |
| 177 | 178 |
raise PermissionDenied |
| 178 | 179 | |
| tests/test_search.py | ||
|---|---|---|
| 57 | 57 | |
| 58 | 58 | |
| 59 | 59 |
def test_search_cell(app): |
| 60 |
with SearchServices(SEARCH_SERVICES): |
|
| 61 |
page = Page(title='Search', slug='search_page', template_name='standard') |
|
| 62 |
page.save() |
|
| 60 |
page = Page(title='Search', slug='search_page', template_name='standard') |
|
| 61 |
page.save() |
|
| 63 | 62 | |
| 64 |
cell = SearchCell(page=page, placeholder='content', order=0)
|
|
| 65 |
cell._search_services = {'data': ['search1']}
|
|
| 66 |
cell.input_placeholder = 'my placeholder'
|
|
| 67 |
cell.save()
|
|
| 63 |
cell = SearchCell(page=page, placeholder='content', order=0) |
|
| 64 |
cell._search_services = {'data': ['search1']}
|
|
| 65 |
cell.input_placeholder = 'my placeholder' |
|
| 66 |
cell.save() |
|
| 68 | 67 | |
| 68 |
# unknown cell pk |
|
| 69 |
resp = app.get('/ajax/search/0/search1/?q=foo', status=404)
|
|
| 70 | ||
| 71 |
with SearchServices(SEARCH_SERVICES): |
|
| 69 | 72 |
resp = cell.render({})
|
| 70 | 73 |
assert 'input' in resp |
| 71 | 74 |
assert 'id="combo-search-input-%s"' % cell.pk in resp |
| 72 |
- |
|