search: return 404 if cell does not exist (#49876)
This commit is contained in:
parent
f3f124e412
commit
53651ec33e
|
@ -24,6 +24,7 @@ from django.http import HttpResponse
|
|||
from django.core.exceptions import PermissionDenied
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.http import quote
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.template import RequestContext, Template
|
||||
|
||||
from jsonfield import JSONField
|
||||
|
@ -172,7 +173,7 @@ class SearchCell(CellBase):
|
|||
|
||||
@classmethod
|
||||
def ajax_results_view(cls, request, cell_pk, service_slug):
|
||||
cell = cls.objects.get(pk=cell_pk)
|
||||
cell = get_object_or_404(cls, pk=cell_pk)
|
||||
if not cell.is_visible(user=request.user) or not cell.page.is_visible(request.user):
|
||||
raise PermissionDenied
|
||||
|
||||
|
|
|
@ -57,15 +57,18 @@ class SearchServices(object):
|
|||
|
||||
|
||||
def test_search_cell(app):
|
||||
page = Page(title='Search', slug='search_page', template_name='standard')
|
||||
page.save()
|
||||
|
||||
cell = SearchCell(page=page, placeholder='content', order=0)
|
||||
cell._search_services = {'data': ['search1']}
|
||||
cell.input_placeholder = 'my placeholder'
|
||||
cell.save()
|
||||
|
||||
# unknown cell pk
|
||||
resp = app.get('/ajax/search/0/search1/?q=foo', status=404)
|
||||
|
||||
with SearchServices(SEARCH_SERVICES):
|
||||
page = Page(title='Search', slug='search_page', template_name='standard')
|
||||
page.save()
|
||||
|
||||
cell = SearchCell(page=page, placeholder='content', order=0)
|
||||
cell._search_services = {'data': ['search1']}
|
||||
cell.input_placeholder = 'my placeholder'
|
||||
cell.save()
|
||||
|
||||
resp = cell.render({})
|
||||
assert 'input' in resp
|
||||
assert 'id="combo-search-input-%s"' % cell.pk in resp
|
||||
|
|
Loading…
Reference in New Issue