From 9d1cf983f35d43abb8db2f4c270f9ab8bf346dca Mon Sep 17 00:00:00 2001
From: mlbonhomme <bonhomme@teklia.com>
Date: Wed, 17 May 2023 15:02:45 +0000
Subject: [PATCH] Handle DjangoValidationError in RemoveSelection
---
arkindex/documents/api/elements.py | 4 ++++
arkindex/documents/tests/test_selection_api.py | 6 ++++++
2 files changed, 10 insertions(+)
diff --git a/arkindex/documents/api/elements.py b/arkindex/documents/api/elements.py
index 03db7dbcd1..a744a3cd9f 100644
--- a/arkindex/documents/api/elements.py
+++ b/arkindex/documents/api/elements.py
@@ -1480,6 +1480,10 @@ class ManageSelection(SelectionMixin, ListAPIView):
def delete(self, request, *args, **kwargs):
if request.data.get('id'):
field = serializers.PrimaryKeyRelatedField(queryset=self.get_selection())
+ try:
+ UUID(request.data['id'])
+ except (ValueError, AttributeError):
+ raise ValidationError({'id': ['Not a valid UUID.']})
element = field.to_internal_value(request.data['id'])
request.user.selections.get(element=element).delete()
elif request.data.get('corpus'):
diff --git a/arkindex/documents/tests/test_selection_api.py b/arkindex/documents/tests/test_selection_api.py
index 3bbe5f6fa8..dbd64e7b8e 100644
--- a/arkindex/documents/tests/test_selection_api.py
+++ b/arkindex/documents/tests/test_selection_api.py
@@ -189,6 +189,12 @@ class TestElementsAPI(FixtureAPITestCase):
response = self.client.delete(reverse('api:elements-selection'), data={'id': self.page.id})
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+ def test_delete_not_a_uuid(self):
+ self.client.force_login(self.user)
+ response = self.client.delete(reverse('api:elements-selection'), data={'id': {'id': self.page.id, 'type': 'page'}}, format='json')
+ self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+ self.assertEqual(response.json(), {'id': ['Not a valid UUID.']})
+
@override_settings(ARKINDEX_FEATURES={'selection': False})
def test_delete_no_selection(self):
self.client.force_login(self.user)
--
GitLab