Skip to content

Commit 4ae0982

Browse files
committed
Fix issue where user can make two session request submissions, corrupting data. Also, ignore deleted session requests in edit view. Commit ready for merge
- Legacy-Id: 15055
1 parent b9e7711 commit 4ae0982

2 files changed

Lines changed: 17 additions & 5 deletions

File tree

ietf/secr/sreq/tests.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -114,6 +114,12 @@ def test_submit_request(self):
114114
session_count_after = Session.objects.filter(meeting=meeting, group=group).count()
115115
self.assertTrue(session_count_after == session_count_before + 1)
116116

117+
# test that second confirm does not add sessions
118+
r = self.client.post(confirm_url,post_data)
119+
self.assertRedirects(r, main_url)
120+
session_count_after = Session.objects.filter(meeting=meeting, group=group).count()
121+
self.assertTrue(session_count_after == session_count_before + 1)
122+
117123
def test_submit_request_invalid(self):
118124
make_test_data()
119125
group = Group.objects.get(acronym='mars')

ietf/secr/sreq/views.py

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -229,12 +229,22 @@ def confirm(request, acronym):
229229
group = get_object_or_404(Group,acronym=acronym)
230230
login = request.user.person
231231

232+
# check if request already exists for this group
233+
if Session.objects.filter(group=group,meeting=meeting).exclude(status__in=('deleted','notmeet')):
234+
messages.warning(request, 'Sessions for working group %s have already been requested once.' % group.acronym)
235+
return redirect('ietf.secr.sreq.views.main')
236+
232237
session_data = form.data.copy()
233238
if 'bethere' in session_data:
234239
person_id_list = [ id for id in form.data['bethere'].split(',') if id ]
235240
session_data['bethere'] = Person.objects.filter(pk__in=person_id_list)
236241
session_data['resources'] = [ ResourceAssociation.objects.get(pk=pk) for pk in request.POST.getlist('resources') ]
237242

243+
button_text = request.POST.get('submit', '')
244+
if button_text == 'Cancel':
245+
messages.success(request, 'Session Request has been canceled')
246+
return redirect('ietf.secr.sreq.views.main')
247+
238248
button_text = request.POST.get('submit', '')
239249
if button_text == 'Cancel':
240250
messages.success(request, 'Session Request has been canceled')
@@ -322,7 +332,7 @@ def edit_mtg(request, num, acronym):
322332
'''
323333
meeting = get_meeting(num)
324334
group = get_object_or_404(Group, acronym=acronym)
325-
sessions = Session.objects.filter(meeting=meeting,group=group).order_by('id')
335+
sessions = Session.objects.filter(meeting=meeting,group=group).exclude(status__in=('deleted','notmeet')).order_by('id')
326336
sessions_count = sessions.count()
327337
initial = get_initial_session(sessions)
328338
if 'resources' in initial:
@@ -527,10 +537,6 @@ def new(request, acronym):
527537

528538
form = SessionForm(request.POST)
529539
if form.is_valid():
530-
# check if request already exists for this group
531-
if Session.objects.filter(group=group,meeting=meeting).exclude(status__in=('deleted','notmeet')):
532-
messages.warning(request, 'Sessions for working group %s have already been requested once.' % group.acronym)
533-
return redirect('ietf.secr.sreq.views.main')
534540
return confirm(request, acronym)
535541

536542
# the "previous" querystring causes the form to be returned

0 commit comments

Comments
 (0)