Mercurial > kallithea

changeset 2942:f53faff4487e beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
get_or_404 method does validation for ID beeing an INT
author Marcin Kuzminski <marcin@python-works.com>
date Fri, 19 Oct 2012 23:44:35 +0200
parents d0c2299d08d4
children c40a7185837a
files rhodecode/model/db.py
diffstat 1 files changed, 9 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/rhodecode/model/db.py	Fri Oct 19 23:39:43 2012 +0200
+++ b/rhodecode/model/db.py	Fri Oct 19 23:44:35 2012 +0200
@@ -118,11 +118,15 @@
 
     @classmethod
     def get_or_404(cls, id_):
-        if id_:
-            res = cls.query().get(id_)
-            if not res:
-                raise HTTPNotFound
-            return res
+        try:
+            id_ = int(id_)
+        except (TypeError, ValueError):
+            raise HTTPNotFound
+
+        res = cls.query().get(id_)
+        if not res:
+            raise HTTPNotFound
+        return res
 
     @classmethod
     def getAll(cls):