From 4c53fb883fe719c3ca6244aeb8c405a24eb89a40 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 28 Aug 2013 12:52:38 +0100 Subject: Tweak MAX_PAGINATE_BY behavior in edge case. Always respect `paginate_by` settings if client does not specify page size. (Even if the developer has misconfigured, so that `paginate_by > max`.) --- rest_framework/generics.py | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) (limited to 'rest_framework/generics.py') diff --git a/rest_framework/generics.py b/rest_framework/generics.py index ce6c462a..14feed20 100644 --- a/rest_framework/generics.py +++ b/rest_framework/generics.py @@ -14,13 +14,15 @@ from rest_framework.settings import api_settings import warnings -def strict_positive_int(integer_string): +def strict_positive_int(integer_string, cutoff=None): """ Cast a string to a strictly positive integer. """ ret = int(integer_string) if ret <= 0: raise ValueError() + if cutoff: + ret = min(ret, cutoff) return ret def get_object_or_404(queryset, **filter_kwargs): @@ -206,21 +208,15 @@ class GenericAPIView(views.APIView): PendingDeprecationWarning, stacklevel=2) if self.paginate_by_param: - query_params = self.request.QUERY_PARAMS try: - paginate_by_param = int(query_params[self.paginate_by_param]) + return strict_positive_int( + self.request.QUERY_PARAMS[self.paginate_by_param], + cutoff=self.max_paginate_by + ) except (KeyError, ValueError): pass - else: - if self.max_paginate_by is not None: - return min(self.max_paginate_by, paginate_by_param) - else: - return paginate_by_param - if self.max_paginate_by: - return min(self.max_paginate_by, self.paginate_by) - else: - return self.paginate_by + return self.paginate_by def get_serializer_class(self): """ -- cgit v1.2.3