admin/38686-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refine: document ?pay_type= param + add unknown-value regression test

Browse Source 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Konrad du Plessis 2026-05-16 13:45:24 +02:00
parent a442658430
commit d949a01550
2 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
core/tests.py
View File

@ -3282,6 +3282,18 @@ class WorkerListPayTypeFilterTests(TestCase):
self.assertIn('Mary Manager', names)
self.assertEqual(resp.context['pay_type_filter'], '')
def test_unknown_pay_type_value_shows_both(self):
# Robustness: an unrecognised ?pay_type= value (typo, tampering,
# future-removed option) must fall through to the UNFILTERED
# default — never error, never return an empty list. This locks
# the allow-list contract so a future change to a deny-list
# would fail loudly here.
resp = self.client.get('/workers/?pay_type=banana')
names = [w.name for w in resp.context['workers']]
self.assertIn('Danny Daily', names)
self.assertIn('Mary Manager', names)
self.assertEqual(resp.context['pay_type_filter'], 'banana')
class WorkHistoryTeamFilterTests(TestCase):
"""The /history/ page accepts ?team=<id> to narrow to logs tagged

4
core/views.py
View File

@ -1604,7 +1604,7 @@ def export_workers_csv(request):
@login_required
def worker_list(request):
"""Admin-friendly list of all workers with search + status + team filter.
"""Admin-friendly list of all workers with search + status + team + pay-type filter.
Query params:
?q=search_term search name / ID number / phone
@ -1613,6 +1613,8 @@ def worker_list(request):
?status=all both
?team=<id> only workers belonging to this team (M2M)
?team=none workers NOT assigned to any team
?pay_type=fixed only managers / salaried staff (Worker.pay_type)
?pay_type=daily only daily field workers
"""
if not is_admin(request.user):
return HttpResponseForbidden("Admin access required.")