From c0dc48961e9c162256e2cdd53355ba696c44c127 Mon Sep 17 00:00:00 2001
From: Étienne Loks <etienne.loks@iggdrasil.net>
Date: Sat, 29 Apr 2017 13:20:21 +0200
Subject: Extra security to prevent recursion on bulk update

---
 archaeological_context_records/models.py | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

(limited to 'archaeological_context_records')

diff --git a/archaeological_context_records/models.py b/archaeological_context_records/models.py
index 678b0371d..d27c6a262 100644
--- a/archaeological_context_records/models.py
+++ b/archaeological_context_records/models.py
@@ -17,6 +17,7 @@
 
 # See the file COPYING for details.
 
+
 from django.conf import settings
 from django.contrib.gis.db import models
 from django.core.urlresolvers import reverse
@@ -30,7 +31,7 @@ from ishtar_common.utils import cached_label_changed
 from ishtar_common.models import GeneralType, BaseHistorizedItem, \
     HistoricalRecords, OwnPerms, ShortMenuItem, Source, GeneralRelationType,\
     GeneralRecordRelations, post_delete_record_relation, get_external_id, \
-    ImageModel, post_save_cache, ValueGetter
+    ImageModel, post_save_cache, ValueGetter, BulkUpdatedItem
 from archaeological_operations.models import Operation, Period, Parcel
 
 
@@ -158,7 +159,7 @@ class CRBulkView(object):
     """
 
 
-class ContextRecord(BaseHistorizedItem, ImageModel, OwnPerms,
+class ContextRecord(BulkUpdatedItem, BaseHistorizedItem, ImageModel, OwnPerms,
                     ValueGetter, ShortMenuItem):
     SHOW_URL = 'show-contextrecord'
     SLUG = 'contextrecord'
@@ -299,7 +300,13 @@ class ContextRecord(BaseHistorizedItem, ImageModel, OwnPerms,
         return self.short_label
 
     @classmethod
-    def cached_label_bulk_update(cls, operation_id=None, parcel_id=None):
+    def cached_label_bulk_update(cls, operation_id=None, parcel_id=None,
+                                 transaction_id=None):
+        transaction_id, is_recursion = cls.bulk_recursion(
+            transaction_id, [operation_id, parcel_id])
+        if is_recursion:
+            return
+
         if operation_id:
             where = "operation_id = %s"
             args = [int(operation_id)]
@@ -310,6 +317,8 @@ class ContextRecord(BaseHistorizedItem, ImageModel, OwnPerms,
             kwargs = {'parcel_id': parcel_id}
         else:
             return
+        kwargs['transaction_id'] = transaction_id
+
         sql = """
         UPDATE "archaeological_context_records_contextrecord" AS cr
             SET cached_label =
-- 
cgit v1.2.3