workaround security update on distsortreversed

Due to Django security update CVE-2021-45116 which removed the capability of resolving a method in a template when called dictsortreversed
2025-12-14 13:57:45 +00:00 · 2022-04-23 22:42:46 +03:00
parent 9ead6b00f9
commit f05e885517
3 changed files with 19 additions and 7 deletions
--- a/core/views/logbooks.py
+++ b/core/views/logbooks.py
@@ -32,6 +32,9 @@ todo = '''Fix the get_person_chronology() display bug.
 '''

 def notablepersons(request):
+    def notabilitykey(person):
+      return person.notability()
+
    persons = Person.objects.all()
    # From what I can tell, "persons" seems to be the table rows, while "pcols" is the table columns. - AC 16 Feb 09
    pcols = [ ]
@@ -41,9 +44,11 @@ def notablepersons(request):
        pcols.append(persons[i * nc: (i + 1) * nc])
    
    notablepersons = []
-    for person in Person.objects.all():
-            if person.bisnotable():
-                notablepersons.append(person)
+#   Needed recoding because of Django CVE-2021-45116
+    for person in persons:
+        if person.bisnotable():
+            notablepersons.append(person)
+    notablepersons.sort(key=notabilitykey, reverse=True)

    return render(request,'notablepersons.html', {'persons': persons, 'pcols':pcols, 'notablepersons':notablepersons})