Skip to content

Fix critical sales and backup integrity regressions#73

Draft
cursor[bot] wants to merge 1 commit into
mainfrom
cursor/critical-bug-investigation-dd1c
Draft

Fix critical sales and backup integrity regressions#73
cursor[bot] wants to merge 1 commit into
mainfrom
cursor/critical-bug-investigation-dd1c

Conversation

@cursor

@cursor cursor Bot commented Jun 23, 2026

Copy link
Copy Markdown

Bug and impact

  • Sale detail GET requests silently rewrote persisted totals, which could corrupt completed sale/payment history just by viewing a receipt.
  • Draft sale item deletion was a GET side effect without CSRF protection and without row locks, allowing accidental/CSRF deletion and inventory restock.
  • The checkout UI exposed an unsupported credit payment method, and direct POSTs could complete sales with an unimplemented payment path.
  • Backup restore/delete confirmation UI was broken, and media restore failures could leave the database restored while media files were partially changed.
  • Log file download/delete wrote admin LogEntry rows with invalid content_type_id=0, causing 500s.

Root cause

  • Read-only/detail and destructive sales paths mixed display logic with persistence and lacked method validation.
  • Payment method validation trusted client-submitted values beyond implemented backend flows.
  • Backup templates and views used different context/field names, and media replacement happened outside the database restore rollback path.
  • Custom admin log entries used an invalid foreign key sentinel instead of nullable content types.

Fix

  • Make sale detail read-only; require POST+CSRF for sale item deletion and wrap deletion/restock in a transaction with row locks.
  • Normalize/reject unsupported payment methods and remove the unsupported credit checkout button; reject invalid zero totals instead of using a hardcoded fallback.
  • Align backup restore context/confirmation fields, add the missing delete confirmation template, and stage/rollback media restoration around database restore failures.
  • Use nullable content types for log file admin entries.
  • Add focused regression tests for all fixed paths.

Validation

  • mkdir -p logs && .venv/bin/python manage.py test inventory.tests.test_sale_status inventory.tests.test_sales_balance_payment inventory.tests.test_views.BackupViewSecurityTest inventory.tests.test_views.LogFileViewTest (22 tests OK; only existing staticfiles warning and expected simulated media failure log)
  • mkdir -p logs && .venv/bin/python manage.py test inventory.tests.test_i18n && .venv/bin/python manage.py check (OK; only existing staticfiles warning and existing naive datetime warnings in i18n tests)
Open in Web View Automation 

Co-authored-by: Xianist Lab <zhtyyx@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant