diff --git a/helios/security.py b/helios/security.py index 05e99b4e24c87d93cb3bdff211aa180cc3ae8549..0eb218cb7600db6b1f7f51aa12ffd8c9c23132ba 100644 --- a/helios/security.py +++ b/helios/security.py @@ -9,6 +9,7 @@ from functools import update_wrapper from django.core.urlresolvers import reverse from django.core.exceptions import * +from django.http import * from django.conf import settings from models import * @@ -92,6 +93,9 @@ def election_view(**checks): def election_view_wrapper(request, election_uuid=None, *args, **kw): election = get_election_by_uuid(election_uuid) + if not election: + raise Http404 + # do checks do_election_checks(election, checks) diff --git a/helios/tests.py b/helios/tests.py index 46f7ffc6cd4704f98b266c501f6d5cfcd31ac98b..7dcfe56ff5d394646654e63a3d0da5e92138ac36 100644 --- a/helios/tests.py +++ b/helios/tests.py @@ -390,6 +390,10 @@ class ElectionBlackboxTests(WebTest): response = self.client.get("/helios/elections/params") self.assertEquals(response.content, views.ELGAMAL_PARAMS_LD_OBJECT.serialize()) + def test_election_404(self): + response = self.client.get("/helios/elections/foobar") + self.assertEquals(response.status_code, 404) + def test_election_bad_trustee(self): response = self.client.get("/helios/t/%s/foobar@bar.com/badsecret" % self.election.short_name) self.assertEquals(response.status_code, 404)