From a912f3a1ca24779aa1b4e58b72bf43085a0aa0c6 Mon Sep 17 00:00:00 2001
From: Kasper Brandt <kasperbrandt87@gmail.com>
Date: Wed, 11 May 2016 10:55:00 +0200
Subject: [PATCH 1/2] [#2163] Catch unknown fields in old API filtering

---
 akvo/rest/viewsets.py | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/akvo/rest/viewsets.py b/akvo/rest/viewsets.py
index aa1ad31562..5fbfdba086 100644
--- a/akvo/rest/viewsets.py
+++ b/akvo/rest/viewsets.py
@@ -4,13 +4,13 @@
 # See more details in the license.txt file located at the root folder of the Akvo RSR module.
 # For additional details on the GNU license please see < http://www.gnu.org/licenses/agpl.html >.
 
-from django.db.models.fields.related import ForeignKey, ForeignObject
+from django.db.models.fields import FieldDoesNotExist
+from django.db.models.fields.related import ForeignObject
 from django.core.exceptions import FieldError
 
 from akvo.rest.models import TastyTokenAuthentication
 
 from rest_framework import authentication, filters, permissions, viewsets
-from rest_framework.exceptions import ParseError
 
 from .filters import RSRGenericFilterBackend
 
@@ -68,16 +68,20 @@ def get_lookups_from_filters(legacy_filters):
                     parts = parts[:-1]
                     model = queryset.model
                     for part in parts:
-                        field_object, related_model, direct, m2m = model._meta.get_field_by_name(
-                            part)
-                        if direct:
-                            if issubclass(field_object.__class__, ForeignObject):
-                                model = field_object.related.parent_model
+                        try:
+                            field_object, related_model, direct, m2m = model._meta.\
+                                get_field_by_name(part)
+
+                            if direct:
+                                if issubclass(field_object.__class__, ForeignObject):
+                                    model = field_object.related.parent_model
+                                else:
+                                    value = field_object.to_python(value)
+                                    break
                             else:
-                                value = field_object.to_python(value)
-                                break
-                        else:
-                            model = related_model
+                                model = related_model
+                        except FieldDoesNotExist:
+                            pass
                 query_set_lookups += [{key: value}]
             return query_set_lookups
 

From d2e9f1fa0e94dec5a74d1ca0c73adbb9b67d5384 Mon Sep 17 00:00:00 2001
From: Kasper Brandt <kasperbrandt87@gmail.com>
Date: Wed, 11 May 2016 12:08:00 +0200
Subject: [PATCH 2/2] [#2163] Also catch ValueErrors in API for non-valid
 values

---
 akvo/rest/viewsets.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/akvo/rest/viewsets.py b/akvo/rest/viewsets.py
index 5fbfdba086..1aaf2cce1a 100644
--- a/akvo/rest/viewsets.py
+++ b/akvo/rest/viewsets.py
@@ -95,9 +95,9 @@ def get_lookups_from_filters(legacy_filters):
         for lookup in lookups:
             try:
                 queryset = queryset.filter(**lookup)
-            except FieldError:
+            except (FieldError, ValueError):
                 # In order to mimick 'old' behaviour of the API, we should ignore non-valid
-                # parameters. Returning a warning would be more preferable.
+                # parameters or values. Returning a warning would be more preferable.
                 pass
 
         return queryset