From de4d50dd993f5f2f87fdabc85043d7d9d29247c3 Mon Sep 17 00:00:00 2001
From: virusdefender <qduliyang@outlook.com>
Date: Mon, 31 Oct 2016 00:18:17 +0800
Subject: [PATCH] add more validation in paginate_data function

---
 utils/shortcuts.py | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/utils/shortcuts.py b/utils/shortcuts.py
index d7c3cec..022c1b7 100644
--- a/utils/shortcuts.py
+++ b/utils/shortcuts.py
@@ -76,16 +76,24 @@ def paginate_data(request, query_set, object_serializer):
 
     try:
         limit = int(request.GET.get("limit", "100"))
-    except Exception:
+    except ValueError:
+        limit = 100
+    if limit < 0:
         limit = 100
 
     try:
-        offset = int(request.GET.get("offset", "100"))
-    except Exception:
-        offset = 100
+        offset = int(request.GET.get("offset", "0"))
+    except ValueError:
+        offset = 0
+    if offset < 0:
+        offset = 0
 
-    count = query_set.count()
-    results = object_serializer(query_set[offset:offset + limit], many=True).data
+    results = query_set[offset:offset + limit]
+    if object_serializer:
+        count = query_set.count()
+        results = object_serializer(results, many=True).data
+    else:
+        count = len(query_set)
 
     data = {"results": results,
             "count": count}