From 3575e89dc038328403618b35aa669f4ae93c855d Mon Sep 17 00:00:00 2001
From: Emmanuel Viennet <emmanuel.viennet@gmail.com>
Date: Sat, 1 Jun 2024 14:27:02 +0200
Subject: [PATCH] check invalid etudid

---
 app/models/etudiants.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/models/etudiants.py b/app/models/etudiants.py
index a81ac73d..30e42d25 100644
--- a/app/models/etudiants.py
+++ b/app/models/etudiants.py
@@ -199,6 +199,11 @@ class Identite(models.ScoDocModel):
     @classmethod
     def get_etud(cls, etudid: int) -> "Identite":
         """Etudiant ou 404, cherche uniquement dans le département courant"""
+        if not isinstance(etudid, int):
+            try:
+                etudid = int(etudid)
+            except (TypeError, ValueError):
+                abort(404, "etudid invalide")
         if g.scodoc_dept:
             return cls.query.filter_by(
                 id=etudid, dept_id=g.scodoc_dept_id