Skip to content

Commit

Permalink
Fix survey validation to always retun an error code if erroring
Browse files Browse the repository at this point in the history
  • Loading branch information
wenottingham committed Dec 20, 2019
1 parent 82fd245 commit 3ba1ba1
Showing 2 changed files with 30 additions and 6 deletions.
12 changes: 6 additions & 6 deletions awx/api/views/__init__.py
Original file line number Diff line number Diff line change
@@ -2549,7 +2549,7 @@ def _validate_spec_data(new_spec, old_spec):
if not isinstance(val, allow_types):
return Response(dict(error=_("'{field_name}' in survey question {idx} expected to be {type_label}.").format(
field_name=field_name, type_label=type_label, **context
)))
)), status=status.HTTP_400_BAD_REQUEST)
if survey_item['variable'] in variable_set:
return Response(dict(error=_("'variable' '%(item)s' duplicated in survey question %(survey)s.") % {
'item': survey_item['variable'], 'survey': str(idx)}), status=status.HTTP_400_BAD_REQUEST)
@@ -2564,7 +2564,7 @@ def _validate_spec_data(new_spec, old_spec):
"'{survey_item[type]}' in survey question {idx} is not one of '{allowed_types}' allowed question types."
).format(
allowed_types=', '.join(JobTemplateSurveySpec.ALLOWED_TYPES.keys()), **context
)))
)), status=status.HTTP_400_BAD_REQUEST)
if 'default' in survey_item and survey_item['default'] != '':
if not isinstance(survey_item['default'], JobTemplateSurveySpec.ALLOWED_TYPES[qtype]):
type_label = 'string'
@@ -2582,7 +2582,7 @@ def _validate_spec_data(new_spec, old_spec):
if survey_item[key] is not None and (not isinstance(survey_item[key], int)):
return Response(dict(error=_(
"The {min_or_max} limit in survey question {idx} expected to be integer."
).format(min_or_max=key, **context)))
).format(min_or_max=key, **context)), status=status.HTTP_400_BAD_REQUEST)
# if it's a multiselect or multiple choice, it must have coices listed
# choices and defualts must come in as strings seperated by /n characters.
if qtype == 'multiselect' or qtype == 'multiplechoice':
@@ -2592,7 +2592,7 @@ def _validate_spec_data(new_spec, old_spec):
else:
return Response(dict(error=_(
"Survey question {idx} of type {survey_item[type]} must specify choices.".format(**context)
)))
)), status=status.HTTP_400_BAD_REQUEST)
# If there is a default string split it out removing extra /n characters.
# Note: There can still be extra newline characters added in the API, these are sanitized out using .strip()
if 'default' in survey_item:
@@ -2606,11 +2606,11 @@ def _validate_spec_data(new_spec, old_spec):
if len(list_of_defaults) > 1:
return Response(dict(error=_(
"Multiple Choice (Single Select) can only have one default value.".format(**context)
)))
)), status=status.HTTP_400_BAD_REQUEST)
if any(item not in survey_item['choices'] for item in list_of_defaults):
return Response(dict(error=_(
"Default choice must be answered from the choices listed.".format(**context)
)))
)), status=status.HTTP_400_BAD_REQUEST)

# Process encryption substitution
if ("default" in survey_item and isinstance(survey_item['default'], str) and
24 changes: 24 additions & 0 deletions awx/main/tests/functional/api/test_survey_spec.py
Original file line number Diff line number Diff line change
@@ -219,6 +219,30 @@ def test_survey_spec_passwords_with_default_required(job_template_factory, post,
assert launch_value not in json.loads(job.extra_vars).values()


@pytest.mark.django_db
def test_survey_spec_default_not_allowed(job_template, post, admin_user):
survey_input_data = {
'description': 'A survey',
'spec': [{
'question_name': 'You must choose wisely',
'variable': 'your_choice',
'default': 'blue',
'required': False,
'type': 'multiplechoice',
"choices": ["red", "green", "purple"]
}],
'name': 'my survey'
}
r = post(
url=reverse(
'api:job_template_survey_spec',
kwargs={'pk': job_template.id}
),
data=survey_input_data, user=admin_user, expect=400
)
assert r.data['error'] == 'Default choice must be answered from the choices listed.'


@pytest.mark.django_db
@pytest.mark.parametrize('default, status', [
('SUPERSECRET', 200),

0 comments on commit 3ba1ba1

Please sign in to comment.