api: handle wrong payload types in role memberships direct definition (#36727)
This commit is contained in:
parent
5adef18631
commit
9e0b32b71d
|
@ -781,10 +781,15 @@ class RoleMembershipsAPI(ExceptionHandlerMixin, APIView):
|
|||
|
||||
for entry in request.data.get('data', ()):
|
||||
try:
|
||||
self.members.append(User.objects.get(uuid=entry['uuid']))
|
||||
uuid = entry['uuid']
|
||||
except TypeError:
|
||||
raise ValidationError(_("List elements of the 'data' dict "
|
||||
"entry must be dictionaries"))
|
||||
except KeyError:
|
||||
raise ValidationError(_("Missing 'uuid' key for dict entry %s "
|
||||
"of the 'data' payload") % entry)
|
||||
try:
|
||||
self.members.append(User.objects.get(uuid=uuid))
|
||||
except User.DoesNotExist:
|
||||
raise ValidationError(
|
||||
_('No known user for UUID %s') % entry['uuid'])
|
||||
|
|
|
@ -801,7 +801,7 @@ def test_api_role_members_payload_missing(app, api_user, role):
|
|||
status=status)
|
||||
|
||||
|
||||
def test_api_role_members_wrong_payload_type(app, superuser, role_random, member_rando2):
|
||||
def test_api_role_members_wrong_payload_types(app, superuser, role_random, member_rando2):
|
||||
app.authorization = ('Basic', (superuser.username, superuser.username))
|
||||
|
||||
payload = [{
|
||||
|
@ -813,7 +813,29 @@ def test_api_role_members_wrong_payload_type(app, superuser, role_random, member
|
|||
params=payload, status=400)
|
||||
|
||||
assert resp.json['result'] == 0
|
||||
assert resp.json['errors'][0] == 'Payload must be a dictionary'
|
||||
assert resp.json['errors'] == ['Payload must be a dictionary']
|
||||
|
||||
payload = {
|
||||
"data": [[member_rando2.uuid]]
|
||||
}
|
||||
|
||||
resp = app.post_json(
|
||||
'/api/roles/{}/relationships/members/'.format(role_random.uuid),
|
||||
params=payload, status=400)
|
||||
|
||||
assert resp.json['result'] == 0
|
||||
assert resp.json['errors'] == ["List elements of the 'data' dict entry must be dictionaries"]
|
||||
|
||||
payload = {
|
||||
"data": [member_rando2.uuid]
|
||||
}
|
||||
|
||||
resp = app.post_json(
|
||||
'/api/roles/{}/relationships/members/'.format(role_random.uuid),
|
||||
params=payload, status=400)
|
||||
|
||||
assert resp.json['result'] == 0
|
||||
assert resp.json['errors'] == ["List elements of the 'data' dict entry must be dictionaries"]
|
||||
|
||||
|
||||
def test_register_no_email_validation(app, admin, django_user_model):
|
||||
|
|
Loading…
Reference in New Issue