Project

General

Profile

Actions
Copy link

Feature #22285

open

Present error message when passing integer when array expected for API call

Added by Tomer Brisker about 7 years ago. Updated about 6 years ago.

Status:
New
Priority:
Normal
Assignee:
Tomer Brisker
Category:
API
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
1401090
Pull request:
https://github.com/theforeman/foreman/pull/5330
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Summary from BZ: when passing an integer for a parameter expecting an array (e.g. organization_ids), strong params filters out the value and continues silently instead of failing the request.

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1401090

Description of problem:
A typo in API call generates a backtrace errors instead of simple error message with proper syntax suggestion

Steps to Reproduce:
1. Execute API call with a typo

NOK (fails)
  1. curl -H "Accept:application/json,version=2" -H "Content-Type:application/json" -X PUT -u username:password -k -d "{\"user\":{\"location_ids\":[3], \"organization_ids\":1}}" https://sat6.example.com/api/users/12
OK (works)
  1. curl -H "Accept:application/json,version=2" -H "Content-Type:application/json" -X PUT -u username:password -k -d "{\"user\":{\"location_ids\":[3], \"organization_ids\":[1]}}" https://sat6.example.com/api/users/12

Actual results:

  1. curl -H "Accept:application/json,version=2" -H "Content-Type:application/json" -X PUT -u username:password -k -d "{\"user\":{\"location_ids\":[3], \"organization_ids\":1}}" https://sat6.example.com/api/users/12

2016-12-01 17:13:33 [app] [I] Started PUT "/api/users/12" for <IP> at 2016-12-01 17:13:33 -0500
2016-12-01 17:13:33 [app] [I] Processing by Api::V2::UsersController#update as JSON
2016-12-01 17:13:33 [app] [I] Parameters: {"user"=>{"location_ids"=>[3], "organization_ids"=>1}, "apiv"=>"v2", "id"=>"12"}
2016-12-01 17:13:33 [app] [I] Authorized user admin(Admin User)
2016-12-01 17:13:33 [app] [W] Action failed | NoMethodError: undefined method `uniq' for 1:Fixnum | /usr/share/foreman/app/models/concerns/dirty_associations.rb:34:in `block (2 levels) in dirty_has_many_associations' | /opt/rh/rh-ror41/root/usr/share/gems/gems/activerecord-4.1.5/lib/active_record/attribute_assignment.rb:45:in `public_send'
<-- snip --> | /opt/theforeman/tfm/root/usr/share/gems/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `block in create_with_logging_context'
2016-12-01 17:13:33 [app] [I] Rendered api/v2/errors/standard_error.json.rabl within api/v2/layouts/error_layout (1.2ms)
2016-12-01 17:13:33 [app] [I] Completed 500 Internal Server Error in 52ms (Views: 2.5ms | ActiveRecord: 7.6ms)

Expected results:

  1. curl -H "Accept:application/json,version=2" -H "Content-Type:application/json" -X PUT -u username:password -k -d "{\"user\":{\"location_ids\":[3], \"organization_ids\":1}}" https://usl10149341.am.hedani.net/api/users/12

[E] 'organization_ids must be array' or something similar with proper syntax suggestion

Additional info:

None

Related issues 7 (2 open5 closed)

Related to Discovery - Refactor #22325: Fix tests after strong params set to raiseClosedLukas Zapletal01/19/2018Actions
Related to Foreman - Feature #3917: Add strong_parameters to foremanClosedDominic Cleal12/19/2013Actions
Related to foreman-tasks - Refactor #22438: Remove KeepParamsClosedTomer Brisker01/28/2018Actions
Related to Foreman - Feature #3026: Enable apipie API parameter validationNew09/04/2013Actions
Related to Foreman - Bug #25755: log when unpermitted params are passed in all environmentsClosedTomer BriskerActions
Has duplicate Katello - Bug #27542: /katello/api/srpms does not gives error on undefined parameterDuplicateIan BallouActions
Blocked by Foreman Remote Execution - Bug #22531: Correctly handle strong paramsAssignedTomer Brisker02/07/2018Actions
Actions
Copy link
 #1

Updated by The Foreman Bot about 7 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Tomer Brisker
  • Pull request https://github.com/theforeman/foreman/pull/5183 added
Actions
Copy link
 #2

Updated by Tomer Brisker about 7 years ago

  • Related to Refactor #22325: Fix tests after strong params set to raise added
Actions
Copy link
 #3

Updated by Tomer Brisker about 7 years ago

  • Related to Feature #3917: Add strong_parameters to foreman added
Actions
Copy link
 #4

Updated by Tomer Brisker about 7 years ago

Actions
Copy link
 #5

Updated by Tomer Brisker almost 7 years ago

  • Blocked by Bug #22531: Correctly handle strong params added
Actions
Copy link
 #6

Updated by The Foreman Bot almost 7 years ago

  • Pull request https://github.com/theforeman/foreman/pull/5330 added
Actions
Copy link
 #7

Updated by Marek Hulán almost 7 years ago

  • Related to Feature #3026: Enable apipie API parameter validation added
Actions
Copy link
 #8

Updated by Marek Hulán almost 7 years ago

  • Subject changed from Present error message when passing integer when array expected for API call to Present error message when passing integer when array expected for API call

It might be also good time to revisit enabling apipie validations.

Actions
Copy link
 #9

Updated by Tomer Brisker over 6 years ago

  • Category changed from 19 to API
Actions
Copy link
 #10

Updated by Tomer Brisker about 6 years ago

  • Related to Bug #25755: log when unpermitted params are passed in all environments added
Actions
Copy link
 #11

Updated by The Foreman Bot about 6 years ago

  • Status changed from Ready For Testing to New
  • Pull request deleted (https://github.com/theforeman/foreman/pull/5183)
Actions
Copy link
 #12

Updated by Ian Ballou over 5 years ago

  • Has duplicate Bug #27542: /katello/api/srpms does not gives error on undefined parameter added
Actions
Copy link

Also available in: Atom PDF