Project

General

Profile

Actions
Copy link

Feature #22285

open

Present error message when passing integer when array expected for API call

Added by Tomer Brisker about 7 years ago. Updated about 6 years ago.

Status:
New
Priority:
Normal
Assignee:
Tomer Brisker
Category:
API
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
1401090
Pull request:
https://github.com/theforeman/foreman/pull/5330
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Summary from BZ: when passing an integer for a parameter expecting an array (e.g. organization_ids), strong params filters out the value and continues silently instead of failing the request.

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1401090

Description of problem:
A typo in API call generates a backtrace errors instead of simple error message with proper syntax suggestion

Steps to Reproduce:
1. Execute API call with a typo

NOK (fails)
  1. curl -H "Accept:application/json,version=2" -H "Content-Type:application/json" -X PUT -u username:password -k -d "{\"user\":{\"location_ids\":[3], \"organization_ids\":1}}" https://sat6.example.com/api/users/12
OK (works)
  1. curl -H "Accept:application/json,version=2" -H "Content-Type:application/json" -X PUT -u username:password -k -d "{\"user\":{\"location_ids\":[3], \"organization_ids\":[1]}}" https://sat6.example.com/api/users/12

Actual results:

  1. curl -H "Accept:application/json,version=2" -H "Content-Type:application/json" -X PUT -u username:password -k -d "{\"user\":{\"location_ids\":[3], \"organization_ids\":1}}" https://sat6.example.com/api/users/12

2016-12-01 17:13:33 [app] [I] Started PUT "/api/users/12" for <IP> at 2016-12-01 17:13:33 -0500
2016-12-01 17:13:33 [app] [I] Processing by Api::V2::UsersController#update as JSON
2016-12-01 17:13:33 [app] [I] Parameters: {"user"=>{"location_ids"=>[3], "organization_ids"=>1}, "apiv"=>"v2", "id"=>"12"}
2016-12-01 17:13:33 [app] [I] Authorized user admin(Admin User)
2016-12-01 17:13:33 [app] [W] Action failed | NoMethodError: undefined method `uniq' for 1:Fixnum | /usr/share/foreman/app/models/concerns/dirty_associations.rb:34:in `block (2 levels) in dirty_has_many_associations' | /opt/rh/rh-ror41/root/usr/share/gems/gems/activerecord-4.1.5/lib/active_record/attribute_assignment.rb:45:in `public_send'
<-- snip --> | /opt/theforeman/tfm/root/usr/share/gems/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `block in create_with_logging_context'
2016-12-01 17:13:33 [app] [I] Rendered api/v2/errors/standard_error.json.rabl within api/v2/layouts/error_layout (1.2ms)
2016-12-01 17:13:33 [app] [I] Completed 500 Internal Server Error in 52ms (Views: 2.5ms | ActiveRecord: 7.6ms)

Expected results:

  1. curl -H "Accept:application/json,version=2" -H "Content-Type:application/json" -X PUT -u username:password -k -d "{\"user\":{\"location_ids\":[3], \"organization_ids\":1}}" https://usl10149341.am.hedani.net/api/users/12

[E] 'organization_ids must be array' or something similar with proper syntax suggestion

Additional info:

None

Related issues 7 (2 open5 closed)

Related to Discovery - Refactor #22325: Fix tests after strong params set to raiseClosedLukas Zapletal01/19/2018Actions
Related to Foreman - Feature #3917: Add strong_parameters to foremanClosedDominic Cleal12/19/2013Actions
Related to foreman-tasks - Refactor #22438: Remove KeepParamsClosedTomer Brisker01/28/2018Actions
Related to Foreman - Feature #3026: Enable apipie API parameter validationNew09/04/2013Actions
Related to Foreman - Bug #25755: log when unpermitted params are passed in all environmentsClosedTomer BriskerActions
Has duplicate Katello - Bug #27542: /katello/api/srpms does not gives error on undefined parameterDuplicateIan BallouActions
Blocked by Foreman Remote Execution - Bug #22531: Correctly handle strong paramsAssignedTomer Brisker02/07/2018Actions
Actions
Copy link

Also available in: Atom PDF