-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix creating Credentials from API #29
Conversation
allowed_params = API_ATTRIBUTES.pluck(:id) | ||
unpermitted_params = params.keys - allowed_params | ||
allowed_params = API_ATTRIBUTES.pluck(:id) + ["type"] | ||
unpermitted_params = params.keys.map(&:to_s) - allowed_params |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The parameters were being passed down with symbol keys which caused all params to look unpermitted
@@ -62,8 +62,8 @@ class ManageIQ::Providers::Workflows::AutomationManager::Credential < ManageIQ:: | |||
}.freeze | |||
|
|||
def self.params_to_attributes(params) | |||
allowed_params = API_ATTRIBUTES.pluck(:id) | |||
unpermitted_params = params.keys - allowed_params | |||
allowed_params = API_ATTRIBUTES.pluck(:id) + ["type"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is also a "type" holding the class name
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should make sure that type is only the known types and not some random type. Not sure if that belongs here or elsewhere.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No problem validating this, but is that something we do elsewhere? I don't recall seeing that sort of check on other API payloads. We wouldn't be in this class if the type wasn't already a subclass of this one
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually no, there's no way we could get here if "type"
wasn't already a valid subclass of this one https://github.com/ManageIQ/manageiq-api/blob/master/lib/services/api/authentication_service.rb#L4-L6
Checked commit agrare@71ec2e0 with ruby 2.6.10, rubocop 1.28.2, haml-lint 0.35.0, and yamllint |
fixed by ManageIQ/manageiq#22570 |
No description provided.