Home Explore Help
Sign In
LBP
/
netbox
mirror of https://github.com/netbox-community/netbox.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Fixes #14755: ValueError in web UI after REST API accepts invalid cus… (#14804)

* Fixes #14755: ValueError in web UI after REST API accepts invalid custom-field choice-set data

* PR Comments Addressed

* Set max_length=2 on extra_choices items; remove custom validation logic

* Move test for invalid choices to CustomFieldChoiceSetTest

* Omit unused imports

---------

Co-authored-by: julio.oliveira <julio.oliveira@alertmedia.com>
Co-authored-by: Jeremy Stretch <jstretch@netboxlabs.com>
Julio Oliveira at Encora 2 years ago
parent
a87d76ad17
commit
48168de4ff
2 changed files with 24 additions and 1 deletions
Split View Show Diff Stats
  1. 7 0
      netbox/extras/api/serializers.py
  2. 17 1
      netbox/extras/tests/test_api.py

+ 7 - 0
netbox/extras/api/serializers.py
View File 

@@ -3,6 +3,7 @@ from django.core.exceptions import ObjectDoesNotExist
 
 from drf_spectacular.types import OpenApiTypes
 
 from drf_spectacular.utils import extend_schema_field
 
 from rest_framework import serializers
 
+from rest_framework.fields import ListField
 
 
 from core.api.nested_serializers import NestedDataSourceSerializer, NestedDataFileSerializer, NestedJobSerializer
 
 from core.api.serializers import JobSerializer
 
@@ -175,6 +176,12 @@ class CustomFieldChoiceSetSerializer(ValidatedModelSerializer):
 
         choices=CustomFieldChoiceSetBaseChoices,
 
         required=False
 
     )
 
+    extra_choices = serializers.ListField(
 
+        child=serializers.ListField(
 
+            min_length=2,
 
+            max_length=2
 
+        )
 
+    )
 
 
     class Meta:
 
         model = CustomFieldChoiceSet

+ 17 - 1
netbox/extras/tests/test_api.py
View File 

@@ -14,7 +14,6 @@ from extras.reports import Report
 
 from extras.scripts import BooleanVar, IntegerVar, Script, StringVar
 
 from utilities.testing import APITestCase, APIViewTestCases
 
 
-
 
 User = get_user_model()
 
 
 
@@ -251,6 +250,23 @@ class CustomFieldChoiceSetTest(APIViewTestCases.APIViewTestCase):
 
         )
 
         CustomFieldChoiceSet.objects.bulk_create(choice_sets)
 
 
+    def test_invalid_choice_items(self):
 
+        """
 
+        Attempting to define each choice as a single-item list should return a 400 error.
 
+        """
 
+        self.add_permissions('extras.add_customfieldchoiceset')
 
+        data = {
 
+            "name": "test",
 
+            "extra_choices": [
 
+                ["choice1"],
 
+                ["choice2"],
 
+                ["choice3"],
 
+            ]
 
+        }
 
+
 
+        response = self.client.post(self._get_list_url(), data, format='json', **self.header)
 
+        self.assertEqual(response.status_code, 400)
 
+
 
 
 class CustomLinkTest(APIViewTestCases.APIViewTestCase):
 
     model = CustomLink