diff options
| author | Julien Danjou <julien@danjou.info> | 2013-10-09 17:07:40 +0200 |
|---|---|---|
| committer | Julien Danjou <julien@danjou.info> | 2013-10-09 17:14:02 +0200 |
| commit | b67405d486a0d09abde6423818734bbb5a978bc4 (patch) | |
| tree | c5f40f7e39e6f460595f191e19cfc94130ff8461 | |
| parent | e3b324e1e45f363d4702d414c04adf7b4f3ed3a9 (diff) | |
| download | wsme-b67405d486a0d09abde6423818734bbb5a978bc4.tar.gz | |
Validate body when using Pecan
This makes sure that when the body is decoded we run the validation
process on it.
Fixes-Bug: #1220678
Change-Id: I765a6ce8c8097ef0e0a734804242e9fcee4ffbcf
| -rw-r--r-- | tests/pecantest/test/controllers/ws.py | 6 | ||||
| -rw-r--r-- | tests/pecantest/test/tests/test_ws.py | 11 | ||||
| -rw-r--r-- | wsme/rest/json.py | 2 | ||||
| -rw-r--r-- | wsme/rest/xml.py | 2 |
4 files changed, 19 insertions, 2 deletions
diff --git a/tests/pecantest/test/controllers/ws.py b/tests/pecantest/test/controllers/ws.py index 1dcb0cb..f2c0d96 100644 --- a/tests/pecantest/test/controllers/ws.py +++ b/tests/pecantest/test/controllers/ws.py @@ -14,6 +14,12 @@ class Author(Base): firstname = text books = wsattr(['Book']) + @staticmethod + def validate(author): + if author.firstname == 'Robert': + raise wsme.exc.ClientSideError("I don't like this author!") + return author + class Book(Base): id = int diff --git a/tests/pecantest/test/tests/test_ws.py b/tests/pecantest/test/tests/test_ws.py index 4eb9607..3b21494 100644 --- a/tests/pecantest/test/tests/test_ws.py +++ b/tests/pecantest/test/tests/test_ws.py @@ -59,6 +59,17 @@ class TestWS(FunctionalTest): assert '<id>1</id>' in body assert '<firstname>aname</firstname>' in body + def test_post_body_parameter_validation(self): + res = self.app.post( + '/authors', '{"firstname": "Robert"}', + headers={"Content-Type": "application/json"}, + expect_errors=True + ) + self.assertEqual(res.status_int, 400) + a = json.loads(res.body.decode('utf-8')) + self.assertEqual(a['faultcode'], 'Client') + self.assertEqual(a['faultstring'], "I don't like this author!") + def test_post_body_parameter(self): res = self.app.post( '/authors', '{"firstname": "test"}', diff --git a/wsme/rest/json.py b/wsme/rest/json.py index 180ee2c..77277ce 100644 --- a/wsme/rest/json.py +++ b/wsme/rest/json.py @@ -140,7 +140,7 @@ def fromjson(datatype, value): elif attrdef.mandatory: raise InvalidInput(attrdef.name, None, "Mandatory field missing.") - return obj + return wsme.types.validate_value(datatype, obj) elif wsme.types.isusertype(datatype): value = datatype.frombasetype( fromjson(datatype.basetype, value)) diff --git a/wsme/rest/xml.py b/wsme/rest/xml.py index 1ebc3d5..9a836c3 100644 --- a/wsme/rest/xml.py +++ b/wsme/rest/xml.py @@ -105,7 +105,7 @@ def fromxml(datatype, element): elif attrdef.mandatory: raise InvalidInput(attrdef.name, None, "Mandatory field missing.") - return obj + return wsme.types.validate_value(datatype, obj) if datatype is wsme.types.bytes: return element.text.encode('ascii') return datatype(element.text) |