Check action validity on submit before returning

If an action becomes invalid after during submit, currently a user will get an OK response and an email stating the completion of the action. Now returns 400 in this case and does not send the email. Change-Id: I4b998742cd2dfbafd40ff277a68ce9aca45b7872
2017-06-08 16:11:07 +12:00 · 2017-06-08 16:11:07 +12:00 · bd226c46d8
commit bd226c46d8
parent 09ce93f5b7
2 changed files with 46 additions and 0 deletions
--- a/adjutant/api/v1/tests/test_api_taskview.py
+++ b/adjutant/api/v1/tests/test_api_taskview.py
@ -284,6 +284,44 @@ class TaskViewTests(AdjutantAPITestCase):
        response = self.client.post(url, data, format='json')
        self.assertEqual(response.status_code, status.HTTP_200_OK)

+    def test_new_project_invalid_on_submit(self):
+        """
+        Ensures that when a project becomes invalid at the submit stage
+        that the a 400 is recieved and no final emails are sent.
+        """
+
+        setup_temp_cache({}, {})
+
+        url = "/v1/actions/CreateProject"
+        data = {'project_name': "test_project", 'email': "test@example.com"}
+        response = self.client.post(url, data, format='json')
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+        headers = {
+            'project_name': "test_project",
+            'project_id': "test_project_id",
+            'roles': "admin,_member_",
+            'username': "test@example.com",
+            'user_id': "test_user_id",
+            'authenticated': True
+        }
+        new_task = Task.objects.all()[0]
+        url = "/v1/tasks/" + new_task.uuid
+        response = self.client.post(url, {'approved': True}, format='json',
+                                    headers=headers)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(
+            response.data,
+            {'notes': ['created token']}
+        )
+        tests.temp_cache['projects'] = {}
+
+        new_token = Token.objects.all()[0]
+        url = "/v1/tokens/" + new_token.token
+        data = {'password': 'testpassword'}
+        response = self.client.post(url, data, format='json')
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+
    def test_new_project_existing(self):
        """
        Test to ensure validation marks actions as invalid
--- a/adjutant/api/v1/views.py
+++ b/adjutant/api/v1/views.py
@ -751,9 +751,14 @@ class TokenDetail(APIViewWithLogger):
        if errors:
            return Response({"errors": errors}, status=400)

+        valid = True
        for action in actions:
            try:
                action.submit(data)
+
+                if not action.valid:
+                    valid = False
+
            except Exception as e:
                notes = {
                    'errors':
@ -781,6 +786,9 @@ class TokenDetail(APIViewWithLogger):
        token.task.save()
        token.delete()

+        if not valid:
+            return Response({"errors": ["Actions invalid"]}, status=400)
+
        # Sending confirmation email:
        class_conf = settings.TASK_SETTINGS.get(
            token.task.task_type, settings.DEFAULT_TASK_SETTINGS)