From b45d1f16f179f9448ebb0c8dc4d5daba47d226e5 Mon Sep 17 00:00:00 2001 From: Julien Danjou Date: Wed, 18 Sep 2013 16:37:31 +0200 Subject: [PATCH] json: convert value to string before encoding If the JSON sent is not really a string, it's safer to try to convert it to a string before calling the encode method. This way we can accept integer as potentially valid strings. Change-Id: Iad0b48f597a8c062cdb05c9bbb5342df15583edf --- wsme/rest/json.py | 7 ++++--- wsme/tests/test_api.py | 24 ++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 3 deletions(-) diff --git a/wsme/rest/json.py b/wsme/rest/json.py index 77277ce..42a9559 100644 --- a/wsme/rest/json.py +++ b/wsme/rest/json.py @@ -166,9 +166,10 @@ def dict_fromjson(datatype, value): @fromjson.when_object(six.binary_type) def str_fromjson(datatype, value): - if value is None: - return None - return value.encode('utf8') + if (isinstance(value, six.string_types) + or isinstance(value, six.integer_types) + or isinstance(value, float)): + return six.text_type(value).encode('utf8') @fromjson.when_object(wsme.types.text) diff --git a/wsme/tests/test_api.py b/wsme/tests/test_api.py index f08b74b..008a928 100644 --- a/wsme/tests/test_api.py +++ b/wsme/tests/test_api.py @@ -86,6 +86,30 @@ Invalid value (should be one of:")) self.assertIn('None', res.json_body['faultstring']) self.assertEqual(res.status_int, 400) + def test_validate_enum_with_wrong_type(self): + class Version(object): + number = types.Enum(str, 'v1', 'v2', None) + + class MyWS(WSRoot): + @expose(str) + @validate(Version) + def setcplx(self, version): + pass + + r = MyWS(['restjson']) + app = webtest.TestApp(r.wsgiapp()) + res = app.post_json('/setcplx', params={'version': {'number': 1}}, + expect_errors=True, + headers={'Accept': 'application/json'}) + self.assertTrue( + res.json_body['faultstring'].startswith( + "Invalid input for field/attribute number. Value: '1'. \ +Invalid value (should be one of:")) + self.assertIn('v1', res.json_body['faultstring']) + self.assertIn('v2', res.json_body['faultstring']) + self.assertIn('None', res.json_body['faultstring']) + self.assertEqual(res.status_int, 400) + def test_scan_api(self): class NS(object): @expose(int)