Merge pull request #1801 from AlanCoding/1773_cred_detail_serializer

Purge credential detail view of special fields
2026-01-16 04:10:44 -03:30 · 2016-05-18 09:54:43 -04:00 · 2016-05-18 09:54:43 -04:00 · 5fc5f1858a
commit 5fc5f1858a
parent 9ba98d9cac f9c177edd5
3 changed files with 46 additions and 21 deletions
--- a/awx/api/serializers.py
+++ b/awx/api/serializers.py
@ -1588,18 +1588,6 @@ class ResourceAccessListElementSerializer(UserSerializer):
 class CredentialSerializer(BaseSerializer):

    # FIXME: may want to make some fields filtered based on user accessing
-    user = serializers.PrimaryKeyRelatedField(
-        queryset=User.objects.all(), required=False, default=None, write_only=True,
-        help_text='Write-only field used to add user to owner role. If provided, '
-                  'do not give either team or organization. Only valid for creation.')
-    team = serializers.PrimaryKeyRelatedField(
-        queryset=Team.objects.all(), required=False, default=None, write_only=True,
-        help_text='Write-only field used to add team to owner role. If provided, '
-                  'do not give either user or organization. Only valid for creation.')
-    organization = serializers.PrimaryKeyRelatedField(
-        queryset=Organization.objects.all(), required=False, default=None, write_only=True,
-        help_text='Write-only field used to add organization to owner role. If provided, '
-                  'do not give either team or team. Only valid for creation.')

    class Meta:
        model = Credential
@ -1608,14 +1596,7 @@ class CredentialSerializer(BaseSerializer):
                  'ssh_key_data', 'ssh_key_unlock',
                  'become_method', 'become_username', 'become_password',
                  'vault_password', 'subscription', 'tenant', 'secret', 'client',
-                  'authorize', 'authorize_password',
-                  'user', 'team', 'organization')
-
-    def create(self, validated_data):
-        # Remove the user, team, and organization processed in view
-        for field in ['user', 'team', 'organization']:
-            validated_data.pop(field, None)
-        return super(CredentialSerializer, self).create(validated_data)
+                  'authorize', 'authorize_password')

    def build_standard_field(self, field_name, model_field):
        field_class, field_kwargs = super(CredentialSerializer, self).build_standard_field(field_name, model_field)
@ -1665,6 +1646,35 @@ class CredentialSerializer(BaseSerializer):
        return summary_dict


+class CredentialSerializerCreate(CredentialSerializer):
+
+    user = serializers.PrimaryKeyRelatedField(
+        queryset=User.objects.all(),
+        required=False, default=None, write_only=True, allow_null=True,
+        help_text='Write-only field used to add user to owner role. If provided, '
+                  'do not give either team or organization. Only valid for creation.')
+    team = serializers.PrimaryKeyRelatedField(
+        queryset=Team.objects.all(),
+        required=False, default=None, write_only=True, allow_null=True,
+        help_text='Write-only field used to add team to owner role. If provided, '
+                  'do not give either user or organization. Only valid for creation.')
+    organization = serializers.PrimaryKeyRelatedField(
+        queryset=Organization.objects.all(),
+        required=False, default=None, write_only=True, allow_null=True,
+        help_text='Write-only field used to add organization to owner role. If provided, '
+                  'do not give either team or team. Only valid for creation.')
+
+    class Meta:
+        model = Credential
+        fields = ('*', 'user', 'team', 'organization')
+
+    def create(self, validated_data):
+        # Remove the user, team, and organization processed in view
+        for field in ['user', 'team', 'organization']:
+            validated_data.pop(field, None)
+        return super(CredentialSerializer, self).create(validated_data)
+
+
 class JobOptionsSerializer(BaseSerializer):

    class Meta:
--- a/awx/api/views.py
+++ b/awx/api/views.py
@ -1256,9 +1256,14 @@ class UserAccessList(ResourceAccessList):
 class CredentialList(ListCreateAPIView):

    model = Credential
-    serializer_class = CredentialSerializer
+    serializer_class = CredentialSerializerCreate

    def post(self, request, *args, **kwargs):
+
+        # Check the validity of POST data, including special fields
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+
        for field in [x for x in ['user', 'team', 'organization'] if x in request.data and request.data[x] in ('', None)]:
            request.data.pop(field)
            kwargs.pop(field, None)
--- a/awx/main/tests/functional/api/test_credential.py
+++ b/awx/main/tests/functional/api/test_credential.py
@ -21,6 +21,16 @@ def test_create_user_credential_via_credentials_list(post, get, alice):
    assert response.status_code == 200
    assert response.data['count'] == 1

+@pytest.mark.django_db
+def test_credential_validation_error_with_bad_user(post, admin):
+    response = post(reverse('api:credential_list'), {
+        'user': 'asdf',
+        'name': 'Some name',
+        'username': 'someusername'
+    }, admin)
+    assert response.status_code == 400
+    assert response.data['user'][0] == 'Incorrect type. Expected pk value, received unicode.'
+
@pytest.mark.django_db
 def test_create_user_credential_via_user_credentials_list(post, get, alice):
    response = post(reverse('api:user_credentials_list', args=(alice.pk,)), {