Merge pull request #156 from chrismeyersfsu/fix-relaunch

Prevent relaunching job with deleted credential

awx/api/serializers.py

@@ -1503,16 +1503,40 @@ class JobCancelSerializer(JobSerializer):
 
 
 class JobRelaunchSerializer(JobSerializer):
+    passwords_needed_to_start = serializers.SerializerMethodField('get_passwords_needed_to_start')
 
     class Meta:
-        fields = ()
+        fields = ('passwords_needed_to_start',)
 
     def to_native(self, obj):
-        if obj:
+        res = super(JobRelaunchSerializer, self).to_native(obj)
-            return dict([(p, u'') for p in obj.passwords_needed_to_start])
+        view = self.context.get('view', None)
-        else:
+        if hasattr(view, '_raw_data_form_marker'):
-            return {}
+            password_keys = dict([(p, u'') for p in self.get_passwords_needed_to_start(obj)])
+            res.update(password_keys)
+        return res
 
+    def get_passwords_needed_to_start(self, obj):
+        if obj:
+            return obj.passwords_needed_to_start
+        return ''
+
+    def validate_passwords_needed_to_start(self, attrs, source):
+        obj = self.context.get('obj')
+        data = self.context.get('data')
+
+        # Check for passwords needed 
+        needed = self.get_passwords_needed_to_start(obj)
+        provided = dict([(field, data.get(field, '')) for field in needed])
+        if not all(provided.values()):
+            raise serializers.ValidationError(needed)
+        return attrs
+
+    def validate(self, attrs):
+        obj = self.context.get('obj')
+        if not obj.credential or obj.credential.active is False:
+            raise serializers.ValidationError(dict(credential=["Credential not found or deleted."]))
+        return attrs
 
 class AdHocCommandSerializer(UnifiedJobSerializer):
 

awx/api/views.py

@@ -1833,7 +1833,7 @@ class JobCancel(RetrieveAPIView):
         else:
             return self.http_method_not_allowed(request, *args, **kwargs)
 
-class JobRelaunch(GenericAPIView):
+class JobRelaunch(RetrieveAPIView, GenericAPIView):
 
     model = Job
     serializer_class = JobRelaunchSerializer
@@ -1844,23 +1844,16 @@ class JobRelaunch(GenericAPIView):
     def dispatch(self, *args, **kwargs):
         return super(JobRelaunch, self).dispatch(*args, **kwargs)
 
-    def get(self, request, *args, **kwargs):
-        obj = self.get_object()
-        data = {}
-        data['passwords_needed_to_start'] = obj.passwords_needed_to_start
-        return Response(data)
-
     def post(self, request, *args, **kwargs):
         obj = self.get_object()
         if not request.user.can_access(self.model, 'start', obj):
             raise PermissionDenied()
 
-        # Check for passwords needed before copying job.
+        # Note: is_valid() may modify request.DATA
-        needed = obj.passwords_needed_to_start
+        # It will remove any key/value pair who's key is not in the 'passwords_needed_to_start' list
-        provided = dict([(field, request.DATA.get(field, '')) for field in needed])
+        serializer = self.serializer_class(data=request.DATA, context={'obj': obj, 'data': request.DATA})
-        if not all(provided.values()):
+        if not serializer.is_valid():
-            data = dict(passwords_needed_to_start=needed)
+            return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
-            return Response(data, status=status.HTTP_400_BAD_REQUEST)
 
         new_job = obj.copy()
         result = new_job.signal_start(**request.DATA)