prevent field lookups on Host.ansible_facts keys (it doesn't work)

under the hood, Host.ansible_facts is a postgres jsonb field which performs match operations using the JSON containment operator (@>) this operator _only_ works on exact matches on containment (i.e., "does the `ansible_distribution` jsonb value contain _this exact_ JSON structure"): SELECT ... FROM main_host WHERE ansible_facts @> '{"ansible_distribution": "centos"}' SELECT ... FROM main_host WHERE ansible_facts @> '{"packages": {"dnsmasq": [{"version": 2}]}}' postgres does _not_ expose any operator for fuzzy or lookup-based matches with this operator, so host filter values like these don't really make sense (postgres can't _filter_ in the way intended in these examples): ansible_distribution__startswith=\"Cent\" ansible_distribution__icontains=\"CentOS\" ansible_facts__packages__dnsmasq[]__version__startswith=\"2\"
2026-02-17 03:00:04 -03:30 · 2019-02-04 21:28:50 -05:00
parent cab6b8b333
commit bb5312f4fc
4 changed files with 62 additions and 2 deletions
--- a/awx/main/tests/functional/api/test_inventory.py
+++ b/awx/main/tests/functional/api/test_inventory.py
@@ -281,6 +281,36 @@ def test_host_filter_unicode(post, admin_user, organization):
    assert si.host_filter == u'ansible_facts__ansible_distribution=レッドハット'


+@pytest.mark.django_db
+@pytest.mark.parametrize("lookup", ['icontains', 'has_keys'])
+def test_host_filter_invalid_ansible_facts_lookup(post, admin_user, organization, lookup):
+    resp = post(
+        reverse('api:inventory_list'),
+        data={
+            'name': 'smart inventory', 'kind': 'smart',
+            'organization': organization.pk,
+            'host_filter': u'ansible_facts__ansible_distribution__{}=cent'.format(lookup)
+        },
+        user=admin_user,
+        expect=400
+    )
+    assert 'ansible_facts does not support searching with __{}'.format(lookup) in json.dumps(resp.data)
+
+
+@pytest.mark.django_db
+def test_host_filter_ansible_facts_exact(post, admin_user, organization):
+    post(
+        reverse('api:inventory_list'),
+        data={
+            'name': 'smart inventory', 'kind': 'smart',
+            'organization': organization.pk,
+            'host_filter': 'ansible_facts__ansible_distribution__exact="CentOS"'
+        },
+        user=admin_user,
+        expect=201
+    )
+
+
@pytest.mark.parametrize("role_field,expected_status_code", [
    (None, 403),
    ('admin_role', 201),