From 3ba1ba1c9dcd4578f1d204e0c23c7e8a15cd6774 Mon Sep 17 00:00:00 2001
From: Bill Nottingham <notting@splat.cc>
Date: Fri, 20 Dec 2019 10:45:07 -0500
Subject: [PATCH] Fix survey validation to always retun an error code if
 erroring

---
 awx/api/views/__init__.py                     | 12 +++++-----
 .../tests/functional/api/test_survey_spec.py  | 24 +++++++++++++++++++
 2 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/awx/api/views/__init__.py b/awx/api/views/__init__.py
index 4ef4ecf2e2..e791173ceb 100644
--- a/awx/api/views/__init__.py
+++ b/awx/api/views/__init__.py
@@ -2549,7 +2549,7 @@ class JobTemplateSurveySpec(GenericAPIView):
                 if not isinstance(val, allow_types):
                     return Response(dict(error=_("'{field_name}' in survey question {idx} expected to be {type_label}.").format(
                         field_name=field_name, type_label=type_label, **context
-                    )))
+                    )), status=status.HTTP_400_BAD_REQUEST)
             if survey_item['variable'] in variable_set:
                 return Response(dict(error=_("'variable' '%(item)s' duplicated in survey question %(survey)s.") % {
                     'item': survey_item['variable'], 'survey': str(idx)}), status=status.HTTP_400_BAD_REQUEST)
@@ -2564,7 +2564,7 @@ class JobTemplateSurveySpec(GenericAPIView):
                     "'{survey_item[type]}' in survey question {idx} is not one of '{allowed_types}' allowed question types."
                 ).format(
                     allowed_types=', '.join(JobTemplateSurveySpec.ALLOWED_TYPES.keys()), **context
-                )))
+                )), status=status.HTTP_400_BAD_REQUEST)
             if 'default' in survey_item and survey_item['default'] != '':
                 if not isinstance(survey_item['default'], JobTemplateSurveySpec.ALLOWED_TYPES[qtype]):
                     type_label = 'string'
@@ -2582,7 +2582,7 @@ class JobTemplateSurveySpec(GenericAPIView):
                     if survey_item[key] is not None and (not isinstance(survey_item[key], int)):
                         return Response(dict(error=_(
                             "The {min_or_max} limit in survey question {idx} expected to be integer."
-                        ).format(min_or_max=key, **context)))
+                        ).format(min_or_max=key, **context)), status=status.HTTP_400_BAD_REQUEST)
             # if it's a multiselect or multiple choice, it must have coices listed
             # choices and defualts must come in as strings seperated by /n characters.
             if qtype == 'multiselect' or qtype == 'multiplechoice':
@@ -2592,7 +2592,7 @@ class JobTemplateSurveySpec(GenericAPIView):
                 else:
                     return Response(dict(error=_(
                         "Survey question {idx} of type {survey_item[type]} must specify choices.".format(**context)
-                    )))
+                    )), status=status.HTTP_400_BAD_REQUEST)
                 # If there is a default string split it out removing extra /n characters.
                 # Note: There can still be extra newline characters added in the API, these are sanitized out using .strip()
                 if 'default' in survey_item:
@@ -2606,11 +2606,11 @@ class JobTemplateSurveySpec(GenericAPIView):
                         if len(list_of_defaults) > 1:
                             return Response(dict(error=_(
                                 "Multiple Choice (Single Select) can only have one default value.".format(**context)
-                            )))
+                            )), status=status.HTTP_400_BAD_REQUEST)
                     if any(item not in survey_item['choices'] for item in list_of_defaults):
                         return Response(dict(error=_(
                             "Default choice must be answered from the choices listed.".format(**context)
-                        )))
+                        )), status=status.HTTP_400_BAD_REQUEST)
 
             # Process encryption substitution
             if ("default" in survey_item and isinstance(survey_item['default'], str) and
diff --git a/awx/main/tests/functional/api/test_survey_spec.py b/awx/main/tests/functional/api/test_survey_spec.py
index 7e82886857..0a5d009d25 100644
--- a/awx/main/tests/functional/api/test_survey_spec.py
+++ b/awx/main/tests/functional/api/test_survey_spec.py
@@ -219,6 +219,30 @@ def test_survey_spec_passwords_with_default_required(job_template_factory, post,
         assert launch_value not in json.loads(job.extra_vars).values()
 
 
+@pytest.mark.django_db
+def test_survey_spec_default_not_allowed(job_template, post, admin_user):
+    survey_input_data = {
+        'description': 'A survey',
+        'spec': [{
+            'question_name': 'You must choose wisely',
+            'variable': 'your_choice',
+            'default': 'blue',
+            'required': False,
+            'type': 'multiplechoice',
+            "choices": ["red", "green", "purple"]
+        }],
+        'name': 'my survey'
+    }
+    r = post(
+        url=reverse(
+            'api:job_template_survey_spec',
+            kwargs={'pk': job_template.id}
+        ),
+        data=survey_input_data, user=admin_user, expect=400
+    )
+    assert r.data['error'] == 'Default choice must be answered from the choices listed.'
+
+
 @pytest.mark.django_db
 @pytest.mark.parametrize('default, status', [
     ('SUPERSECRET', 200),