Skip to content

Commit 696aa07

Browse files
Add backend validation check for discrete question bin limit
Enforce the 200-outcome limit server-side in QuestionWriteSerializer.validate() to prevent bypassing the frontend validation via direct API calls. Co-authored-by: Sylvain <SylvainChevalier@users.noreply.github.com>
1 parent 9f7e0ab commit 696aa07

File tree

1 file changed

+11
-0
lines changed

1 file changed

+11
-0
lines changed

questions/serializers/common.py

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -217,6 +217,17 @@ def validate(self, data: dict):
217217
errors.append("Range Max is required for continuous questions")
218218
if data.get("range_min") is None:
219219
errors.append("Range Min is required for continuous questions")
220+
if question_type == Question.QuestionType.DISCRETE:
221+
inbound_outcome_count = data.get("inbound_outcome_count")
222+
if (
223+
inbound_outcome_count is not None
224+
and inbound_outcome_count > DEFAULT_INBOUND_OUTCOME_COUNT
225+
):
226+
errors.append(
227+
f"Discrete questions cannot have more than "
228+
f"{DEFAULT_INBOUND_OUTCOME_COUNT} outcomes. "
229+
f"Consider using a continuous question type instead."
230+
)
220231

221232
if errors:
222233
raise serializers.ValidationError(errors)

0 commit comments

Comments
 (0)