166535884(bug)-Catches blank requests sent to nutrition app

- Uses serializers to validate request data in meal endpoint - Validates request data in mealitem endpoint [Fixes #166535884]
andela · Jun 7, 2019 · decf31d · decf31d
1 parent faa7f55
commit decf31d
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 34 deletions.
diff --git a/wger/nutrition/api/views.py b/wger/nutrition/api/views.py
@@ -217,23 +217,11 @@ def get_queryset(self):
         '''
         return Meal.objects.filter(plan__user=self.request.user)
 
-    def perform_create(self, serializer):
-        '''
-        Set the order
-        '''
-        serializer.save(order=1)
-
     def create(self, request):
-        plan_id = request.data.get('plan', '')
-        try:
-            NutritionPlan.objects.get(id=plan_id)
-            serializer = self.serializer_class(
-                data=request.data, context={'request': request}
-            )
-            serializer.is_valid(raise_exception=True)
-        except NutritionPlan.DoesNotExist:
-            return Response({"error": "NutritionPlan with provided id not found"},
-                            status=status.HTTP_404_NOT_FOUND)
+        serializer = self.serializer_class(
+            data=request.data, context={'request': request}
+        )
+        serializer.is_valid(raise_exception=True)
         serializer.save(order=1)
         return Response(serializer.data, status=status.HTTP_201_CREATED)
 
@@ -270,23 +258,11 @@ def get_queryset(self):
         '''
         return MealItem.objects.filter(meal__plan__user=self.request.user)
 
-    def perform_create(self, serializer, **kwargs):
-        '''
-        Set the order
-        '''
-        serializer.save(order=1)
-
     def create(self, request):
-        meal_id = request.data.get('meal', '')
-        try:
-            Meal.objects.get(id=meal_id)
-            serializer = self.serializer_class(
-                data=request.data, context={'request': request}
-            )
-            serializer.is_valid(raise_exception=True)
-        except Meal.DoesNotExist:
-            return Response({"error": "Meal with provided id not found"},
-                            status=status.HTTP_404_NOT_FOUND)
+        serializer = self.serializer_class(
+            data=request.data, context={'request': request}
+        )
+        serializer.is_valid(raise_exception=True)
         serializer.save(order=1)
         return Response(serializer.data, status=status.HTTP_201_CREATED)
 

diff --git a/wger/nutrition/tests/test_meal.py b/wger/nutrition/tests/test_meal.py
@@ -143,7 +143,7 @@ def test_create_meal_plan_does_not_exist(self):
         create_meal = self.client.post('/api/v2/meal/', {
             "plan": 800
         }, format='json')
-        self.assertEqual(create_meal.status_code, 404)
+        self.assertEqual(create_meal.status_code, 400)
 
     def test_create_meal_time_not_provided(self):
         self.user_login("test")

diff --git a/wger/nutrition/tests/test_meal_item.py b/wger/nutrition/tests/test_meal_item.py
@@ -99,7 +99,7 @@ def test_create_mealitem_meal_does_not_exist(self):
             "meal": 190,
             "time": "23:00:00"
         }, format='json')
-        self.assertEqual(create_mealitem.status_code, 404)
+        self.assertEqual(create_mealitem.status_code, 400)
 
     def test_create_mealitem_ingredient_not_provided(self):
         self.user_login("test")