From decf31d9148a42adb8c23119771fdc4b72ffbc8b Mon Sep 17 00:00:00 2001 From: Antony Muriithi Date: Fri, 7 Jun 2019 09:54:42 +0300 Subject: [PATCH] 166535884(bug)-Catches blank requests sent to nutrition app - Uses serializers to validate request data in meal endpoint - Validates request data in mealitem endpoint [Fixes #166535884] --- wger/nutrition/api/views.py | 40 ++++++-------------------- wger/nutrition/tests/test_meal.py | 2 +- wger/nutrition/tests/test_meal_item.py | 2 +- 3 files changed, 10 insertions(+), 34 deletions(-) diff --git a/wger/nutrition/api/views.py b/wger/nutrition/api/views.py index 7234d205..2fa185e7 100644 --- a/wger/nutrition/api/views.py +++ b/wger/nutrition/api/views.py @@ -217,23 +217,11 @@ def get_queryset(self): ''' return Meal.objects.filter(plan__user=self.request.user) - def perform_create(self, serializer): - ''' - Set the order - ''' - serializer.save(order=1) - def create(self, request): - plan_id = request.data.get('plan', '') - try: - NutritionPlan.objects.get(id=plan_id) - serializer = self.serializer_class( - data=request.data, context={'request': request} - ) - serializer.is_valid(raise_exception=True) - except NutritionPlan.DoesNotExist: - return Response({"error": "NutritionPlan with provided id not found"}, - status=status.HTTP_404_NOT_FOUND) + serializer = self.serializer_class( + data=request.data, context={'request': request} + ) + serializer.is_valid(raise_exception=True) serializer.save(order=1) return Response(serializer.data, status=status.HTTP_201_CREATED) @@ -270,23 +258,11 @@ def get_queryset(self): ''' return MealItem.objects.filter(meal__plan__user=self.request.user) - def perform_create(self, serializer, **kwargs): - ''' - Set the order - ''' - serializer.save(order=1) - def create(self, request): - meal_id = request.data.get('meal', '') - try: - Meal.objects.get(id=meal_id) - serializer = self.serializer_class( - data=request.data, context={'request': request} - ) - serializer.is_valid(raise_exception=True) - except Meal.DoesNotExist: - return Response({"error": "Meal with provided id not found"}, - status=status.HTTP_404_NOT_FOUND) + serializer = self.serializer_class( + data=request.data, context={'request': request} + ) + serializer.is_valid(raise_exception=True) serializer.save(order=1) return Response(serializer.data, status=status.HTTP_201_CREATED) diff --git a/wger/nutrition/tests/test_meal.py b/wger/nutrition/tests/test_meal.py index 87b06af9..938bdc03 100644 --- a/wger/nutrition/tests/test_meal.py +++ b/wger/nutrition/tests/test_meal.py @@ -143,7 +143,7 @@ def test_create_meal_plan_does_not_exist(self): create_meal = self.client.post('/api/v2/meal/', { "plan": 800 }, format='json') - self.assertEqual(create_meal.status_code, 404) + self.assertEqual(create_meal.status_code, 400) def test_create_meal_time_not_provided(self): self.user_login("test") diff --git a/wger/nutrition/tests/test_meal_item.py b/wger/nutrition/tests/test_meal_item.py index dda132f9..9c01b033 100644 --- a/wger/nutrition/tests/test_meal_item.py +++ b/wger/nutrition/tests/test_meal_item.py @@ -99,7 +99,7 @@ def test_create_mealitem_meal_does_not_exist(self): "meal": 190, "time": "23:00:00" }, format='json') - self.assertEqual(create_mealitem.status_code, 404) + self.assertEqual(create_mealitem.status_code, 400) def test_create_mealitem_ingredient_not_provided(self): self.user_login("test")