Merge pull request #8763 from DavidKang/fix-8756-exluded-requests-und…

…efined Add validation for xml on exclude requests
openSUSE · Nov 22, 2019 · dfe65b9 · dfe65b9
2 parents 9099b84 + 0276e5b
commit dfe65b9
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 23 deletions.
diff --git a/src/api/app/controllers/staging/excluded_requests_controller.rb b/src/api/app/controllers/staging/excluded_requests_controller.rb
@@ -1,7 +1,8 @@
 class Staging::ExcludedRequestsController < Staging::StagingController
-  before_action :require_login, except: [:index]
+  before_action :require_login, except: :index
   before_action :set_project
-  before_action :set_staging_workflow, :set_requests_xml_hash
+  before_action :set_staging_workflow
+  before_action :set_xml_hash, except: :index
 
   def index
     @request_exclusions = @staging_workflow.request_exclusions
@@ -10,7 +11,7 @@ def index
   def create
     authorize @staging_workflow, policy_class: Staging::RequestExclusionPolicy
 
-    result = ::Staging::RequestExcluder.new(requests_xml_hash: @requests_xml_hash, staging_workflow: @staging_workflow).create
+    result = ::Staging::RequestExcluder.new(requests_xml_hash: @parsed_xml, staging_workflow: @staging_workflow).create
 
     if result.valid?
       render_ok
@@ -26,7 +27,7 @@ def create
   def destroy
     authorize @staging_workflow, policy_class: Staging::RequestExclusionPolicy
 
-    result = ::Staging::RequestExcluder.new(requests_xml_hash: @requests_xml_hash, staging_workflow: @staging_workflow).destroy
+    result = ::Staging::RequestExcluder.new(requests_xml_hash: @parsed_xml, staging_workflow: @staging_workflow).destroy
 
     if result.valid?
       render_ok
@@ -38,10 +39,4 @@ def destroy
       )
     end
   end
-
-  private
-
-  def set_requests_xml_hash
-    @requests_xml_hash = (Xmlhash.parse(request.body.read) || {}).with_indifferent_access
-  end
 end
diff --git a/src/api/app/controllers/staging/staged_requests_controller.rb b/src/api/app/controllers/staging/staged_requests_controller.rb
@@ -65,19 +65,6 @@ def set_request_numbers
     )
   end
 
-  def set_xml_hash
-    request_body = request.body.read
-    @parsed_xml = Xmlhash.parse(request_body).with_indifferent_access if request_body.present?
-    return if @parsed_xml
-
-    error_options = if request_body.present?
-                      { status: 400, errorcode: 'invalid_xml_format', message: 'XML format is not valid' }
-                    else
-                      { status: 400, errorcode: 'invalid_request', message: 'Empty body' }
-                    end
-    render_error(error_options)
-  end
-
   def set_staging_project
     @staging_project = @staging_workflow.staging_projects.find_by(name: params[:staging_project_name])
     return if @staging_project

diff --git a/src/api/app/controllers/staging/staging_controller.rb b/src/api/app/controllers/staging/staging_controller.rb
@@ -22,5 +22,18 @@ def set_staging_workflow
         message: "Project #{@project} doesn't have an asociated Staging Workflow"
       )
     end
+
+    def set_xml_hash
+      request_body = request.body.read
+      @parsed_xml = (Xmlhash.parse(request_body) || {}).with_indifferent_access if request_body.present?
+      return if @parsed_xml.present?
+
+      error_options = if request_body.present?
+                        { status: 400, errorcode: 'invalid_xml_format', message: 'XML format is not valid' }
+                      else
+                        { status: 400, errorcode: 'invalid_request', message: 'Empty body' }
+                      end
+      render_error(error_options)
+    end
   end
 end