fixes #3693 - API v2 - accept GET json format of object in PUT/POST requests to add/remove has_many associations

[isratrade]

Currently we have to use _ids= methods to add/remove relationships.

{
  "id": 42,
  "name": "CentOS",
  "architecture_ids": [1,2]
}

This is what we want

{
  "id": 42,
  "name": "CentOS",
  "architectures": [ 
        {
        "id": 1,
        "name": "i386" 
         }, 
        {
         "id": 2,
         "name": "x86_64" 
         }
     ]
}

This DOES NOT update the associated objects (architectures). It's only for adding/removing relationships

If "id" is NOT present and "name" is, then it can add/remove relationships by name

{
  "id": 42,
  "name": "CentOS",
  "architectures": [ 
        {
        "name": "i386" 
         }, 
        {
         "name": "x86_64" 
         }
     ]
}

[komidore64]

looks good

[domcleal]

controller_name.classify.constantize can be replaced with resource_class

[domcleal]

👍 when tests pass :)

[domcleal]

It still looks to me like it should use resource_class and then the smart* controllers (or the shared lookup keys concern) should override it to return LookupKey/Value etc.

[domcleal]

ping?

[isratrade]

new commit to squash that uses 'resource_class'
test for os passes, but new test for puppetclass does not (and not committed). However, it's not due to the api/v2/base_controller code. I opened http://projects.theforeman.org/issues/3786
I think this can be merged as it works if the associations _ids= work.

[isratrade]

@domcleal, ping. Tests passed!

[domcleal]

This is going to be a security issue, we can't convert arbitrary inputs (parameter names on the request) to symbols as it can cause memory exhaustion.

Can we keep these entirely as strings?

[isratrade]

@domcleal, re-committed and changed to_sym to to_s. resource_class.instance_methods returns symbols in Ruby 1.9.3 and strings in 1.8.7 so the array is explicated converted to strings .

[domcleal]

Great, thanks @isratrade, merged as bbf64d9 for Foreman 1.4.0.