New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fixes #3693 - API v2 - accept GET json format of object in PUT/POST requests to add/remove has_many associations #1040
Conversation
looks good |
params.each do |k,v| | ||
magic_method_ids = "#{k.singularize}_ids".to_sym | ||
magic_method_names = "#{k.singularize}_names".to_sym | ||
if controller_name.classify.constantize.instance_methods.include?(magic_method_ids) && v.any? && v.all? { |a| a.keys.include?("id") } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
controller_name.classify.constantize
can be replaced with resource_class
👍 when tests pass :) |
klass_name = controller_name.classify | ||
klass = LookupKey if ['SmartVariable', 'SmartClassParameter'].include?(klass_name) | ||
klass ||= LookupValue if klass_name == 'OverrideValue' | ||
klass ||= klass_name.constantize if Object.const_defined?(klass_name) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It still looks to me like it should use resource_class
and then the smart* controllers (or the shared lookup keys concern) should override it to return LookupKey/Value etc.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ping?
new commit to squash that uses 'resource_class' |
@domcleal, ping. Tests passed! |
def setup_has_many_params | ||
params.each do |k,v| | ||
if v.kind_of?(Array) | ||
magic_method_ids = "#{k.singularize}_ids".to_sym |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is going to be a security issue, we can't convert arbitrary inputs (parameter names on the request) to symbols as it can cause memory exhaustion.
Can we keep these entirely as strings?
…PUT/POST requests to add/remove has_many associations
@domcleal, re-committed and changed |
Great, thanks @isratrade, merged as bbf64d9 for Foreman 1.4.0. |
Currently we have to use _ids= methods to add/remove relationships.
This is what we want
This DOES NOT update the associated objects (architectures). It's only for adding/removing relationships
If "id" is NOT present and "name" is, then it can add/remove relationships by name