Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validation Missing from API Endpoints #1123

Open
martinpeck opened this issue Jan 13, 2022 · 0 comments · May be fixed by #4344
Open

Validation Missing from API Endpoints #1123

martinpeck opened this issue Jan 13, 2022 · 0 comments · May be fixed by #4344
Labels
bug Something isn't working good first issue Good for newcomers

Comments

@martinpeck
Copy link
Member

martinpeck commented Jan 13, 2022
edited by marrobi
Loading

When calling the various POST endpoints it's possible to post a workspace service template payload to the register workspace template api, and vice versa. Neither call will return an error. Both will register a template that's not useful.

In both cases, the payload sent to these APIs has a resourceType property that could have been used to validate the payload.

Validation could be added, and an error could be returned when inappropriate payloads are posted to these APIs.
@martinpeck martinpeck added the bug Something isn't working label Jan 13, 2022
@marrobi marrobi added this to the Release 0.3 milestone Jan 13, 2022
@marrobi marrobi added the good first issue Good for newcomers label Jan 21, 2022
@joalmeid joalmeid modified the milestones: Release 0.3, Release 0.4 Apr 11, 2022
@marrobi marrobi removed this from the Release 0.5 milestone Jun 27, 2023
marrobi added a commit that referenced this issue Feb 7, 2025
@marrobi
Add validation to Template API endpoints
edadb75 
Fixes #1123

Add validation to API endpoints to ensure correct resourceType in template registration payloads.

* **Workspace Service Templates**: Add validation in `api_app/api/routes/workspace_service_templates.py` to check if `resourceType` is `WorkspaceService` before registering the template. Return a 422 Unprocessable Entity error if the `resourceType` does not match.
* **Workspace Templates**: Add validation in `api_app/api/routes/workspace_templates.py` to check if `resourceType` is `Workspace` before registering the template. Return a 422 Unprocessable Entity error if the `resourceType` does not match.
* **User Resource Templates**: Add validation in `api_app/api/routes/user_resource_templates.py` to check if `resourceType` is `UserResource` before registering the template. Return a 422 Unprocessable Entity error if the `resourceType` does not match.
* **Shared Service Templates**: Add validation in `api_app/api/routes/shared_service_templates.py` to check if `resourceType` is `SharedService` before registering the template. Return a 422 Unprocessable Entity error if the `resourceType` does not match.
* **Common Error Message**: Add a common error message string `INVALID_RESOURCE_TYPE` in `api_app/resources/strings.py` for validation errors, including the expected and received resourceType.
* **Tests**: Add tests in `api_app/tests_ma/test_api/test_routes/test_workspace_service_templates.py`, `api_app/tests_ma/test_api/test_routes/test_workspace_templates.py`, `api_app/tests_ma/test_api/test_routes/test_user_resource_templates.py`, and `api_app/tests_ma/test_api/test_routes/test_shared_service_templates.py` to cover validation for each template registration

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/microsoft/AzureTRE/issues/1123?shareId=XXXX-XXXX-XXXX-XXXX).
@marrobi marrobi linked a pull request Feb 7, 2025 that will close this issue
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add validation to Template API endpoints microsoft/AzureTRE
3 participants
@martinpeck @joalmeid @marrobi