Merge pull request #173 from jntullo/bug/fix_coerced_zero

Fix coercing of string to 0 in parse_id (cherry picked from commit 42813a2)
ManageIQ · Nov 6, 2017 · fbe9f21 · fbe9f21
1 parent a132cb4
commit fbe9f21
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 1 deletion.
diff --git a/app/controllers/api/base_controller/parser.rb b/app/controllers/api/base_controller/parser.rb
@@ -39,7 +39,7 @@ def validate_api_action
       end
 
       def parse_id(resource, collection)
-        return nil if resource.blank?
+        return nil if !resource.kind_of?(Hash) || resource.blank?
 
         href_id = href_id(resource["href"], collection)
         case

diff --git a/spec/requests/services_spec.rb b/spec/requests/services_spec.rb
@@ -1079,6 +1079,21 @@ def expect_svc_with_vms
       expect(response.parsed_body).to include(expected)
     end
 
+    it 'requires provider hash to be passed with id or href' do
+      api_basic_authorize action_identifier(:services, :add_provider_vms)
+
+      post(api_service_url(nil, svc), :params => { :action  => 'add_provider_vms',
+                                                   :uid_ems => ['uids'] ,
+                                                   :provider => 'api/providers/:id'})
+
+      expected = {
+        'success' => false,
+        'message' => a_string_including('Must specify a valid provider href or id')
+      }
+      expect(response).to have_http_status(:ok)
+      expect(response.parsed_body).to include(expected)
+    end
+
     it 'can bulk add_provider_vms' do
       api_basic_authorize action_identifier(:services, :add_provider_vms)
       svc.update_attributes!(:evm_owner => @user)