diff --git a/nailgun/api/handlers.py b/nailgun/api/handlers.py index 958cbc6a4..bbdf38e1b 100644 --- a/nailgun/api/handlers.py +++ b/nailgun/api/handlers.py @@ -125,6 +125,7 @@ class ClusterHandler(JSONHandler): # /additional validation needed? for key, value in data.iteritems(): if key == "nodes": + map(cluster.nodes.remove, cluster.nodes) nodes = web.ctx.orm.query(Node).filter( Node.id.in_(value) ) @@ -366,7 +367,9 @@ class RoleCollectionHandler(JSONHandler): def GET(self): web.header('Content-Type', 'application/json') - data = Role.validate_json(web.data()) + data = web.data() if web.data() else {} + if data: + data = Role.validate_json(data) if 'release_id' in data: return json.dumps(map( RoleHandler.render, diff --git a/nailgun/api/models.py b/nailgun/api/models.py index 0a18b917f..efdf9fe97 100644 --- a/nailgun/api/models.py +++ b/nailgun/api/models.py @@ -167,6 +167,8 @@ class Node(Base, BasicValidator): d = cls.validate_json(data) if not "mac" in d: raise web.webapi.badrequest(message="No mac address specified") + if "id" in d: + raise web.webapi.badrequest(message="Manual ID setting is prohibited") return d @classmethod @@ -174,6 +176,8 @@ class Node(Base, BasicValidator): d = cls.validate_json(data) if "status" in d and d["status"] not in cls.NODE_STATUSES: raise web.webapi.badrequest(message="Invalid status for node") + if "id" in d: + raise web.webapi.badrequest(message="Manual ID setting is prohibited") return d diff --git a/nailgun/api/validators.py b/nailgun/api/validators.py index de58c7038..bf49519a2 100644 --- a/nailgun/api/validators.py +++ b/nailgun/api/validators.py @@ -12,10 +12,13 @@ class BasicValidator(object): res = json.loads(data) except: raise web.webapi.badrequest( - message="Invalid json format!" + message="Invalid json format" ) - return res - return data + else: + raise web.webapi.badrequest( + message="Empty request received" + ) + return res @classmethod def validate(cls, data):