search

mountetna / magma

Data server with friendly data loaders
GNU General Public License v2.0
5 stars 2 forks source link

Require project_name in all server requests #184

Open alimi opened 3 years ago

alimi commented 3 years ago

All controllers inherit from Magma::Controller, and Magma::Controller assumes project_name will be included in request payloads.

https://github.com/mountetna/magma/blob/c3e5ff98a2150acca518d23237ac1ce432bb4390/lib/magma/server/controller.rb#L1-L8

Magma::Controller doesn't check that project_name so if it's missing we'll see errors downstream like

WARN:2020-07-09T15:49:19+00:00 User saurabh.asthana@ucsf.edu calling update_model#action with params {:actions=>"[{:action_name=>\"add_attribute\", :type=>\"string\", :model_name=>\"project\", :attribute_name=>\"faq\", :description=>\"Frequently asked questions about COMET\", :di
splay_name=>\"FAQ\"}]"}
ERROR:2020-07-09T15:49:19+00:00 hxlkr Caught unspecified error
ERROR:2020-07-09T15:49:19+00:00 hxlkr undefined method `to_sym' for nil:NilClass
ERROR:2020-07-09T15:49:19+00:00 hxlkr /home/graft/magma/lib/magma.rb:31:in `get_project'
ERROR:2020-07-09T15:49:19+00:00 hxlkr /home/graft/magma/lib/magma/actions/model_update_actions.rb:68:in `initialize'
ERROR:2020-07-09T15:49:19+00:00 hxlkr /home/graft/magma/lib/magma/actions/model_update_actions.rb:10:in `new'
ERROR:2020-07-09T15:49:19+00:00 hxlkr /home/graft/magma/lib/magma/actions/model_update_actions.rb:10:in `build'
ERROR:2020-07-09T15:49:19+00:00 hxlkr /home/graft/magma/lib/magma/server/update_model.rb:6:in `action'

Magma::Controller should verify project_name is set and refers to an existing project. If those conditions aren't met, it should stop processing the request and respond with an error.