aalpern
commented
9 years ago Nope, I'm wrong - it is being parsed into a Dashboard model object on the client side, then serialized prior to submitting to the tessera API. Curiouser and curiouser.
Closed aalpern closed 9 years ago
aalpern
commented
9 years ago Nope, I'm wrong - it is being parsed into a Dashboard model object on the client side, then serialized prior to submitting to the tessera API. Curiouser and curiouser.
aalpern
commented
9 years ago Ah, very permissive constructors on the client side result in a dashboard object w/o a title, and the server side doesn't validate the title (which, it happens, is the only required field. The 'New Dashboard' UI page validates that before submitting, but only that UI validates. Whoops.
aalpern
commented
9 years ago Fixed
Just that. You can import a blob of non-Tessera JSON via the import page, and end up with a bad dashboard that will cause internal server errors on dashboard listing. Whoops! I think it's relying on the API to validate, and the server-side validation is poor. Should parse the JSON client side first to validate, since that's a much more comprehensive model.