paradizelost/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2025-06-20 15:17:32 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix: fix some API crashes (#10196)

Browse Source
This commit is contained in:
shamoon 2025-06-16 22:44:39 -07:00 committed by GitHub
parent de12023311
commit e4fd008441
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 124 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/documents/serialisers.py
View File

@ -1189,7 +1189,6 @@ class SavedViewSerializer(OwnedObjectSerializer):
"owner",
"permissions",
"user_can_change",
"set_permissions",
]
def validate(self, attrs):
@ -1754,6 +1753,8 @@ class StoragePathSerializer(MatchingModelSerializer, OwnedObjectSerializer):
class UiSettingsViewSerializer(serializers.ModelSerializer):
settings = serializers.DictField(required=False, allow_null=True)
class Meta:
model = UiSettings
depth = 1
@ -2020,8 +2021,9 @@ class WorkflowTriggerSerializer(serializers.ModelSerializer):
):
attrs["filter_path"] = None
trigger_type = attrs.get("type", getattr(self.instance, "type", None))
if (
attrs["type"] == WorkflowTrigger.WorkflowTriggerType.CONSUMPTION
trigger_type == WorkflowTrigger.WorkflowTriggerType.CONSUMPTION
and "filter_mailrule" not in attrs
and ("filter_filename" not in attrs or attrs["filter_filename"] is None)
and ("filter_path" not in attrs or attrs["filter_path"] is None)

22
src/documents/tests/test_api_app_config.py
View File

@ -167,3 +167,25 @@ class TestApiAppConfig(DirectoriesMixin, APITestCase):
},
)
self.assertFalse(Path(old_logo.path).exists())
def test_create_not_allowed(self):
"""
GIVEN:
- API request to create a new app config
WHEN:
- API is called
THEN:
- Correct HTTP response
- No new config is created
"""
response = self.client.post(
self.ENDPOINT,
json.dumps(
{
"output_type": "pdf",
},
),
content_type="application/json",
)
self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED)
self.assertEqual(ApplicationConfiguration.objects.count(), 1)

24
src/documents/tests/test_api_uisettings.py
View File

@ -117,6 +117,30 @@ class TestApiUiSettings(DirectoriesMixin, APITestCase):
self.assertEqual(response.status_code, status.HTTP_200_OK)
def test_settings_must_be_dict(self):
"""
GIVEN:
- API request to update ui_settings with settings not being a dict
WHEN:
- API is called
THEN:
- Correct HTTP 400 response
"""
response = self.client.post(
self.ENDPOINT,
json.dumps(
{
"settings": "not a dict",
},
),
content_type="application/json",
)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertIn(
"Expected a dictionary",
str(response.data["settings"]),
)
@override_settings(
OAUTH_CALLBACK_BASE_URL="http://localhost:8000",
GMAIL_OAUTH_CLIENT_ID="abc123",

4
src/paperless/views.py
View File

@ -342,6 +342,10 @@ class ApplicationConfigurationViewSet(ModelViewSet):
serializer_class = ApplicationConfigurationSerializer
permission_classes = (IsAuthenticated, DjangoModelPermissions)
@extend_schema(exclude=True)
def create(self, request, *args, **kwargs):
return Response(status=405) # Not Allowed
@extend_schema_view(
post=extend_schema(

12
src/paperless_mail/serialisers.py
View File

@ -108,18 +108,20 @@ class MailRuleSerializer(OwnedObjectSerializer):
return instance
def create(self, validated_data):
if "assign_tags" in validated_data:
assign_tags = validated_data.pop("assign_tags")
assign_tags = validated_data.pop("assign_tags", [])
mail_rule = super().create(validated_data)
if assign_tags:
mail_rule.assign_tags.set(assign_tags)
return mail_rule
def validate(self, attrs):
action = attrs.get("action")
action_parameter = attrs.get("action_parameter")
if (
attrs["action"] == MailRule.MailAction.TAG
or attrs["action"] == MailRule.MailAction.MOVE
) and attrs["action_parameter"] is None:
action in [MailRule.MailAction.TAG, MailRule.MailAction.MOVE]
and not action_parameter
):
raise serializers.ValidationError("An action parameter is required.")
return attrs

63
src/paperless_mail/tests/test_mail.py
View File

@ -1822,3 +1822,66 @@ class TestMailAccountProcess(APITestCase):
response = self.client.post(self.url)
self.assertEqual(response.status_code, status.HTTP_200_OK)
m.assert_called_once()
class TestMailRuleAPI(APITestCase):
def setUp(self):
self.user = User.objects.create_superuser(
username="testuser",
password="testpassword",
)
self.client.force_authenticate(user=self.user)
self.account = MailAccount.objects.create(
imap_server="imap.example.com",
imap_port=993,
imap_security=MailAccount.ImapSecurity.SSL,
username="admin",
password="secret",
account_type=MailAccount.MailAccountType.IMAP,
owner=self.user,
)
self.url = "/api/mail_rules/"
def test_create_mail_rule(self):
"""
GIVEN:
- Valid data for creating a mail rule
WHEN:
- A POST request is made to the mail rules endpoint
THEN:
- The rule should be created successfully
- The response should contain the created rule's details
"""
data = {
"name": "Test Rule",
"account": self.account.pk,
"action": MailRule.MailAction.MOVE,
"action_parameter": "inbox",
}
response = self.client.post(self.url, data, format="json")
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertEqual(MailRule.objects.count(), 1)
rule = MailRule.objects.first()
self.assertEqual(rule.name, "Test Rule")
def test_mail_rule_action_parameter_required_for_tag_or_move(self):
"""
GIVEN:
- Valid data for creating a mail rule without action_parameter
WHEN:
- A POST request is made to the mail rules endpoint
THEN:
- The request should fail with a 400 Bad Request status
- The response should indicate that action_parameter is required
"""
data = {
"name": "Test Rule",
"account": self.account.pk,
"action": MailRule.MailAction.MOVE,
}
response = self.client.post(self.url, data, format="json")
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
self.assertIn(
"action parameter is required",
str(response.data["non_field_errors"]),
)