From 8d68c3031c1c347ea38c8a279af5581ac3ab4321 Mon Sep 17 00:00:00 2001 From: Markus Bucher Date: Tue, 3 Dec 2024 17:16:38 +0100 Subject: [PATCH] fixup! [PR] Fixes #38048 - Add rolling content views * Fix sanitize content_view repository_ids param Refs OR-5274 --- app/controllers/katello/api/v2/content_views_controller.rb | 5 ++++- test/controllers/api/v2/content_views_controller_test.rb | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/app/controllers/katello/api/v2/content_views_controller.rb b/app/controllers/katello/api/v2/content_views_controller.rb index 5258f84e2b1..8f215cc132e 100644 --- a/app/controllers/katello/api/v2/content_views_controller.rb +++ b/app/controllers/katello/api/v2/content_views_controller.rb @@ -299,7 +299,10 @@ def view_params if (!@content_view || !@content_view.composite?) attrs.push({:repository_ids => []}, :repository_ids) end - params.require(:content_view).permit(*attrs).to_h + result = params.require(:content_view).permit(*attrs).to_h + # sanitize repository_ids to be a list of integers + result[:repository_ids] = result[:repository_ids].map(&:to_i) if result[:repository_ids].present? + result end def find_environment diff --git a/test/controllers/api/v2/content_views_controller_test.rb b/test/controllers/api/v2/content_views_controller_test.rb index 98cc4e1300e..14bbfca2e87 100644 --- a/test/controllers/api/v2/content_views_controller_test.rb +++ b/test/controllers/api/v2/content_views_controller_test.rb @@ -243,8 +243,8 @@ def test_update_repositories_strings params = { :repository_ids => [repository.id.to_s] } assert_sync_task(::Actions::Katello::ContentView::Update) do |_content_view, content_view_params| - assert_equal content_view_params.key?(:repository_ids), true - assert_equal content_view_params[:repository_ids], params[:repository_ids] + assert content_view_params.key?(:repository_ids) + assert_equal [repository.id], content_view_params[:repository_ids] end put :update, params: { :id => @library_dev_staging_view.id, :content_view => params }