[AAP-18358] Add key/value pair validation for extra var (#569)

  * Add validation for extra var on create

Solves: AAP-18358

Author: Dostonbek1

src/aap_eda/api/serializers/project.py

@@ -16,7 +16,7 @@
 from rest_framework.validators import UniqueValidator
 
 from aap_eda.api.serializers.credential import CredentialRefSerializer
-from aap_eda.core import models
+from aap_eda.core import models, validators
 
 
 class ProjectSerializer(serializers.ModelSerializer):
@@ -143,6 +143,7 @@ class ExtraVarSerializer(serializers.ModelSerializer):
     extra_var = serializers.CharField(
         required=True,
         help_text="Content of the extra_var",
+        validators=[validators.is_extra_var_dict],
     )
 
     class Meta:

src/aap_eda/core/validators.py

@@ -13,6 +13,7 @@
 #  limitations under the License.
 import logging
 
+import yaml
 from rest_framework import serializers
 
 from aap_eda.core import models
@@ -68,3 +69,16 @@ def check_awx_tokens(user_id: int) -> int:
         )
 
     return user_id
+
+
+def is_extra_var_dict(extra_var: str):
+    try:
+        data = yaml.safe_load(extra_var)
+        if not isinstance(data, dict):
+            raise serializers.ValidationError(
+                "Extra var is not in object format"
+            )
+    except yaml.YAMLError:
+        raise serializers.ValidationError(
+            "Extra var must be in JSON or YAML format"
+        )

src/aap_eda/services/activation/manager.py

@@ -1036,12 +1036,6 @@ def _create_activation_instance(self):
     def _build_container_request(self) -> ContainerRequest:
         if self.db_instance.extra_var:
             context = yaml.safe_load(self.db_instance.extra_var.extra_var)
-            # TODO: This will be validated by the api
-            # https://issues.redhat.com/browse/AAP-18358
-            if not isinstance(context, dict):
-                msg = f"{context} is not in dict format."
-                LOGGER.error(msg)
-                raise exceptions.ActivationStartError(msg)
         else:
             context = {}
 

tests/integration/api/test_extra_var.py

@@ -56,3 +56,45 @@ def test_retrieve_extra_var(client: APIClient):
 def test_retrieve_extra_var_not_exist(client: APIClient):
     response = client.get(f"{api_url_v1}/extra-vars/42/")
     assert response.status_code == status.HTTP_404_NOT_FOUND
+
+
+NOT_OBJECT_ERROR_MSG = "Extra var is not in object format"
+NOT_YAML_JSON_ERROR_MSG = "Extra var must be in JSON or YAML format"
+
+
+@pytest.mark.parametrize(
+    "extra_var,error_message",
+    [
+        ("John", NOT_OBJECT_ERROR_MSG),
+        ("John, ", NOT_OBJECT_ERROR_MSG),
+        ("[John, 3,]", NOT_OBJECT_ERROR_MSG),
+        ('{"name": "John" - 2 }', NOT_YAML_JSON_ERROR_MSG),
+    ],
+)
+@pytest.mark.django_db
+def test_extra_var_invalid_data(client: APIClient, extra_var, error_message):
+    invalid_data = {
+        "extra_var": extra_var,
+    }
+    response = client.post(f"{api_url_v1}/extra-vars/", data=invalid_data)
+    assert response.status_code == status.HTTP_400_BAD_REQUEST
+    assert str(response.data["extra_var"][0]) == error_message
+
+
+@pytest.mark.parametrize(
+    "extra_var",
+    [
+        "John: Doe",
+        "John: 2",
+        '{"name": "John"}',
+        '"age": 20',
+        "---\nname: hello\nhosts: localhost\ngather_facts: false",
+    ],
+)
+@pytest.mark.django_db
+def test_extra_var_valid_data(client: APIClient, extra_var):
+    valid_data = {
+        "extra_var": extra_var,
+    }
+    response = client.post(f"{api_url_v1}/extra-vars/", data=valid_data)
+    assert response.status_code == status.HTTP_201_CREATED