feat: handle safe list noop and delete appropriately

jorwoods · jorwoods · commit 2db96543b427 · 2025-12-23T17:08:44.000-06:00
Conversation with jacksonlauren indicated that if the
ExtensionSiteSettings safe list is None, no safeList element should be
included in the request. If the ExtensionSiteSettings.safe_list is a
non-None Iterable that yields 0 items, an empty safeList element will be
included in the request, having the effect of deleting the safe list on
the site.
diff --git a/tableauserverclient/server/request_factory.py b/tableauserverclient/server/request_factory.py
@@ -1671,8 +1671,11 @@ def update_site_extensions(self, xml_request: ET.Element, extensions_site_settin
             include_partner_built_element = ET.SubElement(ext_element, "includePartnerBuilt")
             include_partner_built_element.text = str(extensions_site_settings.include_partner_built).lower()
 
-        for safe in extensions_site_settings.safe_list or []:
-            safe_element = ET.SubElement(ext_element, "safeList")
+        if extensions_site_settings.safe_list is None:
+            return
+
+        safe_element = ET.SubElement(ext_element, "safeList")
+        for safe in extensions_site_settings.safe_list:
             if safe.url is not None:
                 url_element = ET.SubElement(safe_element, "url")
                 url_element.text = safe.url
diff --git a/test/test_extensions.py b/test/test_extensions.py
@@ -131,3 +131,66 @@ def test_update_site_settings(server: TSC.Server) -> None:
     prompt_needed_elem = safe_extension_elem.find("promptNeeded")
     assert prompt_needed_elem is not None
     assert prompt_needed_elem.text == "true"
+
+
+def test_update_safe_list_none(server: TSC.Server) -> None:
+    with requests_mock.mock() as m:
+        m.put(server.extensions.baseurl, text=GET_SITE_SETTINGS.read_text())
+
+        site_settings = TSC.ExtensionsSiteSettings()
+        site_settings.enabled = True
+        site_settings.use_default_setting = False
+
+        updated_settings = server.extensions.update(site_settings)
+        history = m.request_history
+
+    assert isinstance(updated_settings, TSC.ExtensionsSiteSettings)
+    assert updated_settings.enabled is True
+    assert updated_settings.use_default_setting is False
+    assert updated_settings.safe_list is not None
+    assert len(updated_settings.safe_list) == 1
+    first_safe = updated_settings.safe_list[0]
+    assert first_safe.url == "http://localhost:9123/Dynamic.html"
+    assert first_safe.full_data_allowed is True
+    assert first_safe.prompt_needed is True
+
+    # Verify that the request body was as expected
+    assert len(history) == 1
+    xml_payload = fromstring(history[0].body)
+    extensions_site_settings_elem = xml_payload.find(".//extensionsSiteSettings")
+    assert extensions_site_settings_elem is not None
+    safe_list_element = extensions_site_settings_elem.find("safeList")
+    assert safe_list_element is None
+
+
+def test_update_safe_list_empty(server: TSC.Server) -> None:
+    with requests_mock.mock() as m:
+        m.put(server.extensions.baseurl, text=GET_SITE_SETTINGS.read_text())
+
+        site_settings = TSC.ExtensionsSiteSettings()
+        site_settings.enabled = True
+        site_settings.use_default_setting = False
+        site_settings.safe_list = []
+
+        updated_settings = server.extensions.update(site_settings)
+        history = m.request_history
+ 
+    assert isinstance(updated_settings, TSC.ExtensionsSiteSettings)
+    assert updated_settings.enabled is True
+    assert updated_settings.use_default_setting is False
+    assert updated_settings.safe_list is not None
+    assert len(updated_settings.safe_list) == 1
+    first_safe = updated_settings.safe_list[0]
+    assert first_safe.url == "http://localhost:9123/Dynamic.html"
+    assert first_safe.full_data_allowed is True
+    assert first_safe.prompt_needed is True
+
+    # Verify that the request body was as expected
+    assert len(history) == 1
+    xml_payload = fromstring(history[0].body)
+    extensions_site_settings_elem = xml_payload.find(".//extensionsSiteSettings")
+    assert extensions_site_settings_elem is not None
+    safe_list_element = extensions_site_settings_elem.find("safeList")
+    assert safe_list_element is not None
+    assert len(safe_list_element) == 0
+
