REST: Ensure submission exists for comment listing

author Stephen Finucane <stephen@that.guru>

Sun, 28 Oct 2018 13:31:34 +0000 (13:31 +0000)

committer Stephen Finucane <stephen@that.guru>

Sat, 22 Dec 2018 18:13:45 +0000 (18:13 +0000)
author Stephen Finucane <stephen@that.guru>
Sun, 28 Oct 2018 13:31:34 +0000 (13:31 +0000)
committer Stephen Finucane <stephen@that.guru>
Sat, 22 Dec 2018 18:13:45 +0000 (18:13 +0000)
diff --git a/patchwork/api/comment.py b/patchwork/api/comment.py

index 5a5adb1d0ca0e9e0c933cecc8617c1fba90a5a89..e0068353ea07055eaaffdb8c07ab93c168c3746e 100644 (file)
--- a/patchwork/api/comment.py
+++ b/patchwork/api/comment.py
@@ -19,6 +19,7 @@
  
  import email.parser
  
+from django.http import Http404
  from rest_framework.generics import ListAPIView
  from rest_framework.serializers import SerializerMethodField
  
@@ -26,6 +27,7 @@ from patchwork.api.base import BaseHyperlinkedModelSerializer
  from patchwork.api.base import PatchworkPermission
  from patchwork.api.embedded import PersonSerializer
  from patchwork.models import Comment
+from patchwork.models import Submission
  
  
  class CommentListSerializer(BaseHyperlinkedModelSerializer):
@@ -78,6 +80,9 @@ class CommentList(ListAPIView):
      lookup_url_kwarg = 'pk'
  
      def get_queryset(self):
+        if not Submission.objects.filter(pk=self.kwargs['pk']).exists():
+            raise Http404
+
          return Comment.objects.filter(
              submission=self.kwargs['pk']
          ).select_related('submitter')
diff --git a/patchwork/tests/api/test_comment.py b/patchwork/tests/api/test_comment.py

index f79ea4695fe75ced4c88dea94f0edffd2c636cfa..5fcb9463ba144972a31b1d38b5c5d99a49757770 100644 (file)
--- a/patchwork/tests/api/test_comment.py
+++ b/patchwork/tests/api/test_comment.py
@@ -75,6 +75,12 @@ class TestCoverComments(APITestCase):
          with self.assertRaises(NoReverseMatch):
              self.client.get(self.api_url(cover_obj, version='1.0'))
  
+    def test_list_invalid_cover(self):
+        """Ensure we get a 404 for a non-existent cover letter."""
+        resp = self.client.get(
+            reverse('api-cover-comment-list', kwargs={'pk': '99999'}))
+        self.assertEqual(status.HTTP_404_NOT_FOUND, resp.status_code)
+
  
  @unittest.skipUnless(settings.ENABLE_REST_API, 'requires ENABLE_REST_API')
  class TestPatchComments(APITestCase):
@@ -113,3 +119,9 @@ class TestPatchComments(APITestCase):
          # check we can't access comments using the old version of the API
          with self.assertRaises(NoReverseMatch):
              self.client.get(self.api_url(patch_obj, version='1.0'))
+
+    def test_list_invalid_patch(self):
+        """Ensure we get a 404 for a non-existent patch."""
+        resp = self.client.get(
+            reverse('api-patch-comment-list', kwargs={'pk': '99999'}))
+        self.assertEqual(status.HTTP_404_NOT_FOUND, resp.status_code)
diff --git a/releasenotes/notes/issue-225-94215600c1b23f6e.yaml b/releasenotes/notes/issue-225-94215600c1b23f6e.yaml

new file mode 100644 (file)

index 0000000..035e38d
--- /dev/null
+++ b/releasenotes/notes/issue-225-94215600c1b23f6e.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Showing comments for a non-existant patch or cover letter was returning an
+    empty response instead of a HTTP 404. This issue is resolved for both
+    resources.
author	Stephen Finucane <stephen@that.guru>
	Sun, 28 Oct 2018 13:31:34 +0000 (13:31 +0000)
committer	Stephen Finucane <stephen@that.guru>
	Sat, 22 Dec 2018 18:13:45 +0000 (18:13 +0000)
patchwork/api/comment.py		patch \| blob \| blame \| history
patchwork/tests/api/test_comment.py		patch \| blob \| blame \| history
releasenotes/notes/issue-225-94215600c1b23f6e.yaml	[new file with mode: 0644]	patch \| blob