Hello community, here is the log from the commit of package openQA for openSUSE:Factory checked in at 2018-02-14 10:51:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openQA (Old) and /work/SRC/openSUSE:Factory/.openQA.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openQA" Wed Feb 14 10:51:31 2018 rev:11 rq:576269 version:4.5.1518003872.3977d2f5 Changes: -------- --- /work/SRC/openSUSE:Factory/openQA/openQA.changes 2018-02-06 16:51:08.206499539 +0100 +++ /work/SRC/openSUSE:Factory/.openQA.new/openQA.changes 2018-02-14 10:51:33.773811483 +0100 @@ -1,0 +2,8 @@ +Sat Feb 10 01:01:54 UTC 2018 - [email protected] + +- Update to version 4.5.1518003872.3977d2f5: + * Run perltidy again (#1577) + * Fix perltidy complaints (#1576) + * Give 404 rather than 500 on invalid asset route (#1575) + +------------------------------------------------------------------- Old: ---- openQA-4.5.1517920216.2250682a.tar.xz New: ---- openQA-4.5.1518003872.3977d2f5.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openQA.spec ++++++ --- /var/tmp/diff_new_pack.8LORN3/_old 2018-02-14 10:51:34.637780389 +0100 +++ /var/tmp/diff_new_pack.8LORN3/_new 2018-02-14 10:51:34.637780389 +0100 @@ -36,7 +36,7 @@ # runtime requirements that also the testsuite needs %define t_requires perl(DBD::Pg) perl(DBIx::Class) perl(Config::IniFiles) perl(SQL::Translator) perl(Date::Format) perl(File::Copy::Recursive) perl(DateTime::Format::Pg) perl(Net::OpenID::Consumer) perl(Mojolicious::Plugin::RenderFile) perl(Mojolicious::Plugin::AssetPack) perl(aliased) perl(Config::Tiny) perl(DBIx::Class::DynamicDefault) perl(DBIx::Class::Schema::Config) perl(DBIx::Class::Storage::Statistics) perl(IO::Socket::SSL) perl(Data::Dump) perl(DBIx::Class::OptimisticLocking) perl(Text::Markdown) perl(Net::DBus) perl(IPC::Run) perl(Archive::Extract) perl(CSS::Minifier::XS) perl(JavaScript::Minifier::XS) perl(Time::ParseDate) perl(Sort::Versions) perl(Mojo::RabbitMQ::Client) perl(BSD::Resource) perl(Cpanel::JSON::XS) Name: openQA -Version: 4.5.1517920216.2250682a +Version: 4.5.1518003872.3977d2f5 Release: 0 Summary: The openQA web-frontend, scheduler and tools License: GPL-2.0+ @@ -197,9 +197,6 @@ # we don't really need the tidy test rm -f t/00-tidy.t -# currently broken in OBS -#rm -f ./t/24-worker.t ./t/api/09-comments.t ./t/ui/07-file.t ./t/ui/13-admin.t ./t/ui/15-comments.t ./t/ui/18-tests-details.t ./t/ui/19-tests-links.t ./t/05-scheduler-dependencies.t - %if %{with tests} #make test rm -rf %{buildroot}/DB ++++++ openQA-4.5.1517920216.2250682a.tar.xz -> openQA-4.5.1518003872.3977d2f5.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-4.5.1517920216.2250682a/lib/OpenQA/WebAPI/Controller/API/V1/Asset.pm new/openQA-4.5.1518003872.3977d2f5/lib/OpenQA/WebAPI/Controller/API/V1/Asset.pm --- old/openQA-4.5.1517920216.2250682a/lib/OpenQA/WebAPI/Controller/API/V1/Asset.pm 2018-02-06 13:30:16.000000000 +0100 +++ new/openQA-4.5.1518003872.3977d2f5/lib/OpenQA/WebAPI/Controller/API/V1/Asset.pm 2018-02-07 12:44:32.000000000 +0100 @@ -56,6 +56,11 @@ $args{$arg} = $self->stash($arg) if defined $self->stash($arg); } + if (defined $args{id} && $args{id} !~ /^\d+$/) { + $self->render(json => {}, status => 404); + return; + } + my $rs = $schema->resultset("Assets")->search(\%args); $rs->result_class('DBIx::Class::ResultClass::HashRefInflator'); @@ -79,6 +84,10 @@ my %attrs; if (defined $args{id}) { + if ($args{id} !~ /^\d+$/) { + $self->render(json => {}, status => 404); + return; + } $cond{id} = $args{id}; } elsif (defined $args{type} && defined $args{name}) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-4.5.1517920216.2250682a/lib/OpenQA/WebAPI/Controller/Admin/Asset.pm new/openQA-4.5.1518003872.3977d2f5/lib/OpenQA/WebAPI/Controller/Admin/Asset.pm --- old/openQA-4.5.1517920216.2250682a/lib/OpenQA/WebAPI/Controller/Admin/Asset.pm 2018-02-06 13:30:16.000000000 +0100 +++ new/openQA-4.5.1518003872.3977d2f5/lib/OpenQA/WebAPI/Controller/Admin/Asset.pm 2018-02-07 12:44:32.000000000 +0100 @@ -1,4 +1,4 @@ -# Copyright (C) 2014 SUSE Linux Products GmbH +# Copyright (C) 2014-2018 SUSE Linux Products GmbH # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -16,7 +16,7 @@ package OpenQA::WebAPI::Controller::Admin::Asset; use Mojo::Base 'Mojolicious::Controller'; -use List::Util qw(sum); +use List::Util 'sum'; sub index { my $self = shift; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openQA-4.5.1517920216.2250682a/t/api/02-assets.t new/openQA-4.5.1518003872.3977d2f5/t/api/02-assets.t --- old/openQA-4.5.1517920216.2250682a/t/api/02-assets.t 2018-02-06 13:30:16.000000000 +0100 +++ new/openQA-4.5.1518003872.3977d2f5/t/api/02-assets.t 2018-02-07 12:44:32.000000000 +0100 @@ -180,6 +180,10 @@ # try to register non existing asset $ret = $t->post_ok('/api/v1/assets', form => {type => 'iso', name => 'foo.iso'})->status_is(400); +# check/delete asset by invalid id that should give 404 rather than 500 +$ret = $t->get_ok('/api/v1/assets/iso')->status_is(404); +$ret = $t->delete_ok('/api/v1/assets/iso')->status_is(404); + # switch to operator (percival) and try some modifications $app = $t->app; $t->ua(
