diff --git a/swh/web/auth/mailmap.py b/swh/web/auth/mailmap.py --- a/swh/web/auth/mailmap.py +++ b/swh/web/auth/mailmap.py @@ -41,12 +41,18 @@ if not request.user.has_perm(MAILMAP_PERMISSION): return HttpResponseForbidden() + from_email = request.data.pop("from_email", None) + if not from_email: + return HttpResponseBadRequest("'from_email' must be provided and non-empty.") + try: - UserMailmap.objects.create(user_id=str(request.user.id), **request.data) + UserMailmap.objects.create( + user_id=str(request.user.id), from_email=from_email, **request.data + ) except IntegrityError: return HttpResponseBadRequest("This 'from_email' already exists.") mm = UserMailmap.objects.get( - user_id=str(request.user.id), from_email=request.data.get("from_email") + user_id=str(request.user.id), from_email=from_email ) return Response(UserMailmapSerializer(mm).data) @@ -56,10 +62,9 @@ if not request.user.has_perm(MAILMAP_PERMISSION): return HttpResponseForbidden() - try: - from_email = request.data.pop("from_email") - except KeyError: - return HttpResponseBadRequest("Missing from_email value") + from_email = request.data.pop("from_email", None) + if not from_email: + return HttpResponseBadRequest("'from_email' must be provided and non-empty.") user_id = str(request.user.id) diff --git a/swh/web/tests/auth/test_mailmap.py b/swh/web/tests/auth/test_mailmap.py --- a/swh/web/tests/auth/test_mailmap.py +++ b/swh/web/tests/auth/test_mailmap.py @@ -85,11 +85,12 @@ api_client.force_login(mailmap_user) url = reverse("profile-mailmap-add") - resp = check_api_post_response(api_client, url, status_code=500) - assert "exception" in resp.data + resp = check_api_post_response(api_client, url, status_code=400) + assert b"from_email" in resp.content url = reverse("profile-mailmap-update") resp = check_api_post_response(api_client, url, status_code=400) + assert b"from_email" in resp.content @pytest.mark.django_db(transaction=True)