require url scheme for credential type url inputs

This adds a url formatting type for credential input string fields The validator for this formatting type will throw an error if the provided url string doesn't have a url schema.
2024-11-01 08:21:15 +03:00 · 2019-04-30 13:17:15 -04:00 · 2019-04-30 13:17:15 -04:00 · 9737ab620c
commit 9737ab620c
parent 52276ebbab
6 changed files with 45 additions and 1 deletions
--- a/awx/main/credential_plugins/aim.py
+++ b/awx/main/credential_plugins/aim.py
@ -15,6 +15,7 @@ aim_inputs = {
        'id': 'url',
        'label': _('CyberArk AIM URL'),
        'type': 'string',
+        'format': 'url',
    }, {
        'id': 'app_id',
        'label': _('Application ID'),
--- a/awx/main/credential_plugins/azure_kv.py
+++ b/awx/main/credential_plugins/azure_kv.py
@ -10,6 +10,7 @@ azure_keyvault_inputs = {
        'id': 'url',
        'label': _('Vault URL (DNS Name)'),
        'type': 'string',
+        'format': 'url',
    }, {
        'id': 'client',
        'label': _('Client ID'),
--- a/awx/main/credential_plugins/conjur.py
+++ b/awx/main/credential_plugins/conjur.py
@ -16,6 +16,7 @@ conjur_inputs = {
        'id': 'url',
        'label': _('Conjur URL'),
        'type': 'string',
+        'format': 'url',
    }, {
        'id': 'api_key',
        'label': _('API Key'),
--- a/awx/main/credential_plugins/hashivault.py
+++ b/awx/main/credential_plugins/hashivault.py
@ -14,6 +14,7 @@ base_inputs = {
        'id': 'url',
        'label': _('Server URL'),
        'type': 'string',
+        'format': 'url',
        'help_text': _('The URL to the HashiCorp Vault'),
    }, {
        'id': 'token',
--- a/awx/main/fields.py
+++ b/awx/main/fields.py
@ -490,6 +490,15 @@ def format_ssh_private_key(value):
    return True


+@JSONSchemaField.format_checker.checks('url')
+def format_url(value):
+    if urllib.parse.urlparse(value).scheme == '':
+        raise jsonschema.exceptions.FormatError(
+            'Invalid URL: Missing url scheme (http, https, etc.)'
+        )
+    return True
+
+
 class DynamicCredentialInputField(JSONSchemaField):
    """
    Used to validate JSON for
@ -722,7 +731,7 @@ class CredentialTypeInputField(JSONSchemaField):
                        'type': 'object',
                        'properties': {
                            'type': {'enum': ['string', 'boolean']},
-                            'format': {'enum': ['ssh_private_key']},
+                            'format': {'enum': ['ssh_private_key', 'url']},
                            'choices': {
                                'type': 'array',
                                'minItems': 1,
--- a/awx/main/tests/functional/api/test_credential.py
+++ b/awx/main/tests/functional/api/test_credential.py
@ -1942,3 +1942,34 @@ def test_create_credential_missing_user_team_org_xfail(post, admin, credentialty
        admin
    )
    assert response.status_code == 400
+
+
+@pytest.mark.django_db
+def test_create_credential_with_missing_url_schema_xfail(post, organization, admin):
+    credential_type = CredentialType(
+        kind='test',
+        name='MyTestCredentialType',
+        inputs = {
+            'fields': [{
+                'id': 'server_url',
+                'label': 'Server Url',
+                'type': 'string',
+                'format': 'url'
+            }]
+        }
+    )
+    credential_type.save()
+
+    params = {
+        'name': 'Second Best credential ever',
+        'organization': organization.pk,
+        'credential_type': credential_type.pk,
+        'inputs': {'server_url': 'foo.com'}
+    }
+    endpoint = reverse('api:credential_list', kwargs={'version': 'v2'})
+    response = post(endpoint, params, admin)
+    assert response.status_code == 400
+
+    params['inputs'] = {'server_url': 'http://foo.com'}
+    response = post(endpoint, params, admin)
+    assert response.status_code == 201