action #104631
Updated by okurz 4 months ago
## Observation
When I go to "Machines", click on the edit button and put presumable invalid characters into a settings name, e.g. `HDDSIZEGB!!=20` and click the Save button, I don't get an error message.
Apparently an API request is made `http://127.0.0.1:9526/api/v1/machines/1001` which returns 200 OK and `{"result":1}`. But the new setting is not saved, just silently ignored.
If I add a *new* setting with invalid characters, e.g. `foo!!=bar`, then it is saved as `foo=bar`.
## Acceptance criteria
* **AC1:** Invalid settings keys like `!` are explicitly not allowed on admin tables and not silently removed (or at least there is a user facing warning about it).
## Suggestions
* Be sure to rebase on top of recently merged https://github.com/os-autoinst/openQA/pull/5973
* Lookup in neighboring code if there is a range of acceptable characters (at least [[:alnum:]_]) or a blocklist containing at least `!`
* Consider to also add tests on the lower level, e.g. API route in t/api/05-machines.t
* Extend the according test in t/ui/13-admin.t to expect clear feedback
* Implement accordingly
* Refactor/simplify the code as necessary
## Further details
entrance level issue
Back