refactor: replace hardcoded calculation ID with dynamic reference and disable request parameter whitelist validation

main
Cizz22 2 months ago
parent 474d76ff05
commit d910ef80d6

@ -1065,14 +1065,14 @@ async def run_simulation_with_spareparts(*, db_session, calculation, token: str,
# 2. Calculate plant data chart # 2. Calculate plant data chart
plant_summary = await calculate_plant_data_chart( plant_summary = await calculate_plant_data_chart(
db_session=db_session, db_session=db_session,
calculation_id=str("2ad790c6-beb1-4be9-b79c-1b4c13771a07"), calculation_id=str(calculation.id),
token=token, token=token,
simulation_id=simulation_id simulation_id=simulation_id
) )
# 3. Generate and save plant data chart as PNG # 3. Generate and save plant data chart as PNG
# Fetch the latest calculation data to get plant_results # Fetch the latest calculation data to get plant_results
calculation_data = await get_calculation_data_by_id(db_session, "2ad790c6-beb1-4be9-b79c-1b4c13771a07") calculation_data = await get_calculation_data_by_id(db_session, calculation.id)
generate_simulation_chart( generate_simulation_chart(

@ -239,12 +239,12 @@ def inspect_json(obj, path="body", check_whitelist=True):
detail="Invalid request parameters", detail="Invalid request parameters",
) )
if check_whitelist and key not in ALLOWED_DATA_PARAMS: # if check_whitelist and key not in ALLOWED_DATA_PARAMS:
log.warning(f"Security violation: Unknown JSON key detected: {path}.{key}") # log.warning(f"Security violation: Unknown JSON key detected: {path}.{key}")
raise HTTPException( # raise HTTPException(
status_code=422, # status_code=422,
detail="Invalid request parameters", # detail="Invalid request parameters",
) # )
# Recurse. If the key is a dynamic container, we stop whitelist checking for children. # Recurse. If the key is a dynamic container, we stop whitelist checking for children.
should_check_subkeys = check_whitelist and (key not in DYNAMIC_KEYS) should_check_subkeys = check_whitelist and (key not in DYNAMIC_KEYS)
@ -316,13 +316,13 @@ class RequestValidationMiddleware(BaseHTTPMiddleware):
) )
# Check for unknown query parameters # Check for unknown query parameters
unknown_params = [key for key, _ in params if key not in ALLOWED_DATA_PARAMS] # unknown_params = [key for key, _ in params if key not in ALLOWED_DATA_PARAMS]
if unknown_params: # if unknown_params:
log.warning(f"Security violation: Unknown query parameters detected: {unknown_params}") # log.warning(f"Security violation: Unknown query parameters detected: {unknown_params}")
raise HTTPException( # raise HTTPException(
status_code=422, # status_code=422,
detail="Invalid request parameters", # detail="Invalid request parameters",
) # )
# ------------------------- # -------------------------
# 2. Duplicate parameters # 2. Duplicate parameters

Loading…
Cancel
Save