refactor: replace hardcoded calculation ID with dynamic reference and disable request parameter whitelist validation

main
Cizz22 2 months ago
parent 474d76ff05
commit d910ef80d6

@ -1065,14 +1065,14 @@ async def run_simulation_with_spareparts(*, db_session, calculation, token: str,
# 2. Calculate plant data chart
plant_summary = await calculate_plant_data_chart(
db_session=db_session,
calculation_id=str("2ad790c6-beb1-4be9-b79c-1b4c13771a07"),
calculation_id=str(calculation.id),
token=token,
simulation_id=simulation_id
)
# 3. Generate and save plant data chart as PNG
# Fetch the latest calculation data to get plant_results
calculation_data = await get_calculation_data_by_id(db_session, "2ad790c6-beb1-4be9-b79c-1b4c13771a07")
calculation_data = await get_calculation_data_by_id(db_session, calculation.id)
generate_simulation_chart(

@ -239,12 +239,12 @@ def inspect_json(obj, path="body", check_whitelist=True):
detail="Invalid request parameters",
)
if check_whitelist and key not in ALLOWED_DATA_PARAMS:
log.warning(f"Security violation: Unknown JSON key detected: {path}.{key}")
raise HTTPException(
status_code=422,
detail="Invalid request parameters",
)
# if check_whitelist and key not in ALLOWED_DATA_PARAMS:
# log.warning(f"Security violation: Unknown JSON key detected: {path}.{key}")
# raise HTTPException(
# status_code=422,
# detail="Invalid request parameters",
# )
# Recurse. If the key is a dynamic container, we stop whitelist checking for children.
should_check_subkeys = check_whitelist and (key not in DYNAMIC_KEYS)
@ -316,13 +316,13 @@ class RequestValidationMiddleware(BaseHTTPMiddleware):
)
# Check for unknown query parameters
unknown_params = [key for key, _ in params if key not in ALLOWED_DATA_PARAMS]
if unknown_params:
log.warning(f"Security violation: Unknown query parameters detected: {unknown_params}")
raise HTTPException(
status_code=422,
detail="Invalid request parameters",
)
# unknown_params = [key for key, _ in params if key not in ALLOWED_DATA_PARAMS]
# if unknown_params:
# log.warning(f"Security violation: Unknown query parameters detected: {unknown_params}")
# raise HTTPException(
# status_code=422,
# detail="Invalid request parameters",
# )
# -------------------------
# 2. Duplicate parameters

Loading…
Cancel
Save