From fbe608655730c2d543e91c009b42e7c633fcace0 Mon Sep 17 00:00:00 2001
From: Valentin Deniaud <vdeniaud@entrouvert.com>
Date: Thu, 29 Jul 2021 11:19:58 +0200
Subject: [PATCH 1/3] api: rely on DRF validation (#55367)

---
 chrono/api/views.py        | 33 ++++++++++++++++-----------------
 tests/api/test_fillslot.py | 17 ++++++++++-------
 2 files changed, 26 insertions(+), 24 deletions(-)

diff --git a/chrono/api/views.py b/chrono/api/views.py
index 2ad13b7..08c87d2 100644
--- a/chrono/api/views.py
+++ b/chrono/api/views.py
@@ -1113,6 +1113,20 @@ class SlotsSerializer(SlotSerializer):
 
     slots = StringOrListField(required=True, child=serializers.CharField(max_length=160, allow_blank=False))
 
+    def validate(self, attrs):
+        super().validate(attrs)
+        if not attrs.get('slots'):
+            raise serializers.ValidationError({'slots': _('This field is required.')})
+        return attrs
+
+
+class EventSlotsSerializer(SlotsSerializer):
+    def validate(self, attrs):
+        super().validate(attrs)
+        if not attrs.get('user_external_id'):
+            raise serializers.ValidationError({'user_external_id': _('This field is required.')})
+        return attrs
+
 
 class Fillslots(APIView):
     permission_classes = (permissions.IsAuthenticated,)
@@ -1156,12 +1170,6 @@ class Fillslots(APIView):
 
         if 'slots' in payload:
             slots = payload['slots']
-        if not slots:
-            raise APIError(
-                _('slots list cannot be empty'),
-                err_class='slots list cannot be empty',
-                http_status=status.HTTP_400_BAD_REQUEST,
-            )
 
         if 'count' in payload:
             places_count = payload['count']
@@ -1535,9 +1543,9 @@ fillslot = Fillslot.as_view()
 
 class RecurringFillslots(APIView):
     permission_classes = (permissions.IsAuthenticated,)
-    serializer_class = SlotsSerializer
+    serializer_class = EventSlotsSerializer
 
-    def post(self, request, agenda_identifier=None, format=None):
+    def post(self, request, agenda_identifier):
         if not settings.ENABLE_RECURRING_EVENT_BOOKING:
             raise Http404()
 
@@ -1556,15 +1564,6 @@ class RecurringFillslots(APIView):
             )
         payload = serializer.validated_data
 
-        user_external_id = payload.get('user_external_id')
-        if not user_external_id:
-            raise APIError(
-                _('user_external_id is required'),
-                err_class='user_external_id is required',
-                errors=serializer.errors,
-                http_status=status.HTTP_400_BAD_REQUEST,
-            )
-
         open_event_slugs = set(agenda.get_open_recurring_events().values_list('slug', flat=True))
         slots = collections.defaultdict(list)
         for slot in payload['slots']:
diff --git a/tests/api/test_fillslot.py b/tests/api/test_fillslot.py
index 96b6679..63bc402 100644
--- a/tests/api/test_fillslot.py
+++ b/tests/api/test_fillslot.py
@@ -370,14 +370,16 @@ def test_booking_api_fillslots(app, some_data, user):
     # empty or missing slots
     resp = app.post_json('/api/agenda/%s/fillslots/' % agenda.id, params={'slots': []}, status=400)
     assert resp.json['err'] == 1
-    assert resp.json['reason'] == 'slots list cannot be empty'  # legacy
-    assert resp.json['err_class'] == 'slots list cannot be empty'
-    assert resp.json['err_desc'] == 'slots list cannot be empty'
+    assert resp.json['err_desc'] == 'invalid payload'
+    assert resp.json['errors']['slots'] == ['This field is required.']
     resp = app.post_json('/api/agenda/%s/fillslots/' % agenda.id, status=400)
     assert resp.json['err'] == 1
-    assert resp.json['reason'] == 'slots list cannot be empty'  # legacy
-    assert resp.json['err_class'] == 'slots list cannot be empty'
-    assert resp.json['err_desc'] == 'slots list cannot be empty'
+    assert resp.json['err_desc'] == 'invalid payload'
+    assert resp.json['errors']['slots'] == ['This field is required.']
+    resp = app.post_json('/api/agenda/%s/fillslots/' % agenda.id, params={'slots': ''}, status=400)
+    assert resp.json['err'] == 1
+    assert resp.json['err_desc'] == 'invalid payload'
+    assert resp.json['errors']['slots']['0'] == ['This field may not be blank.']
     # invalid slots format
     resp = app.post_json('/api/agenda/%s/fillslots/' % agenda.id, params={'slots': 'foobar'}, status=400)
     assert resp.json['err'] == 1
@@ -2182,7 +2184,8 @@ def test_recurring_events_api_fillslots(app, user, freezer):
     del params['user_external_id']
     resp = app.post_json(fillslots_url, params=params, status=400)
     assert resp.json['err'] == 1
-    assert resp.json['err_desc'] == 'user_external_id is required'
+    assert resp.json['err_desc'] == 'invalid payload'
+    assert resp.json['errors']['user_external_id'] == ['This field is required.']
 
     resp = app.post_json(fillslots_url, params={'user_external_id': 'a', 'slots': 'a:a'}, status=400)
     assert resp.json['err'] == 1
-- 
2.20.1