Validate package types in package metadatum models
Summary
Follow-up from !30618 (comment 337776087).
In package models, we sometimes need to save data that is custom for a given package type. Usually, this data is saved in a Packages::XXXMetadatum
where XXX is the package type. Those models have generally a belongs_to :package
Not all Packages::XXXMetadatum
checks that the package has the proper type.
Improvements
- Check all
Packages::XXXMetadatum
and add the missing package type validation
Risks
- This could prevent packages from being saved in the database. This risk is extensively mitigated by the large amount of tests we have that run through saving packages.
Involved components
Models to check:
Packages::Maven::Metadatum
Packages::Npm::Metadatum
Packages::Conan::FileMetadatum
Packages::Conan::Metadatum
Packages::Debian::FileMetadatum
Packages::Helm::FileMetadatum
Packages::Nuget::Metadatum
Packages::Pypi::Metadatum
Packages::Rpm::Metadatum
Packages::Rubygems::Metadatum
Optional: Missing test coverage
- Add rspec examples that specifically verify that the validator is working properly.
Edited by Radamanthus Batnag