allow single-quotes in job-comments (#62)

ansibleguy · ansibleguy · commit fc4c13faaa51 · 2024-09-17T19:28:01.000+02:00
diff --git a/src/ansibleguy-webui/aw/api_endpoints/job.py b/src/ansibleguy-webui/aw/api_endpoints/job.py
@@ -31,7 +31,11 @@ class Meta:
     def validate(self, attrs: dict):
         for field in Job.api_fields_write:
             if field in attrs:
-                validate_no_xss(value=attrs[field], field=field)
+                if field in Job.fields_allow_sq:
+                    validate_no_xss(value=attrs[field], field=field, single_quote=True)
+
+                else:
+                    validate_no_xss(value=attrs[field], field=field)
 
         return attrs
 
diff --git a/src/ansibleguy-webui/aw/model/job.py b/src/ansibleguy-webui/aw/model/job.py
@@ -89,6 +89,7 @@ class Job(BaseJob):
     api_fields_read.extend(CHANGE_FIELDS)
     api_fields_write = api_fields_read.copy()
     api_fields_read.append('next_run')
+    fields_allow_sq = ['comment']
 
     name = models.CharField(max_length=150, null=False, blank=False)
     playbook_file = models.CharField(max_length=100)
