From 029a151b7ce936b708c8c88763b1e833fcadeb66 Mon Sep 17 00:00:00 2001 From: Joe Rafaniello Date: Wed, 15 Nov 2023 09:29:07 -0500 Subject: [PATCH 1/2] Update safe_load calls to work with psych 3/4 Part of https://github.com/ManageIQ/manageiq/issues/22696 Keep compatibility with psych 3.1+ since permitted_classes and aliases were added as keyword arguments to safe_load. Note, psych 4 changed the interface to drop support with positional arguments for the permitted_classes. Now, we must explicitly specify them using kwargs. --- .../providers/openstack/cloud_manager/orchestration_template.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/manageiq/providers/openstack/cloud_manager/orchestration_template.rb b/app/models/manageiq/providers/openstack/cloud_manager/orchestration_template.rb index 1f1122d9d..23f5990cf 100644 --- a/app/models/manageiq/providers/openstack/cloud_manager/orchestration_template.rb +++ b/app/models/manageiq/providers/openstack/cloud_manager/orchestration_template.rb @@ -105,7 +105,7 @@ def self.display_name(number = 1) def parse return JSON.parse(content) if format == 'json' - YAML.safe_load(content, [Date]) + YAML.safe_load(content, :permitted_classes => [Date]) end def validate_format_yaml From 4edca26f804047331d8bdd9df572f7bf4366d859 Mon Sep 17 00:00:00 2001 From: Joe Rafaniello Date: Wed, 15 Nov 2023 15:09:57 -0500 Subject: [PATCH 2/2] We explicitly serialize objects so we need to permit yaml loading them --- app/models/manageiq/providers/openstack/helper_methods.rb | 5 +++++ .../cloud_manager/provision/volume_attachment_spec.rb | 2 ++ 2 files changed, 7 insertions(+) diff --git a/app/models/manageiq/providers/openstack/helper_methods.rb b/app/models/manageiq/providers/openstack/helper_methods.rb index a1726855e..d6107b1f5 100644 --- a/app/models/manageiq/providers/openstack/helper_methods.rb +++ b/app/models/manageiq/providers/openstack/helper_methods.rb @@ -64,6 +64,11 @@ def parse_error_message_excon_http_status(exception) end def with_notification(type, options: {}) + # We're explicitly serializing objects in the options subject key so we should permit yaml loading those classes + if options[:subject] + ActiveRecord::Base.yaml_column_permitted_classes = ActiveRecord::Base.yaml_column_permitted_classes | [options[:subject].class] + end + # extract success and error options from options # :success and :error keys respectively # with all other keys common for both cases diff --git a/spec/models/manageiq/providers/openstack/cloud_manager/provision/volume_attachment_spec.rb b/spec/models/manageiq/providers/openstack/cloud_manager/provision/volume_attachment_spec.rb index b5668a866..505ec40e3 100644 --- a/spec/models/manageiq/providers/openstack/cloud_manager/provision/volume_attachment_spec.rb +++ b/spec/models/manageiq/providers/openstack/cloud_manager/provision/volume_attachment_spec.rb @@ -5,6 +5,8 @@ @flavor = FactoryBot.create(:flavor_openstack) @volume = FactoryBot.create(:cloud_volume_openstack) + # We're storing objects in the instance_type, so we must permit loading this class + ActiveRecord::Base.yaml_column_permitted_classes = ActiveRecord::Base.yaml_column_permitted_classes | [@flavor.class] @task = FactoryBot.create(:miq_provision_openstack, :source => @template, :state => 'pending',