views: edit_glsa: allow empty references

Signed-off-by: John Helmert III <ajak@gentoo.org>

2 files changed, 16 insertions, 0 deletions

diff --git a/glsamaker/tests/test_views.py b/glsamaker/tests/test_views.py
index 9c8de60..e4cae77 100644
--- a/glsamaker/tests/test_views.py
+++ b/glsamaker/tests/test_views.py
@@ -176,3 +176,17 @@ def test_edit_glsa(app, auth, db):
     # len([CVE-2000-1234, CVE-2000-4321]) == 2
     # "notaref" should be excluded
     assert len(glsa_in_db.references) == 2
+
+    # empty references is valid
+    glsa_data["references"] = ""
+    response = auth.post(
+        f"/edit_glsa/{db.session.query(GLSA).first().glsa_id}",
+        follow_redirects=True,
+        data=glsa_data,
+    )
+
+    glsa_in_db: GLSA = (
+        db.session.query(GLSA).filter(GLSA.glsa_id == glsa.glsa_id).first()
+    )
+
+    assert len(glsa_in_db.references) == 0
diff --git a/glsamaker/views.py b/glsamaker/views.py
index d7c8475..86ff534 100644
--- a/glsamaker/views.py
+++ b/glsamaker/views.py
@@ -85,6 +85,8 @@ class GLSAForm(FlaskForm):
     @classmethod
     def validate_references(cls, form: GLSAForm, field: StringField):
         message = "Invalid references: {}"
+        if not field.data:
+            return
         references = [ref.strip() for ref in field.data.split(",")]
         invalid_references = list(
             filter(lambda x: not Reference.valid_reference(x), references)