return invalid data error on API instead of exception

This commit is contained in:
El RIDO 2022-12-12 20:46:47 +01:00
parent 62c11fc782
commit 38574f0196
No known key found for this signature in database
GPG Key ID: 0F5C940A6BD81F92
3 changed files with 31 additions and 9 deletions

View File

@ -12,6 +12,8 @@
namespace PrivateBin;
use Exception;
/**
* Request
*
@ -110,9 +112,13 @@ class Request
case 'POST':
// it might be a creation or a deletion, the latter is detected below
$this->_operation = 'create';
try {
$this->_params = Json::decode(
file_get_contents(self::$_inputStream)
);
} catch (Exception $e) {
// ignore error, $this->_params will remain empty
}
break;
default:
$this->_params = $_GET;

View File

@ -436,8 +436,6 @@ class ControllerTest extends PHPUnit_Framework_TestCase
* silently removed, check that this case is handled
*
* @runInSeparateProcess
* @expectedException Exception
* @expectedExceptionCode 90
*/
public function testCreateBrokenUpload()
{
@ -449,7 +447,12 @@ class ControllerTest extends PHPUnit_Framework_TestCase
$_SERVER['REQUEST_METHOD'] = 'POST';
$_SERVER['REMOTE_ADDR'] = '::1';
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste does not exists before posting data');
ob_start();
new Controller;
$content = ob_get_contents();
ob_end_clean();
$response = json_decode($content, true);
$this->assertEquals(1, $response['status'], 'outputs error status');
$this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste exists after posting data');
}

View File

@ -97,7 +97,7 @@ class RequestTest extends PHPUnit_Framework_TestCase
Request::setInputStream($file);
$request = new Request;
unlink($file);
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
$this->assertTrue($request->isJsonApiCall(), 'is JSON API call');
$this->assertEquals('create', $request->getOperation());
$this->assertEquals('foo', $request->getParam('ct'));
}
@ -111,7 +111,7 @@ class RequestTest extends PHPUnit_Framework_TestCase
file_put_contents($file, '{"ct":"foo"}');
Request::setInputStream($file);
$request = new Request;
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
$this->assertTrue($request->isJsonApiCall(), 'is JSON API call');
$this->assertEquals('create', $request->getOperation());
$this->assertEquals('foo', $request->getParam('ct'));
}
@ -125,7 +125,7 @@ class RequestTest extends PHPUnit_Framework_TestCase
$_SERVER['QUERY_STRING'] = $id;
$_GET[$id] = '';
$request = new Request;
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
$this->assertTrue($request->isJsonApiCall(), 'is JSON API call');
$this->assertEquals($id, $request->getParam('pasteid'));
$this->assertEquals('read', $request->getOperation());
}
@ -142,12 +142,25 @@ class RequestTest extends PHPUnit_Framework_TestCase
file_put_contents($file, '{"deletetoken":"bar"}');
Request::setInputStream($file);
$request = new Request;
$this->assertTrue($request->isJsonApiCall(), 'is JSON Api call');
$this->assertTrue($request->isJsonApiCall(), 'is JSON API call');
$this->assertEquals('delete', $request->getOperation());
$this->assertEquals($id, $request->getParam('pasteid'));
$this->assertEquals('bar', $request->getParam('deletetoken'));
}
public function testPostGarbage()
{
$this->reset();
$_SERVER['REQUEST_METHOD'] = 'POST';
$file = tempnam(sys_get_temp_dir(), 'FOO');
file_put_contents($file, random_bytes(256));
Request::setInputStream($file);
$request = new Request;
unlink($file);
$this->assertFalse($request->isJsonApiCall(), 'is HTML call');
$this->assertEquals('create', $request->getOperation());
}
public function testReadWithNegotiation()
{
$this->reset();