dschick/git_brcal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

shipcall, ship, times and user verify the validity of JSON data when receiving POST/PUT requests.

Browse Source
This commit is contained in:
Max Metz 2024-08-14 15:49:28 +02:00
parent e488501837
commit b60874cbb0
5 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/server/BreCal/api/__init__.py
View File

@ -0,0 +1,15 @@
import json
import logging
from flask import request
def verify_if_request_is_json(request):
"""
when a request contains invalid JSON data, this function raises a 400 error (bad request) and returns an error description.
this function avoids less precise 500 Internal Server Error messages.
"""
if request.is_json:
# when invalid json data is posted, a JSONDecodeError will be raised
json.loads(request.data)
return

5
src/server/BreCal/api/shipcalls.py
View File

@ -7,6 +7,7 @@ from ..services.auth_guard import auth_guard, check_jwt
from BreCal.validators.input_validation import validate_posted_shipcall_data, check_if_user_is_bsmd_type from BreCal.validators.input_validation import validate_posted_shipcall_data, check_if_user_is_bsmd_type
from BreCal.validators.input_validation_shipcall import InputValidationShipcall from BreCal.validators.input_validation_shipcall import InputValidationShipcall
from BreCal.database.sql_handler import execute_sql_query_standalone from BreCal.database.sql_handler import execute_sql_query_standalone
from . import verify_if_request_is_json
import logging import logging
import json import json
@ -43,6 +44,8 @@ def GetShipcalls():
def PostShipcalls(): def PostShipcalls():
try: try:
verify_if_request_is_json(request)
content = request.get_json(force=True) content = request.get_json(force=True)
loadedModel = model.ShipcallSchema().load(data=content, many=False, partial=True) loadedModel = model.ShipcallSchema().load(data=content, many=False, partial=True)
@ -71,6 +74,8 @@ def PostShipcalls():
def PutShipcalls(): def PutShipcalls():
try: try:
verify_if_request_is_json(request)
content = request.get_json(force=True) content = request.get_json(force=True)
loadedModel = model.ShipcallSchema().load(data=content, many=False, partial=True) loadedModel = model.ShipcallSchema().load(data=content, many=False, partial=True)

7
src/server/BreCal/api/ships.py
View File

@ -5,6 +5,7 @@ from marshmallow import EXCLUDE, ValidationError
from ..schemas import model from ..schemas import model
import json import json
import logging import logging
from . import verify_if_request_is_json
from BreCal.validators.input_validation import check_if_user_is_bsmd_type from BreCal.validators.input_validation import check_if_user_is_bsmd_type
from BreCal.validators.input_validation_ship import InputValidationShip from BreCal.validators.input_validation_ship import InputValidationShip
@ -27,6 +28,8 @@ def GetShips():
def PostShip(): def PostShip():
try: try:
verify_if_request_is_json(request)
# read the user data from the JWT token (set when login is performed) # read the user data from the JWT token (set when login is performed)
user_data = check_jwt() user_data = check_jwt()
@ -55,6 +58,8 @@ def PostShip():
def PutShip(): def PutShip():
try: try:
verify_if_request_is_json(request)
# read the user data from the JWT token (set when login is performed) # read the user data from the JWT token (set when login is performed)
user_data = check_jwt() user_data = check_jwt()
@ -77,6 +82,8 @@ def PutShip():
def DeleteShip(): def DeleteShip():
try: try:
verify_if_request_is_json(request)
# read the user data from the JWT token (set when login is performed) # read the user data from the JWT token (set when login is performed)
user_data = check_jwt() user_data = check_jwt()
ship_id = request.args.get("id") ship_id = request.args.get("id")

5
src/server/BreCal/api/times.py
View File

@ -6,6 +6,7 @@ import json
import logging import logging
from marshmallow import ValidationError from marshmallow import ValidationError
from BreCal.validators.input_validation_times import InputValidationTimes from BreCal.validators.input_validation_times import InputValidationTimes
from . import verify_if_request_is_json
bp = Blueprint('times', __name__) bp = Blueprint('times', __name__)
@ -25,6 +26,8 @@ def GetTimes():
def PostTimes(): def PostTimes():
try: try:
verify_if_request_is_json(request)
# print (request.is_json) # print (request.is_json)
content = request.get_json(force=True) # force gets us json even if the content-type was wrong content = request.get_json(force=True) # force gets us json even if the content-type was wrong
@ -56,6 +59,8 @@ def PostTimes():
def PutTimes(): def PutTimes():
try: try:
verify_if_request_is_json(request)
content = request.get_json(force=True) content = request.get_json(force=True)
loadedModel = model.TimesSchema().load(data=content, many=False, partial=True) loadedModel = model.TimesSchema().load(data=content, many=False, partial=True)

3
src/server/BreCal/api/user.py
View File

@ -5,6 +5,7 @@ from ..services.auth_guard import auth_guard
import json import json
import logging import logging
from marshmallow import ValidationError from marshmallow import ValidationError
from . import verify_if_request_is_json
bp = Blueprint('user', __name__) bp = Blueprint('user', __name__)
@ -13,6 +14,8 @@ bp = Blueprint('user', __name__)
def PutUser(): def PutUser():
try: try:
verify_if_request_is_json(request)
content = request.get_json(force=True) content = request.get_json(force=True)
loadedModel = model.UserSchema().load(data=content, many=False, partial=True) loadedModel = model.UserSchema().load(data=content, many=False, partial=True)