diff options
author | David Lawrence <dkl@mozilla.com> | 2015-12-22 21:57:02 +0100 |
---|---|---|
committer | David Lawrence <dkl@mozilla.com> | 2015-12-22 21:57:02 +0100 |
commit | c94abb0445d015c1bffcd7207eac6fd9a3a8371b (patch) | |
tree | 6ad96bda176859c9347a36940287b4b6c4fd3599 | |
parent | 34f8910f2b22ada382d191052f70a7427c88f95a (diff) | |
download | bugzilla-c94abb0445d015c1bffcd7207eac6fd9a3a8371b.tar.gz bugzilla-c94abb0445d015c1bffcd7207eac6fd9a3a8371b.tar.xz |
Revert "Bug 1230932 - Providing a condition as an ID to the webservice results in a taint error"
This reverts commit eb1357fe03bb47cdd479cf533022e11dd6bd22e0.
-rw-r--r-- | Bugzilla/API/1_0/Constants.pm | 2 | ||||
-rw-r--r-- | Bugzilla/API/1_0/Util.pm | 23 | ||||
-rw-r--r-- | Bugzilla/WebService/Bug.pm | 4 | ||||
-rw-r--r-- | Bugzilla/WebService/Constants.pm | 2 | ||||
-rw-r--r-- | Bugzilla/WebService/Util.pm | 10 | ||||
-rw-r--r-- | template/en/default/global/code-error.html.tmpl | 7 |
6 files changed, 23 insertions, 25 deletions
diff --git a/Bugzilla/API/1_0/Constants.pm b/Bugzilla/API/1_0/Constants.pm index f90b31177..44e20124a 100644 --- a/Bugzilla/API/1_0/Constants.pm +++ b/Bugzilla/API/1_0/Constants.pm @@ -68,8 +68,6 @@ use constant WS_ERROR_CODE => { number_too_large => 54, number_too_small => 55, illegal_date => 56, - param_integer_required => 57, - param_integer_array_required => 58, # Bug errors usually occupy the 100-200 range. improper_bug_id_field_value => 100, bug_id_does_not_exist => 101, diff --git a/Bugzilla/API/1_0/Util.pm b/Bugzilla/API/1_0/Util.pm index 3fcf28cdf..d22935f6e 100644 --- a/Bugzilla/API/1_0/Util.pm +++ b/Bugzilla/API/1_0/Util.pm @@ -22,7 +22,6 @@ use MIME::Base64 qw(decode_base64 encode_base64); use Storable qw(dclone); use Test::Taint (); use URI::Escape qw(uri_unescape); -use Bugzilla::WebService::Util qw(validate); use parent qw(Exporter); @@ -242,6 +241,28 @@ sub api_include_exclude { return $params; } +sub validate { + my ($self, $params, @keys) = @_; + + # If $params is defined but not a reference, then we weren't + # sent any parameters at all, and we're getting @keys where + # $params should be. + return ($self, undef) if (defined $params and !ref $params); + + # If @keys is not empty then we convert any named + # parameters that have scalar values to arrayrefs + # that match. + foreach my $key (@keys) { + if (exists $params->{$key}) { + $params->{$key} = ref $params->{$key} + ? $params->{$key} + : [ $params->{$key} ]; + } + } + + return ($self, $params); +} + sub translate { my ($params, $mapped) = @_; my %changes; diff --git a/Bugzilla/WebService/Bug.pm b/Bugzilla/WebService/Bug.pm index 75a0aab0e..84f209347 100644 --- a/Bugzilla/WebService/Bug.pm +++ b/Bugzilla/WebService/Bug.pm @@ -1200,10 +1200,6 @@ sub update_comment_tags { { function => 'Bug.update_comment_tags', param => 'comment_id' }); - ThrowCodeError("param_integer_required", { function => 'Bug.update_comment_tags', - param => 'comment_id' }) - unless $comment_id =~ /^[0-9]+$/; - my $comment = Bugzilla::Comment->new($comment_id) || return []; $comment->bug->check_is_visible(); diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index 8c9bcb37f..42aa600ee 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -69,8 +69,6 @@ use constant WS_ERROR_CODE => { number_too_large => 54, number_too_small => 55, illegal_date => 56, - param_integer_required => 57, - param_integer_array_required => 58, # Bug errors usually occupy the 100-200 range. improper_bug_id_field_value => 100, bug_id_does_not_exist => 101, diff --git a/Bugzilla/WebService/Util.pm b/Bugzilla/WebService/Util.pm index 503246c16..cbbc47921 100644 --- a/Bugzilla/WebService/Util.pm +++ b/Bugzilla/WebService/Util.pm @@ -18,7 +18,6 @@ use Bugzilla::WebService::Constants; use Storable qw(dclone); use URI::Escape qw(uri_unescape); -use List::MoreUtils qw(all any); use parent qw(Exporter); @@ -222,8 +221,7 @@ sub validate { # sent any parameters at all, and we're getting @keys where # $params should be. return ($self, undef) if (defined $params and !ref $params); - - my @id_params = qw( ids comment_ids ); + # If @keys is not empty then we convert any named # parameters that have scalar values to arrayrefs # that match. @@ -232,12 +230,6 @@ sub validate { $params->{$key} = ref $params->{$key} ? $params->{$key} : [ $params->{$key} ]; - - if (any { $key eq $_ } @id_params) { - my $ids = $params->{$key}; - ThrowCodeError('param_integer_array_required', { param => $key }) - unless ref($ids) eq 'ARRAY' && all { /^[0-9]+$/ } @$ids; - } } } diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl index f268833b0..a242c7471 100644 --- a/template/en/default/global/code-error.html.tmpl +++ b/template/en/default/global/code-error.html.tmpl @@ -294,13 +294,6 @@ a <code>[% param FILTER html %]</code> argument, and that argument was not set. - [% ELSIF error == "param_integer_required" %] - The function <code>[% function FILTER html %]</code> requires - that <code>[% param FILTER html %]</code> be an integer. - - [% ELSIF error == "param_integer_array_required" %] - The <code>[% param FILTER html %]</code> parameter must be an array of integers. - [% ELSIF error == "params_required" %] [% title = "Missing Parameter" %] The function <code>[% function FILTER html %]</code> requires |