summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorDavid Lawrence <dkl@mozilla.com>2014-04-04 19:31:48 +0200
committerDavid Lawrence <dkl@mozilla.com>2014-04-04 19:31:48 +0200
commit818b908a18de4862f060c64ad12f779ac8480f01 (patch)
treed5fc89dcdeb5c5faa315d51cae5b967347e27430 /extensions
parent0ac842d2f0b996a9bcf4524fdc02b4237281a891 (diff)
downloadbugzilla-818b908a18de4862f060c64ad12f779ac8480f01.tar.gz
bugzilla-818b908a18de4862f060c64ad12f779ac8480f01.tar.xz
Bug 987521 - flag activity api needs to prohibit requests which return the entire table
r=glob
Diffstat (limited to 'extensions')
-rw-r--r--extensions/Review/lib/WebService.pm5
-rw-r--r--extensions/Review/template/en/default/hook/global/user-error-errors.html.tmpl4
2 files changed, 9 insertions, 0 deletions
diff --git a/extensions/Review/lib/WebService.pm b/extensions/Review/lib/WebService.pm
index c39cadd2c..f5530dd49 100644
--- a/extensions/Review/lib/WebService.pm
+++ b/extensions/Review/lib/WebService.pm
@@ -112,6 +112,11 @@ sub flag_activity {
$match_criteria{LIMIT} = $limit;
$match_criteria{OFFSET} = $offset if defined $offset;
+ # Throw error if no other parameters have been passed other than limit and offset
+ if (!grep(!/^(LIMIT|OFFSET)$/, keys %match_criteria)) {
+ ThrowUserError('flag_activity_parameters_required');
+ }
+
my $matches = Bugzilla::Extension::Review::FlagStateActivity->match(\%match_criteria);
my @results = map { $self->_flag_state_activity_to_hash($_, $params) } @$matches;
return \@results;
diff --git a/extensions/Review/template/en/default/hook/global/user-error-errors.html.tmpl b/extensions/Review/template/en/default/hook/global/user-error-errors.html.tmpl
index 788852aa8..ca143cca3 100644
--- a/extensions/Review/template/en/default/hook/global/user-error-errors.html.tmpl
+++ b/extensions/Review/template/en/default/hook/global/user-error-errors.html.tmpl
@@ -19,4 +19,8 @@
[% title = "Invalid Flag Type ID" %]
The flag type id [% type_id FILTER html %] is invalid.
+[% ELSIF error == "flag_activity_parameters_required" %]
+ [% title = "Parameters Required" %]
+ You may not search flag state activity without any search terms.
+
[% END %]