diff options
-rw-r--r-- | Bugzilla/API/1_0/Constants.pm | 2 | ||||
-rw-r--r-- | Bugzilla/API/1_0/Resource/Bug.pm | 4 | ||||
-rw-r--r-- | Bugzilla/API/1_0/Util.pm | 12 | ||||
-rw-r--r-- | Bugzilla/WebService/Bug.pm | 4 | ||||
-rw-r--r-- | Bugzilla/WebService/Constants.pm | 2 | ||||
-rw-r--r-- | Bugzilla/WebService/Util.pm | 14 | ||||
-rw-r--r-- | template/en/default/global/code-error.html.tmpl | 8 |
7 files changed, 39 insertions, 7 deletions
diff --git a/Bugzilla/API/1_0/Constants.pm b/Bugzilla/API/1_0/Constants.pm index d372d410d..ea5183bc3 100644 --- a/Bugzilla/API/1_0/Constants.pm +++ b/Bugzilla/API/1_0/Constants.pm @@ -68,6 +68,8 @@ use constant WS_ERROR_CODE => { number_too_large => 54, number_too_small => 55, illegal_date => 56, + param_integer_required => 57, + param_scalar_array_required => 58, # Bug errors usually occupy the 100-200 range. improper_bug_id_field_value => 100, bug_id_does_not_exist => 101, diff --git a/Bugzilla/API/1_0/Resource/Bug.pm b/Bugzilla/API/1_0/Resource/Bug.pm index dcc73086f..5dc61e8d1 100644 --- a/Bugzilla/API/1_0/Resource/Bug.pm +++ b/Bugzilla/API/1_0/Resource/Bug.pm @@ -1337,6 +1337,10 @@ sub update_comment_tags { { function => 'Bug.update_comment_tags', param => 'comment_id' }); + ThrowCodeError('param_integer_required', { function => 'Bug.update_comment_tags', + param => 'comment_id' }) + unless $comment_id =~ /^\d+$/a; + my $comment = Bugzilla::Comment->new($comment_id) || return []; $comment->bug->check_is_visible(); diff --git a/Bugzilla/API/1_0/Util.pm b/Bugzilla/API/1_0/Util.pm index e2c7b1f1f..ce4487c1f 100644 --- a/Bugzilla/API/1_0/Util.pm +++ b/Bugzilla/API/1_0/Util.pm @@ -22,6 +22,7 @@ use MIME::Base64 qw(decode_base64 encode_base64); use Storable qw(dclone); use Test::Taint (); use URI::Escape qw(uri_unescape); +use List::MoreUtils qw(any none); use parent qw(Exporter); @@ -248,14 +249,19 @@ sub validate { # $params should be. return ($self, undef) if (defined $params and !ref $params); + my @id_params = qw(ids comment_ids); # If @keys is not empty then we convert any named # parameters that have scalar values to arrayrefs # that match. foreach my $key (@keys) { if (exists $params->{$key}) { - $params->{$key} = ref $params->{$key} - ? $params->{$key} - : [ $params->{$key} ]; + $params->{$key} = [ $params->{$key} ] unless ref $params->{$key}; + + if (any { $key eq $_ } @id_params) { + my $ids = $params->{$key}; + ThrowCodeError('param_scalar_array_required', { param => $key }) + unless ref($ids) eq 'ARRAY' && none { ref $_ } @$ids; + } } } diff --git a/Bugzilla/WebService/Bug.pm b/Bugzilla/WebService/Bug.pm index aaf0d10e0..a1c6b7d99 100644 --- a/Bugzilla/WebService/Bug.pm +++ b/Bugzilla/WebService/Bug.pm @@ -1214,6 +1214,10 @@ sub update_comment_tags { { function => 'Bug.update_comment_tags', param => 'comment_id' }); + ThrowCodeError('param_integer_required', { function => 'Bug.update_comment_tags', + param => 'comment_id' }) + unless $comment_id =~ /^\d+$/a; + my $comment = Bugzilla::Comment->new($comment_id) || return []; $comment->bug->check_is_visible(); diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index e5311d9e5..333166996 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -69,6 +69,8 @@ use constant WS_ERROR_CODE => { number_too_large => 54, number_too_small => 55, illegal_date => 56, + param_integer_required => 57, + param_scalar_array_required => 58, # Bug errors usually occupy the 100-200 range. improper_bug_id_field_value => 100, bug_id_does_not_exist => 101, diff --git a/Bugzilla/WebService/Util.pm b/Bugzilla/WebService/Util.pm index 752100649..d4da2f575 100644 --- a/Bugzilla/WebService/Util.pm +++ b/Bugzilla/WebService/Util.pm @@ -18,6 +18,7 @@ use Bugzilla::WebService::Constants; use Storable qw(dclone); use URI::Escape qw(uri_unescape); +use List::MoreUtils qw(any none); use parent qw(Exporter); @@ -220,15 +221,20 @@ sub validate { # sent any parameters at all, and we're getting @keys where # $params should be. return ($self, undef) if (defined $params and !ref $params); - + + my @id_params = qw(ids comment_ids); # If @keys is not empty then we convert any named # parameters that have scalar values to arrayrefs # that match. foreach my $key (@keys) { if (exists $params->{$key}) { - $params->{$key} = ref $params->{$key} - ? $params->{$key} - : [ $params->{$key} ]; + $params->{$key} = [ $params->{$key} ] unless ref $params->{$key}; + + if (any { $key eq $_ } @id_params) { + my $ids = $params->{$key}; + ThrowCodeError('param_scalar_array_required', { param => $key }) + unless ref($ids) eq 'ARRAY' && none { ref $_ } @$ids; + } } } diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl index 922ac0cbe..40abfe5c1 100644 --- a/template/en/default/global/code-error.html.tmpl +++ b/template/en/default/global/code-error.html.tmpl @@ -294,6 +294,14 @@ a <code>[% param FILTER html %]</code> argument, and that argument was not set. + [% ELSIF error == "param_integer_required" %] + The function <code>[% function FILTER html %]</code> requires + that <code>[% param FILTER html %]</code> be an integer. + + [% ELSIF error == "param_scalar_array_required" %] + The <code>[% param FILTER html %]</code> parameter must be an array of scalars + (integers and/or strings). + [% ELSIF error == "params_required" %] [% title = "Missing Parameter" %] The function <code>[% function FILTER html %]</code> requires |