aboutsummaryrefslogtreecommitdiff
path: root/packages/server/src/routes
diff options
context:
space:
mode:
authorHampusM <hampus@hampusmat.com>2021-08-15 15:29:53 +0200
committerHampusM <hampus@hampusmat.com>2021-08-15 15:29:53 +0200
commitdfd299d4697a629f09ef20fc05c6d9e474bd5475 (patch)
tree5b47b64afc379101187acec7c0f95baf7b1dba04 /packages/server/src/routes
parent9736749a779661a95211a91200617a03a1b9a702 (diff)
Improved route parameter validation
Diffstat (limited to 'packages/server/src/routes')
-rw-r--r--packages/server/src/routes/api/v1/index.ts9
-rw-r--r--packages/server/src/routes/api/v1/repo/branches.ts5
-rw-r--r--packages/server/src/routes/api/v1/repo/index.ts10
-rw-r--r--packages/server/src/routes/api/v1/repo/log.ts7
-rw-r--r--packages/server/src/routes/repo.ts5
5 files changed, 28 insertions, 8 deletions
diff --git a/packages/server/src/routes/api/v1/index.ts b/packages/server/src/routes/api/v1/index.ts
index fb9cd8a..4b63435 100644
--- a/packages/server/src/routes/api/v1/index.ts
+++ b/packages/server/src/routes/api/v1/index.ts
@@ -8,13 +8,13 @@ import { ServerError } from "../../../git/error";
function setHandlers(fastify: FastifyInstance): void {
fastify.setErrorHandler((err, req, reply) => {
- console.log(err);
-
if(err.validation) {
reply.code(400).send({ error: `${err.validation[0].dataPath} ${err.validation[0].message}` });
return;
}
+ console.log(err);
+
reply.code(500).send({ error: "Internal server error!" });
});
fastify.setNotFoundHandler((req, reply) => {
@@ -49,6 +49,11 @@ function reposEndpoints(fastify: FastifyInstance, opts: FastifyPluginOptions, do
fastify.route<Route>({
method: "GET",
url: "/repos/:repo",
+ schema: {
+ params: {
+ repo: { type: "string" }
+ }
+ },
handler: async(req, reply) => {
if(!verifyRepoName(req.params.repo)) {
reply.code(400).send({ error: "Bad request" });
diff --git a/packages/server/src/routes/api/v1/repo/branches.ts b/packages/server/src/routes/api/v1/repo/branches.ts
index c36463d..99f0327 100644
--- a/packages/server/src/routes/api/v1/repo/branches.ts
+++ b/packages/server/src/routes/api/v1/repo/branches.ts
@@ -24,6 +24,11 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do
fastify.route<Route>({
method: "GET",
url: "/branches/:branch",
+ schema: {
+ params: {
+ branch: { type: "string" }
+ }
+ },
handler: async(req, reply) => {
const branch = await Branch.lookup(req.repository, req.params.branch);
diff --git a/packages/server/src/routes/api/v1/repo/index.ts b/packages/server/src/routes/api/v1/repo/index.ts
index 059a9d4..4cd6c51 100644
--- a/packages/server/src/routes/api/v1/repo/index.ts
+++ b/packages/server/src/routes/api/v1/repo/index.ts
@@ -103,6 +103,11 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do
fastify.route<Route>({
method: "GET",
url: "/tree/history",
+ schema: {
+ querystring: {
+ path: { type: "string" }
+ }
+ },
handler: async(req, reply) => {
const tree = await req.repository.tree().catch((err: ServerError) => err);
@@ -111,11 +116,6 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do
return;
}
- if(Object.keys(req.query).length === 0) {
- reply.code(400).send({ error: "Missing query parameter 'path'!" });
- return;
- }
-
const tree_path = req.query.path;
const tree_entry = await tree.find(tree_path).catch((err: ServerError) => err);
diff --git a/packages/server/src/routes/api/v1/repo/log.ts b/packages/server/src/routes/api/v1/repo/log.ts
index edca0b3..163cf80 100644
--- a/packages/server/src/routes/api/v1/repo/log.ts
+++ b/packages/server/src/routes/api/v1/repo/log.ts
@@ -23,7 +23,7 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do
url: "/log",
schema: {
querystring: {
- count: { type: "number" }
+ count: { type: "number", minimum: 1 }
}
},
handler: async(req, reply) => {
@@ -38,6 +38,11 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do
fastify.route<Route>({
method: "GET",
url: "/log/:commit",
+ schema: {
+ params: {
+ commit: { type: "string" }
+ }
+ },
handler: async(req, reply) => {
const commit_verification = await verifySHA(req.repository, req.params.commit);
if(commit_verification.success === false && commit_verification.code) {
diff --git a/packages/server/src/routes/repo.ts b/packages/server/src/routes/repo.ts
index 32ac9c4..bb70c68 100644
--- a/packages/server/src/routes/repo.ts
+++ b/packages/server/src/routes/repo.ts
@@ -61,6 +61,11 @@ export default function(fastify: FastifyInstance, opts: FastifyPluginOptions, do
fastify.route<Route>({
method: "GET",
url: "/refs/tags/:tag",
+ schema: {
+ params: {
+ tag: { type: "string" }
+ }
+ },
handler: async(req, reply) => {
const repository = await Repository.open(opts.config.settings.git_dir, req.params.repo).catch((err: ServerError) => err);