This is an automated email from the ASF dual-hosted git repository.
zrhoffman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 096b2e2cdc Improve PUT /deliveryservice_request_comments id (#8071)
096b2e2cdc is described below
commit 096b2e2cdc04e957f2ca5dfee236b546bc0d5edf
Author: Zach Hoffman <[email protected]>
AuthorDate: Tue Sep 3 14:37:57 2024 -0600
Improve PUT /deliveryservice_request_comments id (#8071)
---
CHANGELOG.md | 1 +
.../deliveryservice/request/comment/comments.go | 17 +++++++++--------
2 files changed, 10 insertions(+), 8 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d060614f67..777a42c36c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -35,6 +35,7 @@ The format is based on [Keep a
Changelog](http://keepachangelog.com/en/1.0.0/).
- [#7918](https://github.com/apache/trafficcontrol/pull/7918) *Traffic Portal*
Fixed topology link under DS-Servers tables page
- [#7846](https://github.com/apache/trafficcontrol/pull/7846) *Traffic Portal*
Increase State character limit
- [#8010](https://github.com/apache/trafficcontrol/pull/8010) *Traffic Stats*
Omit NPM dev dependencies from Traffic Stats RPM
+- [#8071](https://github.com/apache/trafficcontrol/pull/8071) *Traffic Ops*
Improve validation for the `id` field of the `PUT
/deliveryservice_request_comments` endpoint.
### Removed
- [#7832](https://github.com/apache/trafficcontrol/pull/7832) *t3c* Removed
Perl dependency
diff --git
a/traffic_ops/traffic_ops_golang/deliveryservice/request/comment/comments.go
b/traffic_ops/traffic_ops_golang/deliveryservice/request/comment/comments.go
index 68a46c1c00..46cae5ae60 100644
--- a/traffic_ops/traffic_ops_golang/deliveryservice/request/comment/comments.go
+++ b/traffic_ops/traffic_ops_golang/deliveryservice/request/comment/comments.go
@@ -264,6 +264,7 @@ func Get(w http.ResponseWriter, r *http.Request) {
// Validate is used to ensure that the DeliveryServiceRequestCommentV5 struct
passed in to the function is valid.
func Validate(dsrc tc.DeliveryServiceRequestCommentV5) error {
errs := validation.Errors{
+ "id": validation.Validate(dsrc.ID,
validation.NotNil),
"deliveryServiceRequestId":
validation.Validate(dsrc.DeliveryServiceRequestID, validation.NotNil),
"value": validation.Validate(dsrc.Value,
validation.NotNil),
}
@@ -286,6 +287,13 @@ func Update(w http.ResponseWriter, r *http.Request) {
api.HandleErr(w, r, tx, http.StatusBadRequest, err, nil)
return
}
+ idParam := inf.Params["id"]
+ id, parseErr := strconv.Atoi(idParam)
+ if parseErr != nil {
+ api.HandleErr(w, r, inf.Tx.Tx, http.StatusBadRequest,
errors.New("id must be an integer"), nil)
+ return
+ }
+ deliveryServiceRequestComment.ID = id
if err := Validate(deliveryServiceRequestComment); err != nil {
api.HandleErr(w, r, tx, http.StatusBadRequest, err, nil)
@@ -293,7 +301,7 @@ func Update(w http.ResponseWriter, r *http.Request) {
}
var current tc.DeliveryServiceRequestCommentV5
- err := inf.Tx.QueryRowx(selectQuery() + `WHERE dsrc.id=` +
inf.Params["id"]).StructScan(¤t)
+ err := inf.Tx.QueryRowx(selectQuery() + `WHERE dsrc.id=` +
strconv.Itoa(deliveryServiceRequestComment.ID)).StructScan(¤t)
if err != nil {
api.HandleErr(w, r, tx, http.StatusInternalServerError, nil,
errors.New("scanning deliveryservice_request_comment: "+err.Error()))
return
@@ -305,13 +313,6 @@ func Update(w http.ResponseWriter, r *http.Request) {
return
}
deliveryServiceRequestComment.AuthorID = current.AuthorID
- idParam := inf.Params["id"]
- id, parseErr := strconv.Atoi(idParam)
- if parseErr != nil {
- api.HandleErr(w, r, inf.Tx.Tx, http.StatusBadRequest,
errors.New("id must be an integer"), nil)
- return
- }
- deliveryServiceRequestComment.ID = id
userErr, sysErr, sc := api.CheckIfUnModified(r.Header, inf.Tx, id,
"deliveryservice_request_comment")
if userErr != nil || sysErr != nil {
api.HandleErr(w, r, tx, sc, userErr, sysErr)
