Clientbase
/
json-api-server
mirror of https://github.com/basemaster/json-api-server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Validate implementation-specific query parameters according to specification

This commit is contained in:
Toby Zerner 2021-08-30 15:14:59 +10:00
parent d91bc79f49
commit 7405e07b93
2 changed files with 32 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/JsonApi.php
View File

@ -115,6 +115,8 @@ final class JsonApi implements RequestHandlerInterface
{ {
// $this->validateRequest($request); // $this->validateRequest($request);
$this->validateQueryParameters($request);
$context = new Context($this, $request); $context = new Context($this, $request);
foreach ($this->extensions as $extension) { foreach ($this->extensions as $extension) {
@ -151,6 +153,18 @@ final class JsonApi implements RequestHandlerInterface
throw new BadRequestException(); throw new BadRequestException();
} }
private function validateQueryParameters(Request $request): void
{
foreach ($request->getQueryParams() as $key => $value) {
if (
! preg_match('/[^a-z]/', $key)
&& ! in_array($key, ['include', 'fields', 'filter', 'page', 'sort'])
) {
throw (new BadRequestException('Invalid query parameter: '.$key))->setSourceParameter($key);
}
}
}
private function validateRequest(Request $request): void private function validateRequest(Request $request): void
{ {
// TODO // TODO

26
tests/specification/QueryParametersTest.php
View File

@ -11,6 +11,7 @@
namespace Tobyz\Tests\JsonApiServer\specification; namespace Tobyz\Tests\JsonApiServer\specification;
use Tobyz\JsonApiServer\Exception\BadRequestException;
use Tobyz\JsonApiServer\JsonApi; use Tobyz\JsonApiServer\JsonApi;
use Tobyz\Tests\JsonApiServer\AbstractTestCase; use Tobyz\Tests\JsonApiServer\AbstractTestCase;
use Tobyz\Tests\JsonApiServer\MockAdapter; use Tobyz\Tests\JsonApiServer\MockAdapter;
@ -25,20 +26,29 @@ class QueryParametersTest extends AbstractTestCase
*/ */
private $api; private $api;
/**
* @var MockAdapter
*/
private $adapter;
public function setUp(): void public function setUp(): void
{ {
$this->api = new JsonApi('http://example.com'); $this->api = new JsonApi('http://example.com');
$this->api->resourceType('users', new MockAdapter());
$this->adapter = new MockAdapter();
} }
public function test_bad_request_error_if_unknown_query_parameters() public function test_bad_request_error_if_unknown_query_parameters()
{ {
$this->markTestIncomplete(); $request = $this->buildRequest('GET', '/users/1')
->withQueryParams(['unknown' => 'value']);
$this->expectException(BadRequestException::class);
$this->api->handle($request);
}
public function test_supports_custom_query_parameters()
{
$request = $this->buildRequest('GET', '/users/1')
->withQueryParams(['camelCase' => 'value']);
$response = $this->api->handle($request);
$this->assertEquals(200, $response->getStatusCode());
} }
} }