Commit f1c66dc0 authored by Daniele Venzano's avatar Daniele Venzano 🏇

Cast parameters to integer in rest API

parent d05da9cb
Pipeline #11155 passed with stages
in 2 minutes and 11 seconds
......@@ -27,6 +27,11 @@ class DiscoveryAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
execution_id = int(execution_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
self.api_endpoint.execution_by_id(self.current_user, execution_id)
if service_group != 'all':
......
......@@ -29,6 +29,11 @@ class ExecutionAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
execution_id = int(execution_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
e = self.api_endpoint.execution_by_id(self.current_user, execution_id)
except ZoeException as e:
......@@ -46,6 +51,11 @@ class ExecutionAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
execution_id = int(execution_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
self.api_endpoint.execution_terminate(self.current_user, execution_id, 'user {} request from API'.format(self.current_user))
except ZoeException as e:
......@@ -66,6 +76,11 @@ class ExecutionDeleteAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
execution_id = int(execution_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
self.api_endpoint.execution_delete(self.current_user, execution_id)
except ZoeException as e:
......@@ -172,6 +187,11 @@ class ExecutionEndpointsAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
execution_id = int(execution_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
execution = self.api_endpoint.execution_by_id(self.current_user, execution_id)
services_, endpoints = self.api_endpoint.execution_endpoints(self.current_user, execution)
......
......@@ -29,6 +29,11 @@ class QuotaAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
quota_id = int(quota_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
quota = self.api_endpoint.quota_by_id(quota_id)
except ZoeException as e:
......@@ -46,6 +51,11 @@ class QuotaAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
quota_id = int(quota_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
data = tornado.escape.json_decode(self.request.body)
except ValueError:
......@@ -68,6 +78,11 @@ class QuotaAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
quota_id = int(quota_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
self.api_endpoint.quota_delete(self.current_user, quota_id)
except ZoeException as e:
......
......@@ -29,6 +29,11 @@ class RoleAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
role_id = int(role_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
role = self.api_endpoint.role_by_id(role_id)
except ZoeException as e:
......@@ -46,6 +51,11 @@ class RoleAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
role_id = int(role_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
data = tornado.escape.json_decode(self.request.body)
except ValueError:
......@@ -68,6 +78,11 @@ class RoleAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
role_id = int(role_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
self.api_endpoint.role_delete(self.current_user, role_id)
except ZoeException as e:
......
......@@ -37,6 +37,11 @@ class ServiceAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
service_id = int(service_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
service = self.api_endpoint.service_by_id(self.current_user, service_id)
except ZoeException as e:
......@@ -69,6 +74,11 @@ class ServiceLogsAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
service_id = int(service_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
log_obj = self.api_endpoint.service_logs(self.current_user, service_id)
except ZoeException as e:
......
......@@ -39,6 +39,11 @@ class UserAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
user_id = int(user_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
if user_id == self.current_user.id:
ret = {
'user': self.current_user.serialize()
......@@ -60,6 +65,11 @@ class UserAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
user_id = int(user_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
data = tornado.escape.json_decode(self.request.body)
except ValueError:
......@@ -82,6 +92,11 @@ class UserAPI(ZoeAPIRequestHandler):
if self.current_user is None:
return
try:
user_id = int(user_id)
except ValueError:
self.set_status(400, "Parameter must be an integer")
try:
self.api_endpoint.user_delete(self.current_user, user_id)
except ZoeException as e:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment