1
0
Fork 0

added validation for endpoint body JSON in API admin and fixed error handling in actual API calls

Dieser Commit ist enthalten in:
Robert Barrow 2019-06-05 22:23:15 +01:00
Ursprung 06f9b4be69
Commit def5f8e669
5 geänderte Dateien mit 60 neuen und 5 gelöschten Zeilen

Datei anzeigen

@ -17,6 +17,7 @@ const wizardProperties = [
const CustomWizard = Discourse.Model.extend({ const CustomWizard = Discourse.Model.extend({
save() { save() {
return new Ember.RSVP.Promise((resolve, reject) => { return new Ember.RSVP.Promise((resolve, reject) => {
const id = this.get('id'); const id = this.get('id');
if (!id || !id.underscore()) return reject({ error: 'id_required' }); if (!id || !id.underscore()) return reject({ error: 'id_required' });
@ -127,6 +128,16 @@ const CustomWizard = Discourse.Model.extend({
error = 'id_required'; error = 'id_required';
return; return;
} }
//check if api_body is valid JSON
let api_body = a.get('api_body');
if (api_body != '') {
try {
JSON.parse(api_body);
} catch (e) {
error = 'invalid_api_body';
return;
}
}
a.set('id', id.underscore()); a.set('id', id.underscore());

Datei anzeigen

@ -59,6 +59,7 @@ en:
name_required: "Wizards must have a name." name_required: "Wizards must have a name."
steps_required: "Wizards must have at least one step." steps_required: "Wizards must have at least one step."
id_required: "All wizards, steps, fields and actions need an id." id_required: "All wizards, steps, fields and actions need an id."
invalid_api_body: "Request body JSON needs to be a valid JSON."
type_required: "All fields need a type." type_required: "All fields need a type."
after_time_need_time: "After time is enabled but no time is set." after_time_need_time: "After time is enabled but no time is set."
after_time_invalid: "After time is invalid." after_time_invalid: "After time is invalid."

Datei anzeigen

@ -85,8 +85,11 @@ class CustomWizard::Api::Endpoint
params[:body] = body params[:body] = body
end end
begin
response = connection.request(params) response = connection.request(params)
return JSON.parse(response.body)
JSON.parse(response.body) rescue
return JSON.parse "[{\"error\":\"API request failed\"}]"
end
end end
end end

Datei anzeigen

@ -408,8 +408,8 @@ class CustomWizard::Builder
result = CustomWizard::Api::Endpoint.request(action['api'], action['api_endpoint'], api_body) result = CustomWizard::Api::Endpoint.request(action['api'], action['api_endpoint'], api_body)
if result['error'] if result[0].has_key? 'error'
updater.errors.add(:send_message, result['error']) updater.errors.add(:send_message, result[0]['error'])
else else
## add validation callback ## add validation callback
end end

40
lib/test_harness.rb Normale Datei
Datei anzeigen

@ -0,0 +1,40 @@
require 'excon'
# require 'httplog'
class CustomWizard::APITestHarness
def self.basic
CustomWizard::Authorization.set_authentication_protocol("chargify", "basic_authentication")
CustomWizard::Authorization.set_username("chargify", "W2iA5khmmRso3oySy1KUeJP17ilUuN6OZkgT8PPwk")
CustomWizard::Authorization.set_password("chargify", "X")
authentication_string = CustomWizard::Authorization.get_header_authorization_string("chargify")
puts 'authentication string is ' + authentication_string
response = Excon.get(
"https://merefield-technology.chargify.com/subscriptions.json",
:headers => {
"Authorization" => "#{authentication_string}"
}
)
JSON.parse(response.body)
end
def self.oauth_two
CustomWizard::Authorization.set_authentication_protocol("google", "OAuth2_authentication")
CustomWizard::Authorization.set_client_id("chargify", "W2iA5khmmRso3oySy1KUeJP17ilUuN6OZkgT8PPwk")
CustomWizard::Authorization.set_client_secret("chargify", "X")
puts curl
authentication_string = CustomWizard::Authorization.get_header_authorization_string("chargify")
puts 'authentication string is ' + authentication_string
response = Excon.get(
"https://merefield-technology.chargify.com/subscriptions.json",
:headers => {
"Authorization" => "#{authentication_string}"
}
)
JSON.parse(response.body)
end
end