Skip to content

Commit

Permalink
Verify Path params that fall into the string bucket are supplied (O…
Browse files Browse the repository at this point in the history
  • Loading branch information
icubbon authored and Javier Puerto committed Nov 14, 2023
1 parent c4e11a8 commit 8904027
Show file tree
Hide file tree
Showing 7 changed files with 52 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,10 @@ func (c *{{classname}}Controller) {{nickname}}(w http.ResponseWriter, r *http.Re
{{^isDateTime}}
{{^isEnumOrRef}}
{{paramName}}Param := {{#routers}}{{#mux}}params["{{baseName}}"]{{/mux}}{{#chi}}chi.URLParam(r, "{{baseName}}"){{/chi}}{{/routers}}
if {{paramName}}Param == "" {
c.errorHandler(w, r, &RequiredError{"{{baseName}}"}, nil)
return
}
{{/isEnumOrRef}}
{{#isEnumOrRef}}
{{paramName}}Param, err := New{{dataType}}FromValue({{#routers}}{{#mux}}params["{{baseName}}"]{{/mux}}{{#chi}}chi.URLParam(r, "{{baseName}}"){{/chi}}{{/routers}})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,10 @@ func (c *StoreAPIController) Routes() Routes {
// DeleteOrder - Delete purchase order by ID
func (c *StoreAPIController) DeleteOrder(w http.ResponseWriter, r *http.Request) {
orderIdParam := chi.URLParam(r, "orderId")
if orderIdParam == "" {
c.errorHandler(w, r, &RequiredError{"orderId"}, nil)
return
}
result, err := c.service.DeleteOrder(r.Context(), orderIdParam)
// If an error occurred, encode the error with the status code
if err != nil {
Expand Down
12 changes: 12 additions & 0 deletions samples/openapi3/server/petstore/go/go-petstore/go/api_user.go
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,10 @@ func (c *UserAPIController) CreateUsersWithListInput(w http.ResponseWriter, r *h
func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) {
query := r.URL.Query()
usernameParam := chi.URLParam(r, "username")
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
booleanTestParam, err := parseBoolParameter(
query.Get("boolean_test"),
WithParse[bool](parseBool),
Expand All @@ -195,6 +199,10 @@ func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) {
// GetUserByName - Get user by user name
func (c *UserAPIController) GetUserByName(w http.ResponseWriter, r *http.Request) {
usernameParam := chi.URLParam(r, "username")
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
result, err := c.service.GetUserByName(r.Context(), usernameParam)
// If an error occurred, encode the error with the status code
if err != nil {
Expand Down Expand Up @@ -275,6 +283,10 @@ func (c *UserAPIController) LogoutUser(w http.ResponseWriter, r *http.Request) {
// UpdateUser - Updated user
func (c *UserAPIController) UpdateUser(w http.ResponseWriter, r *http.Request) {
usernameParam := chi.URLParam(r, "username")
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
userParam := User{}
d := json.NewDecoder(r.Body)
d.DisallowUnknownFields()
Expand Down
4 changes: 4 additions & 0 deletions samples/server/petstore/go-api-server/go/api_store.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,10 @@ func (c *StoreAPIController) Routes() Routes {
func (c *StoreAPIController) DeleteOrder(w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
orderIdParam := params["orderId"]
if orderIdParam == "" {
c.errorHandler(w, r, &RequiredError{"orderId"}, nil)
return
}
result, err := c.service.DeleteOrder(r.Context(), orderIdParam)
// If an error occurred, encode the error with the status code
if err != nil {
Expand Down
12 changes: 12 additions & 0 deletions samples/server/petstore/go-api-server/go/api_user.go
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,10 @@ func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
query := r.URL.Query()
usernameParam := params["username"]
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
booleanTestParam, err := parseBoolParameter(
query.Get("boolean_test"),
WithParse[bool](parseBool),
Expand All @@ -197,6 +201,10 @@ func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) {
func (c *UserAPIController) GetUserByName(w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
usernameParam := params["username"]
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
result, err := c.service.GetUserByName(r.Context(), usernameParam)
// If an error occurred, encode the error with the status code
if err != nil {
Expand Down Expand Up @@ -246,6 +254,10 @@ func (c *UserAPIController) LogoutUser(w http.ResponseWriter, r *http.Request) {
func (c *UserAPIController) UpdateUser(w http.ResponseWriter, r *http.Request) {
params := mux.Vars(r)
usernameParam := params["username"]
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
userParam := User{}
d := json.NewDecoder(r.Body)
d.DisallowUnknownFields()
Expand Down
4 changes: 4 additions & 0 deletions samples/server/petstore/go-chi-server/go/api_store.go
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,10 @@ func (c *StoreAPIController) Routes() Routes {
// DeleteOrder - Delete purchase order by ID
func (c *StoreAPIController) DeleteOrder(w http.ResponseWriter, r *http.Request) {
orderIdParam := chi.URLParam(r, "orderId")
if orderIdParam == "" {
c.errorHandler(w, r, &RequiredError{"orderId"}, nil)
return
}
result, err := c.service.DeleteOrder(r.Context(), orderIdParam)
// If an error occurred, encode the error with the status code
if err != nil {
Expand Down
12 changes: 12 additions & 0 deletions samples/server/petstore/go-chi-server/go/api_user.go
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,10 @@ func (c *UserAPIController) CreateUsersWithListInput(w http.ResponseWriter, r *h
func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) {
query := r.URL.Query()
usernameParam := chi.URLParam(r, "username")
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
booleanTestParam, err := parseBoolParameter(
query.Get("boolean_test"),
WithParse[bool](parseBool),
Expand All @@ -195,6 +199,10 @@ func (c *UserAPIController) DeleteUser(w http.ResponseWriter, r *http.Request) {
// GetUserByName - Get user by user name
func (c *UserAPIController) GetUserByName(w http.ResponseWriter, r *http.Request) {
usernameParam := chi.URLParam(r, "username")
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
result, err := c.service.GetUserByName(r.Context(), usernameParam)
// If an error occurred, encode the error with the status code
if err != nil {
Expand Down Expand Up @@ -243,6 +251,10 @@ func (c *UserAPIController) LogoutUser(w http.ResponseWriter, r *http.Request) {
// UpdateUser - Updated user
func (c *UserAPIController) UpdateUser(w http.ResponseWriter, r *http.Request) {
usernameParam := chi.URLParam(r, "username")
if usernameParam == "" {
c.errorHandler(w, r, &RequiredError{"username"}, nil)
return
}
userParam := User{}
d := json.NewDecoder(r.Body)
d.DisallowUnknownFields()
Expand Down

0 comments on commit 8904027

Please sign in to comment.