extract "BaseApi::checkDefaults()" method for later usage

This commit is contained in:
Philipp 2021-11-28 13:22:27 +01:00 committed by Hypolite Petovan
parent d21108fe0e
commit f580d8e5c0
42 changed files with 86 additions and 72 deletions

View File

@ -241,6 +241,48 @@ abstract class BaseModule implements ICanHandleRequests
return $this->response->generate();
}
/**
* Checks request inputs and sets default parameters
*
* @param array $defaults Associative array of expected request keys and their default typed value. A null
* value will remove the request key from the resulting value array.
* @param array $input Custom REQUEST array, superglobal instead
*
* @return array Request data
*/
protected function checkDefaults(array $defaults, array $input): array
{
$request = [];
foreach ($defaults as $parameter => $defaultvalue) {
if (is_string($defaultvalue)) {
$request[$parameter] = $input[$parameter] ?? $defaultvalue;
} elseif (is_int($defaultvalue)) {
$request[$parameter] = (int)($input[$parameter] ?? $defaultvalue);
} elseif (is_float($defaultvalue)) {
$request[$parameter] = (float)($input[$parameter] ?? $defaultvalue);
} elseif (is_array($defaultvalue)) {
$request[$parameter] = $input[$parameter] ?? [];
} elseif (is_bool($defaultvalue)) {
$request[$parameter] = in_array(strtolower($input[$parameter] ?? ''), ['true', '1']);
} else {
$this->logger->notice('Unhandled default value type', ['parameter' => $parameter, 'type' => gettype($defaultvalue)]);
}
}
foreach ($input ?? [] as $parameter => $value) {
if ($parameter == 'pagename') {
continue;
}
if (!in_array($parameter, array_keys($defaults))) {
$this->logger->notice('Unhandled request field', ['parameter' => $parameter, 'value' => $value, 'command' => $this->args->getCommand()]);
}
}
$this->logger->debug('Got request parameters', ['request' => $request, 'command' => $this->args->getCommand()]);
return $request;
}
/*
* Functions used to protect against Cross-Site Request Forgery
* The security token has to base on at least one value that an attacker can't know - here it's the session ID and the private key.

View File

@ -45,7 +45,7 @@ class Activity extends BaseApi
self::checkAllowedScope(self::SCOPE_WRITE);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'id' => 0, // Id of the post
], $request);

View File

@ -35,7 +35,7 @@ class Setseen extends BaseApi
self::checkAllowedScope(self::SCOPE_WRITE);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'id' => 0, // Id of the direct message
], $request);

View File

@ -38,7 +38,7 @@ class Index extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'since_id' => 0,
'count' => 0,
], $request);

View File

@ -37,7 +37,7 @@ class Delete extends BaseApi
self::checkAllowedScope(self::SCOPE_WRITE);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'gid' => 0,
'name' => ''
], $request);

View File

@ -36,7 +36,7 @@ class Delete extends BaseApi
{
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'photo_id' => '', // Photo id
], $request);

View File

@ -39,7 +39,7 @@ class Delete extends BaseApi
self::checkAllowedScope(self::SCOPE_WRITE);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'album' => '', // Album name
], $request);

View File

@ -37,7 +37,7 @@ class Update extends BaseApi
self::checkAllowedScope(self::SCOPE_WRITE);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'album' => '', // Current album name
'album_new' => '', // New album name
], $request);

View File

@ -48,7 +48,7 @@ class Followers extends BaseApi
DI::mstdnError()->RecordNotFound();
}
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than this id
'since_id' => 0, // Return results newer than this id
'min_id' => 0, // Return results immediately newer than id

View File

@ -48,7 +48,7 @@ class Following extends BaseApi
DI::mstdnError()->RecordNotFound();
}
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than this id
'since_id' => 0, // Return results newer than this id
'min_id' => 0, // Return results immediately newer than id

View File

@ -41,7 +41,7 @@ class Note extends BaseApi
DI::mstdnError()->UnprocessableEntity();
}
$request = self::getRequest([
$request = $this->getRequest([
'comment' => '',
], $request);

View File

@ -39,7 +39,7 @@ class Relationships extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'id' => [],
], $request);

View File

@ -42,7 +42,7 @@ class Search extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'q' => '', // What to search for
'limit' => 40, // Maximum number of results. Defaults to 40.
'resolve' => false, // Attempt WebFinger lookup. Defaults to false. Use this when q is an exact address.

View File

@ -52,7 +52,7 @@ class Statuses extends BaseApi
DI::mstdnError()->RecordNotFound();
}
$request = self::getRequest([
$request = $this->getRequest([
'only_media' => false, // Show only statuses with media attached? Defaults to false.
'max_id' => 0, // Return results older than this id
'since_id' => 0, // Return results newer than this id

View File

@ -37,7 +37,7 @@ class Apps extends BaseApi
*/
protected function post(array $request = [], array $post = [])
{
$request = self::getRequest([
$request = $this->getRequest([
'client_name' => '',
'redirect_uris' => '',
'scopes' => 'read',

View File

@ -48,7 +48,7 @@ class Blocks extends BaseApi
DI::mstdnError()->RecordNotFound();
}
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than this id
'since_id' => 0, // Return results newer than this id
'min_id' => 0, // Return results immediately newer than id

View File

@ -41,7 +41,7 @@ class Bookmarks extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'limit' => 20, // Maximum number of results to return. Defaults to 20.
'max_id' => 0, // Return results older than id
'since_id' => 0, // Return results newer than id

View File

@ -54,7 +54,7 @@ class Conversations extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'limit' => 20, // Maximum number of results. Defaults to 20. Max 40.
'max_id' => 0, // Return results older than this ID. Use HTTP Link header to paginate.
'since_id' => 0, // Return results newer than this ID. Use HTTP Link header to paginate.

View File

@ -41,7 +41,7 @@ class Directory extends BaseApi
*/
protected function rawContent(array $request = [])
{
$request = self::getRequest([
$request = $this->getRequest([
'offset' => 0, // How many accounts to skip before returning results. Default 0.
'limit' => 40, // How many accounts to load. Default 40.
'order' => 'active', // active to sort by most recently posted statuses (default) or new to sort by most recently created profiles.

View File

@ -42,7 +42,7 @@ class Favourited extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'limit' => 20, // Maximum number of results to return. Defaults to 20.
'min_id' => 0, // Return results immediately newer than id
'max_id' => 0, // Return results older than id

View File

@ -87,7 +87,7 @@ class FollowRequests extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'min_id' => 0,
'max_id' => 0,
'limit' => 40, // Maximum number of results to return. Defaults to 40. Paginate using the HTTP Link header.

View File

@ -56,7 +56,7 @@ class Lists extends BaseApi
self::checkAllowedScope(self::SCOPE_WRITE);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'title' => '',
], $request);
@ -76,7 +76,7 @@ class Lists extends BaseApi
public function put()
{
$request = self::getRequest([
$request = $this->getRequest([
'title' => '', // The title of the list to be updated.
'replies_policy' => '', // One of: "followed", "list", or "none".
]);

View File

@ -61,7 +61,7 @@ class Accounts extends BaseApi
DI::mstdnError()->RecordNotFound();
}
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than this id
'since_id' => 0, // Return results newer than this id
'min_id' => 0, // Return results immediately newer than id

View File

@ -58,7 +58,7 @@ class Media extends BaseApi
self::checkAllowedScope(self::SCOPE_WRITE);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'file' => [], // The file to be attached, using multipart form data.
'thumbnail' => [], // The custom thumbnail of the media to be attached, using multipart form data.
'description' => '', // A plain-text description of the media, for accessibility purposes.

View File

@ -48,7 +48,7 @@ class Mutes extends BaseApi
DI::mstdnError()->RecordNotFound();
}
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than this id
'since_id' => 0, // Return results newer than this id
'min_id' => 0, // Return results immediately newer than id

View File

@ -55,7 +55,7 @@ class Notifications extends BaseApi
}
}
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than this ID
'since_id' => 0, // Return results newer than this ID
'min_id' => 0, // Return results immediately newer than this ID

View File

@ -39,7 +39,7 @@ class PushSubscription extends BaseApi
$uid = self::getCurrentUserID();
$application = self::getCurrentApplication();
$request = self::getRequest([
$request = $this->getRequest([
'subscription' => [],
'data' => [],
], $request);
@ -72,7 +72,7 @@ class PushSubscription extends BaseApi
$uid = self::getCurrentUserID();
$application = self::getCurrentApplication();
$request = self::getRequest([
$request = $this->getRequest([
'data' => [],
]);

View File

@ -71,7 +71,7 @@ class ScheduledStatuses extends BaseApi
System::jsonExit(DI::mstdnScheduledStatus()->createFromDelayedPostId($this->parameters['id'], $uid)->toArray());
}
$request = self::getRequest([
$request = $this->getRequest([
'limit' => 20, // Max number of results to return. Defaults to 20.
'max_id' => 0, // Return results older than ID
'since_id' => 0, // Return results newer than ID

View File

@ -45,7 +45,7 @@ class Search extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'account_id' => 0, // If provided, statuses returned will be authored only by this account
'max_id' => 0, // Return results older than this id
'min_id' => 0, // Return results immediately newer than this id

View File

@ -46,7 +46,7 @@ class Statuses extends BaseApi
self::checkAllowedScope(self::SCOPE_WRITE);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'status' => '', // Text content of the status. If media_ids is provided, this becomes optional. Attaching a poll is optional while status is provided.
'media_ids' => [], // Array of Attachment ids to be attached as media. If provided, status becomes optional, and poll cannot be used.
'poll' => [], // Poll data. If provided, media_ids cannot be used, and poll[expires_in] must be provided.

View File

@ -43,7 +43,7 @@ class Context extends BaseApi
DI::mstdnError()->UnprocessableEntity();
}
$request = self::getRequest([
$request = $this->getRequest([
'limit' => 40, // Maximum number of results to return. Defaults to 40.
], $request);

View File

@ -39,7 +39,7 @@ class Suggestions extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'limit' => 40, // Maximum number of results to return. Defaults to 40.
], $request);

View File

@ -40,7 +40,7 @@ class Direct extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than id
'since_id' => 0, // Return results newer than id
'min_id' => 0, // Return results immediately newer than id

View File

@ -41,7 +41,7 @@ class Home extends BaseApi
self::checkAllowedScope(self::SCOPE_READ);
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than id
'since_id' => 0, // Return results newer than id
'min_id' => 0, // Return results immediately newer than id

View File

@ -45,7 +45,7 @@ class ListTimeline extends BaseApi
DI::mstdnError()->UnprocessableEntity();
}
$request = self::getRequest([
$request = $this->getRequest([
'max_id' => 0, // Return results older than id
'since_id' => 0, // Return results newer than id
'min_id' => 0, // Return results immediately newer than id

View File

@ -43,7 +43,7 @@ class PublicTimeline extends BaseApi
{
$uid = self::getCurrentUserID();
$request = self::getRequest([
$request = $this->getRequest([
'local' => false, // Show only local statuses? Defaults to false.
'remote' => false, // Show only remote statuses? Defaults to false.
'only_media' => false, // Show only statuses with media attached? Defaults to false.

View File

@ -53,7 +53,7 @@ class Tag extends BaseApi
* There seem to be the parameters "any", "all", and "none".
*/
$request = self::getRequest([
$request = $this->getRequest([
'local' => false, // If true, return only local statuses. Defaults to false.
'remote' => false, // Show only remote statuses? Defaults to false.
'only_media' => false, // If true, return only statuses with media attachments. Defaults to false.

View File

@ -36,7 +36,7 @@ class Trends extends BaseApi
*/
protected function rawContent(array $request = [])
{
$request = self::getRequest([
$request = $this->getRequest([
'limit' => 20, // Maximum number of results to return. Defaults to 10.
], $request);

View File

@ -116,7 +116,7 @@ class BaseApi extends BaseModule
* @return array request data
* @throws \Exception
*/
public static function getRequest(array $defaults, array $request = null): array
public function getRequest(array $defaults, array $request = null): array
{
$httpinput = HTTPInputData::process();
$input = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST);
@ -126,35 +126,7 @@ class BaseApi extends BaseModule
unset(self::$request['pagename']);
$request = [];
foreach ($defaults as $parameter => $defaultvalue) {
if (is_string($defaultvalue)) {
$request[$parameter] = $input[$parameter] ?? $defaultvalue;
} elseif (is_int($defaultvalue)) {
$request[$parameter] = (int)($input[$parameter] ?? $defaultvalue);
} elseif (is_float($defaultvalue)) {
$request[$parameter] = (float)($input[$parameter] ?? $defaultvalue);
} elseif (is_array($defaultvalue)) {
$request[$parameter] = $input[$parameter] ?? [];
} elseif (is_bool($defaultvalue)) {
$request[$parameter] = in_array(strtolower($input[$parameter] ?? ''), ['true', '1']);
} else {
Logger::notice('Unhandled default value type', ['parameter' => $parameter, 'type' => gettype($defaultvalue)]);
}
}
foreach ($input ?? [] as $parameter => $value) {
if ($parameter == 'pagename') {
continue;
}
if (!in_array($parameter, array_keys($defaults))) {
Logger::notice('Unhandled request field', ['parameter' => $parameter, 'value' => $value, 'command' => DI::args()->getCommand()]);
}
}
Logger::debug('Got request parameters', ['request' => $request, 'command' => DI::args()->getCommand()]);
return $request;
return $this->checkDefaults($defaults, $input);
}
/**

View File

@ -39,7 +39,7 @@ class Authorize extends BaseApi
*/
protected function rawContent(array $request = [])
{
$request = self::getRequest([
$request = $this->getRequest([
'force_login' => '', // Forces the user to re-login, which is necessary for authorizing with multiple accounts from the same instance.
'response_type' => '', // Should be set equal to "code".
'client_id' => '', // Client ID, obtained during app registration.

View File

@ -34,7 +34,7 @@ class Revoke extends BaseApi
{
protected function post(array $request = [], array $post = [])
{
$request = self::getRequest([
$request = $this->getRequest([
'client_id' => '', // Client ID, obtained during app registration
'client_secret' => '', // Client secret, obtained during app registration
'token' => '', // The previously obtained token, to be invalidated

View File

@ -36,7 +36,7 @@ class Token extends BaseApi
{
protected function post(array $request = [], array $post = [])
{
$request = self::getRequest([
$request = $this->getRequest([
'client_id' => '', // Client ID, obtained during app registration
'client_secret' => '', // Client secret, obtained during app registration
'redirect_uri' => '', // Set a URI to redirect the user to. If this parameter is set to "urn:ietf:wg:oauth:2.0:oob" then the token will be shown instead. Must match one of the redirect URIs declared during app registration.