Avoid error when a bad `order` parameter is given

Only allowed parameter are asc & desc
author: Jeremy Benoist <jeremy.benoist@gmail.com> 2019-01-14 17:01:21 +0100
committer: Jeremy Benoist <jeremy.benoist@gmail.com> 2019-01-14 17:01:21 +0100
commit: 78e3fafa3fab86638295fe1ee2a05a559bf56ab1 (patch)
tree: 904be517d033438c36b29d2b5c3227f630455b0a /src/Wallabag/ApiBundle/Controller/EntryRestController.php
parent: a5e9a98aa3c67ac1ad1aff1a250ef8fdc3c24def (diff)
download: wallabag-78e3fafa3fab86638295fe1ee2a05a559bf56ab1.tar.gz
wallabag-78e3fafa3fab86638295fe1ee2a05a559bf56ab1.tar.zst
wallabag-78e3fafa3fab86638295fe1ee2a05a559bf56ab1.zip
1 files changed, 18 insertions, 13 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/EntryRestController.php b/src/Wallabag/ApiBundle/Controller/EntryRestController.php
index 0b4e74a0..b2bad406 100644
--- a/src/Wallabag/ApiBundle/Controller/EntryRestController.php
+++ b/src/Wallabag/ApiBundle/Controller/EntryRestController.php
@@ -9,6 +9,7 @@ use Nelmio\ApiDocBundle\Annotation\ApiDoc;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\HttpKernel\Exception\HttpException;
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Wallabag\CoreBundle\Entity\Entry;
@@ -98,24 +99,28 @@ class EntryRestController extends WallabagRestController
        $isArchived = (null === $request->query->get('archive')) ? null : (bool) $request->query->get('archive');
        $isStarred = (null === $request->query->get('starred')) ? null : (bool) $request->query->get('starred');
        $isPublic = (null === $request->query->get('public')) ? null : (bool) $request->query->get('public');
-        $sort = $request->query->get('sort', 'created');
+        $sort = strtolower($request->query->get('sort', 'created'));
-        $order = $request->query->get('order', 'desc');
+        $order = strtolower($request->query->get('order', 'desc'));
        $page = (int) $request->query->get('page', 1);
        $perPage = (int) $request->query->get('perPage', 30);
        $tags = \is_array($request->query->get('tags')) ? '' : (string) $request->query->get('tags', '');
        $since = $request->query->get('since', 0);
-        /** @var \Pagerfanta\Pagerfanta $pager */
+        try {
-        $pager = $this->get('wallabag_core.entry_repository')->findEntries(
+            /** @var \Pagerfanta\Pagerfanta $pager */
-            $this->getUser()->getId(),
+            $pager = $this->get('wallabag_core.entry_repository')->findEntries(
-            $isArchived,
+                $this->getUser()->getId(),
-            $isStarred,
+                $isArchived,
-            $isPublic,
+                $isStarred,
-            $sort,
+                $isPublic,
-            $order,
+                $sort,
-            $since,
+                $order,
-            $tags
+                $since,
-        );
+                $tags
+            );
+        } catch (\Exception $e) {
+            throw new BadRequestHttpException($e->getMessage());
+        }
        $pager->setMaxPerPage($perPage);
        $pager->setCurrentPage($page);
author	Jeremy Benoist <jeremy.benoist@gmail.com>	2019-01-14 17:01:21 +0100
committer	Jeremy Benoist <jeremy.benoist@gmail.com>	2019-01-14 17:01:21 +0100
commit	78e3fafa3fab86638295fe1ee2a05a559bf56ab1 (patch)
tree	904be517d033438c36b29d2b5c3227f630455b0a /src/Wallabag/ApiBundle/Controller/EntryRestController.php
parent	a5e9a98aa3c67ac1ad1aff1a250ef8fdc3c24def (diff)
download	wallabag-78e3fafa3fab86638295fe1ee2a05a559bf56ab1.tar.gz wallabag-78e3fafa3fab86638295fe1ee2a05a559bf56ab1.tar.zst wallabag-78e3fafa3fab86638295fe1ee2a05a559bf56ab1.zip