diff options
author | Daniel Friesel <derf@finalrewind.org> | 2019-12-20 16:39:15 +0100 |
---|---|---|
committer | Daniel Friesel <derf@finalrewind.org> | 2019-12-20 16:39:15 +0100 |
commit | 11a2e94a04bf451a1b8411daa18d8f340a12a9c6 (patch) | |
tree | b40d486171bc87a10216d2eb089629a062a68ea5 /lib/Travelynx/Controller/Api.pm | |
parent | bd372d57e2f9dfd8ba651e19f6adfa69ceda9c09 (diff) |
travel API: more helpful errors on invalid input
Diffstat (limited to 'lib/Travelynx/Controller/Api.pm')
-rwxr-xr-x | lib/Travelynx/Controller/Api.pm | 39 |
1 files changed, 35 insertions, 4 deletions
diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm index f0fa5db..f95caa3 100755 --- a/lib/Travelynx/Controller/Api.pm +++ b/lib/Travelynx/Controller/Api.pm @@ -221,7 +221,7 @@ sub travel_v1 { } my $token = $self->get_api_token($uid); - if ( $api_token ne $token->{'travel'} ) { + if ( not $token->{'travel'} or $api_token ne $token->{'travel'} ) { $self->render( json => { success => \0, @@ -240,6 +240,7 @@ sub travel_v1 { success => \0, deprecated => \0, error => 'Missing or invalid action', + status => $self->get_user_status_json_v1($uid) }, ); return; @@ -250,6 +251,25 @@ sub travel_v1 { my $to_station = sanitize( q{}, $payload->{toStation} ); my $train_id; + if ( + not( + $from_station + and ( ( $payload->{train}{type} and $payload->{train}{no} ) + or $payload->{train}{id} ) + ) + ) + { + $self->render( + json => { + success => \0, + deprecated => \0, + error => 'Missing fromStation or train data', + status => $self->get_user_status_json_v1($uid) + }, + ); + return; + } + if ( exists $payload->{train}{id} ) { $train_id = sanitize( 0, $payload->{train}{id} ); } @@ -277,9 +297,8 @@ sub travel_v1 { json => { success => \0, deprecated => \0, - error => 'Fehler am Abfahrtsbahnhof: ' - . $status->{errstr}, - status => $self->get_user_status_json_v1($uid) + error => 'Zug nicht gefunden', + status => $self->get_user_status_json_v1($uid) } ); return; @@ -319,6 +338,18 @@ sub travel_v1 { elsif ( $payload->{action} eq 'checkout' ) { my $to_station = sanitize( q{}, $payload->{toStation} ); + if ( not $to_station ) { + $self->render( + json => { + success => \0, + deprecated => \0, + error => 'Missing toStation', + status => $self->get_user_status_json_v1($uid) + }, + ); + return; + } + if ( $payload->{comment} ) { $self->update_in_transit_comment( sanitize( q{}, $payload->{comment} ), $uid ); |