From 11a2e94a04bf451a1b8411daa18d8f340a12a9c6 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 20 Dec 2019 16:39:15 +0100 Subject: travel API: more helpful errors on invalid input --- lib/Travelynx/Controller/Api.pm | 39 +++++++++++++++++++++++++++++++++++---- 1 file changed, 35 insertions(+), 4 deletions(-) (limited to 'lib/Travelynx') diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm index f0fa5db..f95caa3 100755 --- a/lib/Travelynx/Controller/Api.pm +++ b/lib/Travelynx/Controller/Api.pm @@ -221,7 +221,7 @@ sub travel_v1 { } my $token = $self->get_api_token($uid); - if ( $api_token ne $token->{'travel'} ) { + if ( not $token->{'travel'} or $api_token ne $token->{'travel'} ) { $self->render( json => { success => \0, @@ -240,6 +240,7 @@ sub travel_v1 { success => \0, deprecated => \0, error => 'Missing or invalid action', + status => $self->get_user_status_json_v1($uid) }, ); return; @@ -250,6 +251,25 @@ sub travel_v1 { my $to_station = sanitize( q{}, $payload->{toStation} ); my $train_id; + if ( + not( + $from_station + and ( ( $payload->{train}{type} and $payload->{train}{no} ) + or $payload->{train}{id} ) + ) + ) + { + $self->render( + json => { + success => \0, + deprecated => \0, + error => 'Missing fromStation or train data', + status => $self->get_user_status_json_v1($uid) + }, + ); + return; + } + if ( exists $payload->{train}{id} ) { $train_id = sanitize( 0, $payload->{train}{id} ); } @@ -277,9 +297,8 @@ sub travel_v1 { json => { success => \0, deprecated => \0, - error => 'Fehler am Abfahrtsbahnhof: ' - . $status->{errstr}, - status => $self->get_user_status_json_v1($uid) + error => 'Zug nicht gefunden', + status => $self->get_user_status_json_v1($uid) } ); return; @@ -319,6 +338,18 @@ sub travel_v1 { elsif ( $payload->{action} eq 'checkout' ) { my $to_station = sanitize( q{}, $payload->{toStation} ); + if ( not $to_station ) { + $self->render( + json => { + success => \0, + deprecated => \0, + error => 'Missing toStation', + status => $self->get_user_status_json_v1($uid) + }, + ); + return; + } + if ( $payload->{comment} ) { $self->update_in_transit_comment( sanitize( q{}, $payload->{comment} ), $uid ); -- cgit v1.2.3