Nosial/FederationServer
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Refactor GetOperator method to validate operator UUID from request path and improve error handling

Browse source
This commit is contained in:
netkas 2025-06-03 00:47:39 -04:00
parent 128469efa1
commit 3cdcbbdd70
Signed by: netkas
GPG key ID: 4D8629441B76E4CC
1 changed files with 10 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/FederationServer/Methods/GetOperator.php
View file

@ -2,11 +2,10 @@
namespace FederationServer\Methods; namespace FederationServer\Methods;
use FederationServer\Classes\Enums\AuditLogType;
use FederationServer\Classes\Logger; use FederationServer\Classes\Logger;
use FederationServer\Classes\Managers\AuditLogManager;
use FederationServer\Classes\Managers\OperatorManager; use FederationServer\Classes\Managers\OperatorManager;
use FederationServer\Classes\RequestHandler; use FederationServer\Classes\RequestHandler;
use FederationServer\Classes\Validate;
use FederationServer\Exceptions\DatabaseOperationException; use FederationServer\Exceptions\DatabaseOperationException;
use FederationServer\Exceptions\RequestException; use FederationServer\Exceptions\RequestException;
use FederationServer\FederationServer; use FederationServer\FederationServer;
@ -26,14 +25,20 @@
throw new RequestException('Unauthorized: Insufficient permissions to get operators', 403); throw new RequestException('Unauthorized: Insufficient permissions to get operators', 403);
} }
if(!FederationServer::getParameter('uuid')) if(!preg_match('#^/operators/([a-fA-F0-9\-]{36,})$#', FederationServer::getPath(), $matches))
{ {
throw new RequestException('Bad Request: Operator UUID is required', 400); throw new RequestException('Operator UUID required', 405);
}
$operatorUuid = $matches[1];
if(!$operatorUuid || !Validate::uuid($operatorUuid))
{
throw new RequestException('Invalid operator UUID', 400);
} }
try try
{ {
$existingOperator = OperatorManager::getOperator(FederationServer::getParameter('uuid')); $existingOperator = OperatorManager::getOperator($operatorUuid);
if($existingOperator === null) if($existingOperator === null)
{ {
throw new RequestException('Operator Not Found', 404); throw new RequestException('Operator Not Found', 404);