From b31afc62943b79bf97338040e39123b9dd68f31f Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Mon, 14 Nov 2022 08:06:06 +0100 Subject: [PATCH] Fix error when passing unknown filter param in REST API (#20626) Fix #19156 --- app/controllers/api/base_controller.rb | 2 +- app/models/account_filter.rb | 10 ++++++---- app/models/admin/action_log_filter.rb | 2 +- app/models/admin/appeal_filter.rb | 4 ++-- app/models/admin/status_filter.rb | 2 +- app/models/announcement_filter.rb | 2 +- app/models/custom_emoji_filter.rb | 2 +- app/models/instance_filter.rb | 4 ++-- app/models/invite_filter.rb | 2 +- app/models/relationship_filter.rb | 12 ++++++------ app/models/report_filter.rb | 4 ++-- app/models/trends/preview_card_filter.rb | 2 +- app/models/trends/preview_card_provider_filter.rb | 4 ++-- app/models/trends/status_filter.rb | 2 +- lib/exceptions.rb | 1 + spec/models/custom_emoji_filter_spec.rb | 4 ++-- 16 files changed, 31 insertions(+), 28 deletions(-) diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index 3f3e1ca7bdc..665425f2965 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -57,7 +57,7 @@ class Api::BaseController < ApplicationController render json: { error: I18n.t('errors.429') }, status: 429 end - rescue_from ActionController::ParameterMissing do |e| + rescue_from ActionController::ParameterMissing, Mastodon::InvalidParameterError do |e| render json: { error: e.to_s }, status: 400 end diff --git a/app/models/account_filter.rb b/app/models/account_filter.rb index e214e0bad22..e09ce4ec267 100644 --- a/app/models/account_filter.rb +++ b/app/models/account_filter.rb @@ -57,7 +57,7 @@ class AccountFilter when 'order' order_scope(value) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end @@ -68,7 +68,7 @@ class AccountFilter when 'remote' Account.remote else - raise "Unknown origin: #{value}" + raise Mastodon::InvalidParameterError, "Unknown origin: #{value}" end end @@ -84,8 +84,10 @@ class AccountFilter accounts_with_users.merge(User.disabled) when 'silenced' Account.silenced + when 'sensitized' + Account.sensitized else - raise "Unknown status: #{value}" + raise Mastodon::InvalidParameterError, "Unknown status: #{value}" end end @@ -96,7 +98,7 @@ class AccountFilter when 'recent' Account.recent else - raise "Unknown order: #{value}" + raise Mastodon::InvalidParameterError, "Unknown order: #{value}" end end diff --git a/app/models/admin/action_log_filter.rb b/app/models/admin/action_log_filter.rb index edb391e2e86..f89d452ef4f 100644 --- a/app/models/admin/action_log_filter.rb +++ b/app/models/admin/action_log_filter.rb @@ -95,7 +95,7 @@ class Admin::ActionLogFilter account = Account.find_or_initialize_by(id: value) Admin::ActionLog.where(target: [account, account.user].compact) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end end diff --git a/app/models/admin/appeal_filter.rb b/app/models/admin/appeal_filter.rb index b163d2e5686..f5dcc0f54df 100644 --- a/app/models/admin/appeal_filter.rb +++ b/app/models/admin/appeal_filter.rb @@ -30,7 +30,7 @@ class Admin::AppealFilter when 'status' status_scope(value) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end @@ -43,7 +43,7 @@ class Admin::AppealFilter when 'pending' Appeal.pending else - raise "Unknown status: #{value}" + raise Mastodon::InvalidParameterError, "Unknown status: #{value}" end end end diff --git a/app/models/admin/status_filter.rb b/app/models/admin/status_filter.rb index d7a16f760db..4d439e9a1ce 100644 --- a/app/models/admin/status_filter.rb +++ b/app/models/admin/status_filter.rb @@ -32,7 +32,7 @@ class Admin::StatusFilter when 'media' Status.joins(:media_attachments).merge(@account.media_attachments.reorder(nil)).group(:id).reorder('statuses.id desc') else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end end diff --git a/app/models/announcement_filter.rb b/app/models/announcement_filter.rb index 950852460d6..85c3b1d2cea 100644 --- a/app/models/announcement_filter.rb +++ b/app/models/announcement_filter.rb @@ -33,7 +33,7 @@ class AnnouncementFilter when 'unpublished' Announcement.unpublished else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end end diff --git a/app/models/custom_emoji_filter.rb b/app/models/custom_emoji_filter.rb index 414e1fcddd2..ed7a8dda15c 100644 --- a/app/models/custom_emoji_filter.rb +++ b/app/models/custom_emoji_filter.rb @@ -39,7 +39,7 @@ class CustomEmojiFilter when 'shortcode' CustomEmoji.search(value.strip) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end end diff --git a/app/models/instance_filter.rb b/app/models/instance_filter.rb index e7e5166a1ac..1d94c919f96 100644 --- a/app/models/instance_filter.rb +++ b/app/models/instance_filter.rb @@ -36,7 +36,7 @@ class InstanceFilter when 'availability' availability_scope(value) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end @@ -47,7 +47,7 @@ class InstanceFilter when 'unavailable' Instance.joins(:unavailable_domain) else - raise "Unknown availability: #{value}" + raise Mastodon::InvalidParameterError, "Unknown availability: #{value}" end end end diff --git a/app/models/invite_filter.rb b/app/models/invite_filter.rb index 9685d4abb5f..c1edb3871fe 100644 --- a/app/models/invite_filter.rb +++ b/app/models/invite_filter.rb @@ -31,7 +31,7 @@ class InviteFilter when 'expired' Invite.expired else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end end diff --git a/app/models/relationship_filter.rb b/app/models/relationship_filter.rb index 9135ff144c9..249fe3df8e1 100644 --- a/app/models/relationship_filter.rb +++ b/app/models/relationship_filter.rb @@ -53,7 +53,7 @@ class RelationshipFilter when 'activity' activity_scope(value) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end @@ -68,7 +68,7 @@ class RelationshipFilter when 'invited' Account.joins(user: :invite).merge(Invite.where(user: account.user)).eager_load(:account_stat).reorder(nil) else - raise "Unknown relationship: #{value}" + raise Mastodon::InvalidParameterError, "Unknown relationship: #{value}" end end @@ -83,7 +83,7 @@ class RelationshipFilter when 'remote' Account.remote else - raise "Unknown location: #{value}" + raise Mastodon::InvalidParameterError, "Unknown location: #{value}" end end @@ -94,7 +94,7 @@ class RelationshipFilter when 'primary' Account.where(moved_to_account_id: nil) else - raise "Unknown status: #{value}" + raise Mastodon::InvalidParameterError, "Unknown status: #{value}" end end @@ -105,7 +105,7 @@ class RelationshipFilter when 'recent' params[:relationship] == 'invited' ? Account.recent : Follow.recent else - raise "Unknown order: #{value}" + raise Mastodon::InvalidParameterError, "Unknown order: #{value}" end end @@ -114,7 +114,7 @@ class RelationshipFilter when 'dormant' AccountStat.where(last_status_at: nil).or(AccountStat.where(AccountStat.arel_table[:last_status_at].lt(1.month.ago))) else - raise "Unknown activity: #{value}" + raise Mastodon::InvalidParameterError, "Unknown activity: #{value}" end end end diff --git a/app/models/report_filter.rb b/app/models/report_filter.rb index dc444a5520f..c9b3bce2d12 100644 --- a/app/models/report_filter.rb +++ b/app/models/report_filter.rb @@ -38,7 +38,7 @@ class ReportFilter when :target_origin target_origin_scope(value) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end @@ -49,7 +49,7 @@ class ReportFilter when :remote Report.where(target_account: Account.remote) else - raise "Unknown value: #{value}" + raise Mastodon::InvalidParameterError, "Unknown value: #{value}" end end end diff --git a/app/models/trends/preview_card_filter.rb b/app/models/trends/preview_card_filter.rb index 0a81146d4cb..f0214c3f0f6 100644 --- a/app/models/trends/preview_card_filter.rb +++ b/app/models/trends/preview_card_filter.rb @@ -40,7 +40,7 @@ class Trends::PreviewCardFilter when 'locale' PreviewCardTrend.where(language: value) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end diff --git a/app/models/trends/preview_card_provider_filter.rb b/app/models/trends/preview_card_provider_filter.rb index abfdd07e887..219793f01e9 100644 --- a/app/models/trends/preview_card_provider_filter.rb +++ b/app/models/trends/preview_card_provider_filter.rb @@ -30,7 +30,7 @@ class Trends::PreviewCardProviderFilter when 'status' status_scope(value) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end @@ -43,7 +43,7 @@ class Trends::PreviewCardProviderFilter when 'pending_review' PreviewCardProvider.pending_review else - raise "Unknown status: #{value}" + raise Mastodon::InvalidParameterError, "Unknown status: #{value}" end end end diff --git a/app/models/trends/status_filter.rb b/app/models/trends/status_filter.rb index cb0f75d679f..de435a02661 100644 --- a/app/models/trends/status_filter.rb +++ b/app/models/trends/status_filter.rb @@ -40,7 +40,7 @@ class Trends::StatusFilter when 'locale' StatusTrend.where(language: value) else - raise "Unknown filter: #{key}" + raise Mastodon::InvalidParameterError, "Unknown filter: #{key}" end end diff --git a/lib/exceptions.rb b/lib/exceptions.rb index 3c5ba226b19..d3b92f4a093 100644 --- a/lib/exceptions.rb +++ b/lib/exceptions.rb @@ -11,6 +11,7 @@ module Mastodon class RaceConditionError < Error; end class RateLimitExceededError < Error; end class SyntaxError < Error; end + class InvalidParameterError < Error; end class UnexpectedResponseError < Error attr_reader :response diff --git a/spec/models/custom_emoji_filter_spec.rb b/spec/models/custom_emoji_filter_spec.rb index d859f5c5f50..2b1b5dc542f 100644 --- a/spec/models/custom_emoji_filter_spec.rb +++ b/spec/models/custom_emoji_filter_spec.rb @@ -50,10 +50,10 @@ RSpec.describe CustomEmojiFilter do context 'else' do let(:params) { { else: 'else' } } - it 'raises RuntimeError' do + it 'raises Mastodon::InvalidParameterError' do expect do subject - end.to raise_error(RuntimeError, /Unknown filter: else/) + end.to raise_error(Mastodon::InvalidParameterError, /Unknown filter: else/) end end end