diff options
| author | Egor Kislitsyn <egor@kislitsyn.com> | 2020-05-04 22:33:05 +0400 |
|---|---|---|
| committer | Egor Kislitsyn <egor@kislitsyn.com> | 2020-05-04 22:33:05 +0400 |
| commit | f070b5569ca0eafdca79f1f3e3b6b5025f3f8fc9 (patch) | |
| tree | be5d2bf95f09d76a471f7c44cee8f8498f181a73 | |
| parent | 4b9ab67aa8bdf7fdf7390080932fee2e5879a5e4 (diff) | |
Add a config option to enable strict validation
| -rw-r--r-- | config/config.exs | 2 | ||||
| -rw-r--r-- | lib/pleroma/web/api_spec/cast_and_validate.ex | 17 |
2 files changed, 14 insertions, 5 deletions
diff --git a/config/config.exs b/config/config.exs index a6c6d6f99..ca9bbab64 100644 --- a/config/config.exs +++ b/config/config.exs @@ -653,6 +653,8 @@ config :pleroma, :restrict_unauthenticated, profiles: %{local: false, remote: false}, activities: %{local: false, remote: false} +config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: false + # Import environment specific config. This must remain at the bottom # of this file so it overrides the configuration defined above. import_config "#{Mix.env()}.exs" diff --git a/lib/pleroma/web/api_spec/cast_and_validate.ex b/lib/pleroma/web/api_spec/cast_and_validate.ex index b94517c52..bd9026237 100644 --- a/lib/pleroma/web/api_spec/cast_and_validate.ex +++ b/lib/pleroma/web/api_spec/cast_and_validate.ex @@ -7,9 +7,10 @@ defmodule Pleroma.Web.ApiSpec.CastAndValidate do @moduledoc """ This plug is based on [`OpenApiSpex.Plug.CastAndValidate`] (https://github.com/open-api-spex/open_api_spex/blob/master/lib/open_api_spex/plug/cast_and_validate.ex). - The main difference is ignoring unexpected query params - instead of throwing an error. Also, the default rendering - error module is `Pleroma.Web.ApiSpec.RenderError`. + The main difference is ignoring unexpected query params instead of throwing + an error and a config option (`[Pleroma.Web.ApiSpec.CastAndValidate, :strict]`) + to disable this behavior. Also, the default rendering error module + is `Pleroma.Web.ApiSpec.RenderError`. """ @behaviour Plug @@ -45,7 +46,7 @@ defmodule Pleroma.Web.ApiSpec.CastAndValidate do private_data = Map.put(private_data, :operation_id, operation_id) conn = Conn.put_private(conn, :open_api_spex, private_data) - case cast_and_validate(spec, operation, conn, content_type) do + case cast_and_validate(spec, operation, conn, content_type, strict?()) do {:ok, conn} -> conn @@ -98,7 +99,11 @@ defmodule Pleroma.Web.ApiSpec.CastAndValidate do def call(conn, opts), do: OpenApiSpex.Plug.CastAndValidate.call(conn, opts) - defp cast_and_validate(spec, operation, conn, content_type) do + defp cast_and_validate(spec, operation, conn, content_type, true = _strict) do + OpenApiSpex.cast_and_validate(spec, operation, conn, content_type) + end + + defp cast_and_validate(spec, operation, conn, content_type, false = _strict) do case OpenApiSpex.cast_and_validate(spec, operation, conn, content_type) do {:ok, conn} -> {:ok, conn} @@ -129,4 +134,6 @@ defmodule Pleroma.Web.ApiSpec.CastAndValidate do i -> i end) end + + defp strict?, do: Pleroma.Config.get([__MODULE__, :strict], false) end |