From 47e19ba22c39ba7eb4b9af3d2b58f9bf78ca0fdd Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Mon, 26 Apr 2021 11:28:42 -0700 Subject: [PATCH] Return HTTP 400 when creating Project with nonexistent user --- hydra-api.yaml | 10 ++++++++++ src/lib/Hydra/Controller/Project.pm | 2 +- src/lib/Hydra/Helper/CatalystUtils.pm | 6 +++++- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/hydra-api.yaml b/hydra-api.yaml index 6b8096e8..7eb05bd2 100644 --- a/hydra-api.yaml +++ b/hydra-api.yaml @@ -170,6 +170,16 @@ paths: description: when set to true the project is displayed in the web interface type: boolean responses: + '400': + description: bad request + content: + application/json: + schema: + type: object + properties: + error: + description: error message + type: string '403': description: request unauthorized content: diff --git a/src/lib/Hydra/Controller/Project.pm b/src/lib/Hydra/Controller/Project.pm index f60bb494..d792d1a9 100644 --- a/src/lib/Hydra/Controller/Project.pm +++ b/src/lib/Hydra/Controller/Project.pm @@ -135,7 +135,7 @@ sub updateProject { my $owner = $project->owner; if ($c->check_user_roles('admin') and defined $c->stash->{params}->{owner}) { $owner = trim $c->stash->{params}->{owner}; - error($c, "The user name ‘$owner’ does not exist.") + badRequest($c, "The user name ‘$owner’ does not exist.") unless defined $c->model('DB::Users')->find($owner); } diff --git a/src/lib/Hydra/Helper/CatalystUtils.pm b/src/lib/Hydra/Helper/CatalystUtils.pm index b1c51b82..ec19b61d 100644 --- a/src/lib/Hydra/Helper/CatalystUtils.pm +++ b/src/lib/Hydra/Helper/CatalystUtils.pm @@ -11,7 +11,7 @@ our @ISA = qw(Exporter); our @EXPORT = qw( getBuild getPreviousBuild getNextBuild getPreviousSuccessfulBuild searchBuildsAndEvalsForJobset - error notFound gone accessDenied + error notFound gone accessDenied badRequest forceLogin requireUser requireProjectOwner requireRestartPrivileges requireAdmin requirePost isAdmin isProjectOwner requireBumpPrivileges requireCancelBuildPrivileges @@ -155,6 +155,10 @@ sub accessDenied { error($c, $msg, 403); } +sub badRequest { + my ($c, $msg) = @_; + error($c, $msg, 400); +} sub backToReferer { my ($c) = @_;