Add validation on route GetCitizenVotesOnArticle

2021-04-15 01:27:48 +02:00
parent 13253e4af1
commit 496cf50d88
4 changed files with 53 additions and 1 deletions
--- a/src/main/kotlin/fr/dcproject/component/vote/routes/GetCitizenVotesOnArticle.kt
+++ b/src/main/kotlin/fr/dcproject/component/vote/routes/GetCitizenVotesOnArticle.kt
@@ -1,5 +1,6 @@
 package fr.dcproject.component.vote.routes

+import fr.dcproject.application.http.badRequestIfNotValid
 import fr.dcproject.common.response.toOutput
 import fr.dcproject.common.security.assert
 import fr.dcproject.component.auth.citizenOrNull
@@ -9,6 +10,9 @@ import fr.dcproject.component.vote.VoteAccessControl
 import fr.dcproject.component.vote.database.VoteArticleRepository
 import fr.dcproject.routes.PaginatedRequest
 import fr.dcproject.routes.PaginatedRequestI
+import io.konform.validation.Validation
+import io.konform.validation.jsonschema.maximum
+import io.konform.validation.jsonschema.minimum
 import io.ktor.application.call
 import io.ktor.http.HttpStatusCode
 import io.ktor.locations.KtorExperimentalLocationsAPI
@@ -28,11 +32,22 @@ object GetCitizenVotesOnArticle {
        val search: String? = null
    ) : PaginatedRequestI by PaginatedRequest(page, limit) {
        val citizen = CitizenRef(citizen)
+        fun validate() = Validation<CitizenVoteArticleRequest> {
+            CitizenVoteArticleRequest::page {
+                minimum(1)
+            }
+            CitizenVoteArticleRequest::limit {
+                minimum(1)
+                maximum(50)
+            }
+        }.validate(this)
    }

    fun Route.getCitizenVotesOnArticle(repo: VoteArticleRepository, ac: VoteAccessControl) {
        get<CitizenVoteArticleRequest> {
            mustBeAuth()
+            it.validate().badRequestIfNotValid()
+
            val votes = repo.findByCitizen(it.citizen, it.page, it.limit)
            ac.assert { canView(votes.result, citizenOrNull) }

--- a/src/main/resources/openapi.yaml
+++ b/src/main/resources/openapi.yaml
@@ -1265,6 +1265,9 @@ paths:
        - vote
        - article
        - citizen
+      parameters:
+        - $ref: '#/components/parameters/page'
+        - $ref: '#/components/parameters/limit'
      responses:
        200:
          description: Votes
@@ -1279,6 +1282,12 @@ paths:
                        type: array
                        items:
                          $ref: '#/components/schemas/VoteResponse'
+        400:
+          description: BadReqest
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/400'
        401:
          $ref: '#/components/responses/401'
  /articles/{article}/vote: