Mvolz has uploaded a new change for review.
https://gerrit.wikimedia.org/r/203828
Change subject: [WIP] Explicitly define allowed formats
......................................................................
[WIP] Explicitly define allowed formats
Bug: T95308
Change-Id: I59059c1938a644f33ddf6bbeb998f1ad0bb46d7b
---
M app.js
M routes/root.js
M test/features/errors/index.js
3 files changed, 60 insertions(+), 25 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/services/citoid
refs/changes/28/203828/1
diff --git a/app.js b/app.js
index d636a6b..cfb6a4d 100644
--- a/app.js
+++ b/app.js
@@ -64,6 +64,19 @@
// init the Citoid service object
app.citoid = new CitoidService(app.conf, app.logger, app.metrics);
+ // set allowed export formats and expected response type
+ var nativeFormats = {
+ 'mediawiki':'application/json',
+ 'zotero':'application/json',
+ 'mwDeprecated':'application/json'
+ };
+
+ var zoteroFormats = {
+ 'bibtex':'application/x-bibtex'
+ };
+
+ app.formats = Object.assign({}, nativeFormats, zoteroFormats);
+
return BBPromise.resolve(app);
}
diff --git a/routes/root.js b/routes/root.js
index 58d94ee..993ccff 100644
--- a/routes/root.js
+++ b/routes/root.js
@@ -14,7 +14,6 @@
*/
var app;
-
/**
* GET /robots.txt
* Instructs robots no indexing should occur on this domain.
@@ -52,6 +51,12 @@
return;
}
+ if (!app.formats.hasOwnProperty(format)) {
+ res.status(400).type('text/plain');
+ res.send('invalid format ' + format);
+ return;
+ }
+
opts = {
search: requestedURL,
format: format,
@@ -59,7 +64,7 @@
};
app.citoid.request(opts, function(error, responseCode, body){
- res.status(responseCode).type('application/json');
+ res.status(responseCode).type(app.formats[format]);
res.send(body);
});
@@ -78,12 +83,16 @@
search = req.query.search;
if (!search) {
- res.status(400).type('text/plain');
- res.send("No 'search' value specified\n");
+ res.status(400).type('application/json');
+ res.send({Error:"No 'search' value specified"});
return;
} else if(!format) {
- res.status(400).type('text/plain');
- res.send("No 'format' value specified\nOptions are
'mediawiki','zotero'");
+ res.status(400).type('application/json');
+ res.send({Error:"No 'format' value specified"});
+ return;
+ } else if (!app.formats.hasOwnProperty(format)) {
+ res.status(400).type('application/json');
+ res.send({Error:'Invalid format requested ' + format});
return;
}
@@ -95,12 +104,7 @@
};
app.citoid.request(opts, function(error, responseCode, body) {
- res.status(responseCode);
- if(format === 'bibtex') {
- res.type('application/x-bibtex');
- } else {
- res.type('application/json');
- }
+ res.status(responseCode).type(app.formats[format]);
res.send(body);
});
diff --git a/test/features/errors/index.js b/test/features/errors/index.js
index b56e120..87c3eaa 100644
--- a/test/features/errors/index.js
+++ b/test/features/errors/index.js
@@ -12,19 +12,6 @@
before(function () { return server.start(); });
- it('missing format in query', function() {
- return preq.get({
- uri: server.config.q_uri,
- query: {
- search: '123456'
- }
- }).then(function(res) {
- assert.status(res, 400);
- }, function(err) {
- assert.status(err, 400);
- });
- });
-
it('missing search in query', function() {
return preq.get({
uri: server.config.q_uri,
@@ -35,6 +22,37 @@
assert.status(res, 400);
}, function(err) {
assert.status(err, 400);
+ assert.deepEqual(err.body.Error, "No 'search' value
specified");
+ });
+ });
+
+ it('missing format in query', function() {
+ return preq.get({
+ uri: server.config.q_uri,
+ query: {
+ search: '123456'
+ }
+ }).then(function(res) {
+ assert.status(res, 400);
+ }, function(err) {
+ assert.status(err, 400);
+ assert.deepEqual(err.body.Error, "No 'format' value
specified");
+ });
+ });
+
+ it('bad format in query', function() {
+ var format = 'badformat';
+ return preq.get({
+ uri: server.config.q_uri,
+ query: {
+ search: '123456',
+ format: format
+ }
+ }).then(function(res) {
+ assert.status(res, 400);
+ }, function(err) {
+ assert.status(err, 400);
+ assert.deepEqual(err.body.Error, 'Invalid format
requested ' + format);
});
});
--
To view, visit https://gerrit.wikimedia.org/r/203828
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I59059c1938a644f33ddf6bbeb998f1ad0bb46d7b
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/services/citoid
Gerrit-Branch: master
Gerrit-Owner: Mvolz <mv...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
