gsathecat
/
fediseer
mirror of https://github.com/Fediseer/fediseer.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

proper input validation

pull/20/head
db0 2023-09-05 11:40:58 +02:00
parent 3f741ae5b8
commit 5f9cf5da01
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
fediseer/apis/models/v1.py
View File

@ -48,3 +48,7 @@ class Models:
"message": fields.String(default='OK',required=True, description="The result of this operation."), "message": fields.String(default='OK',required=True, description="The result of this operation."),
"new_key": fields.String(default=None,required=False, description="The new API key"), "new_key": fields.String(default=None,required=False, description="The new API key"),
}) })
self.input_api_key_reset = api.model('ApiKeyResetInput', {
'admin_username': fields.String(required=False, description="If a username is given, their API key will be reset. Otherwise the user's whose API key was provided will be reset. This allows can be initiated by other instance admins or the fediseer.", example="admin"),
'return_new_key': fields.Boolean(required=False, default=False, description="If True, the key will be returned as part of the response instead of PM'd. Fediseer will still PM a notification to the target admin account."),
})

4
fediseer/apis/v1/whitelist.py
View File

@ -105,10 +105,10 @@ class WhitelistDomain(Resource):
patch_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers') patch_parser.add_argument("apikey", type=str, required=True, help="The sending instance's API key.", location='headers')
patch_parser.add_argument("Client-Agent", default="unknown:0:unknown", type=str, required=False, help="The client name and version.", location="headers") patch_parser.add_argument("Client-Agent", default="unknown:0:unknown", type=str, required=False, help="The client name and version.", location="headers")
patch_parser.add_argument("admin_username", required=False, type=str, help="If a username is given, their API key will be reset. Otherwise the user's whose API key was provided will be reset. This allows can be initiated by other instance admins or the fediseer.", location="json") patch_parser.add_argument("admin_username", required=False, type=str, help="If a username is given, their API key will be reset. Otherwise the user's whose API key was provided will be reset. This allows can be initiated by other instance admins or the fediseer.", location="json")
patch_parser.add_argument("return_new_key", default=False, required=False, type=bool, help="If True, the key will be returned as part of the response instead of PM'd. IT will still PM a notification to you.", location="json") patch_parser.add_argument("return_new_key", default=False, required=True, type=bool, help="If True, the key will be returned as part of the response instead of PM'd. IT will still PM a notification to you.", location="json")
@api.expect(patch_parser) @api.expect(patch_parser,models.input_api_key_reset, validate=True)
@api.marshal_with(models.response_model_api_key_reset, code=200, description='Instances', skip_none=True) @api.marshal_with(models.response_model_api_key_reset, code=200, description='Instances', skip_none=True)
@api.response(401, 'Invalid API Key', models.response_model_error) @api.response(401, 'Invalid API Key', models.response_model_error)
@api.response(403, 'Instance Not Registered', models.response_model_error) @api.response(403, 'Instance Not Registered', models.response_model_error)