[Koha-bugs] [Bug 17445] REST API: Generic handling of malformed query parameters
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Oct 14 16:34:53 CEST 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17445
--- Comment #8 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
(In reply to Jonathan Druart from comment #6)
> Created attachment 56547 [details] [review]
> Bug 17445: Move the params check after the authentication check
>
> If the user is not authorised to call this route, we would prefer to
> raise a 403 instead of 400
>
> Note that we wanted to submit tests for this change but the city code
> does not let use do that (we are allowed to list/show cities even
> without any permissions). The patrons.t is not complete enought and the
> holds.t tests do not pass...
>
> Tomas plans to submit tests but we reach the end of the hackfest ;)
Also agree with this change.. it didn't even occur to me to think about error
code presidency in this case..
Generically I think you tend to just work backwards down the error codes, so
your checking for a 403 failure before a more generic 400 is perfect in this
case.
Good spot! :)
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list