Correctly validate description for API keys to match model expectations; closes #2457

This commit is contained in:
Dane Everitt 2020-10-10 17:15:30 -07:00
parent 1f28fb94e2
commit 1f7fe093ae
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
2 changed files with 16 additions and 2 deletions

View File

@ -2,6 +2,7 @@
namespace Pterodactyl\Http\Requests\Api\Client\Account;
use Pterodactyl\Models\ApiKey;
use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
class StoreApiKeyRequest extends ClientApiRequest
@ -11,9 +12,11 @@ class StoreApiKeyRequest extends ClientApiRequest
*/
public function rules(): array
{
$rules = ApiKey::getRules();
return [
'description' => 'required|string|min:4',
'allowed_ips' => 'array',
'description' => $rules['memo'],
'allowed_ips' => $rules['allowed_ips'],
'allowed_ips.*' => 'ip',
];
}

View File

@ -121,6 +121,8 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
/**
* Test that a bad request results in a validation error being returned by the API.
*
* @see https://github.com/pterodactyl/panel/issues/2457
*/
public function testValidationErrorIsReturnedForBadRequests()
{
@ -135,6 +137,15 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
$response->assertStatus(Response::HTTP_UNPROCESSABLE_ENTITY);
$response->assertJsonPath('errors.0.meta.rule', 'required');
$response->assertJsonPath('errors.0.detail', 'The description field is required.');
$response = $this->actingAs($user)->postJson('/api/client/account/api-keys', [
'description' => str_repeat('a', 501),
'allowed_ips' => ['127.0.0.1'],
]);
$response->assertStatus(Response::HTTP_UNPROCESSABLE_ENTITY);
$response->assertJsonPath('errors.0.meta.rule', 'max');
$response->assertJsonPath('errors.0.detail', 'The description may not be greater than 500 characters.');
}
/**