Correctly validate description for API keys to match model expectations; closes #2457

This commit is contained in:
Dane Everitt 2020-10-10 17:15:30 -07:00
parent 1f28fb94e2
commit 1f7fe093ae
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
2 changed files with 16 additions and 2 deletions

View file

@ -2,6 +2,7 @@
namespace Pterodactyl\Http\Requests\Api\Client\Account; namespace Pterodactyl\Http\Requests\Api\Client\Account;
use Pterodactyl\Models\ApiKey;
use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest; use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
class StoreApiKeyRequest extends ClientApiRequest class StoreApiKeyRequest extends ClientApiRequest
@ -11,9 +12,11 @@ class StoreApiKeyRequest extends ClientApiRequest
*/ */
public function rules(): array public function rules(): array
{ {
$rules = ApiKey::getRules();
return [ return [
'description' => 'required|string|min:4', 'description' => $rules['memo'],
'allowed_ips' => 'array', 'allowed_ips' => $rules['allowed_ips'],
'allowed_ips.*' => 'ip', 'allowed_ips.*' => 'ip',
]; ];
} }

View file

@ -121,6 +121,8 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
/** /**
* Test that a bad request results in a validation error being returned by the API. * Test that a bad request results in a validation error being returned by the API.
*
* @see https://github.com/pterodactyl/panel/issues/2457
*/ */
public function testValidationErrorIsReturnedForBadRequests() public function testValidationErrorIsReturnedForBadRequests()
{ {
@ -135,6 +137,15 @@ class ApiKeyControllerTest extends ClientApiIntegrationTestCase
$response->assertStatus(Response::HTTP_UNPROCESSABLE_ENTITY); $response->assertStatus(Response::HTTP_UNPROCESSABLE_ENTITY);
$response->assertJsonPath('errors.0.meta.rule', 'required'); $response->assertJsonPath('errors.0.meta.rule', 'required');
$response->assertJsonPath('errors.0.detail', 'The description field is required.'); $response->assertJsonPath('errors.0.detail', 'The description field is required.');
$response = $this->actingAs($user)->postJson('/api/client/account/api-keys', [
'description' => str_repeat('a', 501),
'allowed_ips' => ['127.0.0.1'],
]);
$response->assertStatus(Response::HTTP_UNPROCESSABLE_ENTITY);
$response->assertJsonPath('errors.0.meta.rule', 'max');
$response->assertJsonPath('errors.0.detail', 'The description may not be greater than 500 characters.');
} }
/** /**