From ace75b0786890ca52b4dab6b977f50af763389a3 Mon Sep 17 00:00:00 2001 From: fogelito Date: Mon, 12 Feb 2024 18:02:04 +0200 Subject: [PATCH] parseQueries --- app/controllers/api/account.php | 14 ++++++- app/controllers/api/databases.php | 60 +++++++++++++++++++++++------- app/controllers/api/functions.php | 19 ++++++++-- app/controllers/api/messaging.php | 59 ++++++++++++++++++++++++----- app/controllers/api/migrations.php | 7 +++- app/controllers/api/projects.php | 10 +++-- app/controllers/api/proxy.php | 7 +++- app/controllers/api/storage.php | 15 ++++++-- app/controllers/api/teams.php | 20 ++++++++-- app/controllers/api/users.php | 26 +++++++++++-- app/controllers/api/vcs.php | 7 +++- app/init.php | 1 + 12 files changed, 200 insertions(+), 45 deletions(-) diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 911f366b1..c7b433b65 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -14,6 +14,7 @@ use Appwrite\Event\Mail; use Appwrite\Auth\Phrase; use Appwrite\Extend\Exception; use Appwrite\Network\Validator\Email; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Validator\Host; use Utopia\Validator\URL; use Utopia\Validator\Boolean; @@ -907,7 +908,11 @@ App::get('/v1/account/identities') ->inject('dbForProject') ->action(function (array $queries, Response $response, Document $user, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } $queries[] = Query::equal('userInternalId', [$user->getInternalId()]); @@ -2066,7 +2071,12 @@ App::get('/v1/account/logs') ->inject('dbForProject') ->action(function (array $queries, Response $response, Document $user, Locale $locale, Reader $geodb, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php index cbe6f7995..444ccc1ec 100644 --- a/app/controllers/api/databases.php +++ b/app/controllers/api/databases.php @@ -487,7 +487,11 @@ App::get('/v1/databases') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -567,7 +571,12 @@ App::get('/v1/databases/:databaseId/logs') throw new Exception(Exception::DATABASE_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -809,7 +818,11 @@ App::get('/v1/databases/:databaseId/collections') throw new Exception(Exception::DATABASE_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -908,7 +921,12 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/logs') throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -1662,7 +1680,11 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/attributes') throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } \array_push( $queries, @@ -2513,7 +2535,12 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/indexes') throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + \array_push($queries, Query::equal('collectionId', [$collectionId]), Query::equal('databaseId', [$databaseId])); // Get cursor document if there was a cursor query @@ -2922,10 +2949,8 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') } try { - $queries = Query::parseQueries($queries); // todo: make this to all parseQueries places? + $queries = Query::parseQueries($queries); } catch (QueryException $e) { - // question: should this throw GENERAL_ARGUMENT_INVALID like all QueryException and get 500 ? - // or GENERAL_QUERY_INVALID and get 400? throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); } @@ -2954,7 +2979,7 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') } catch (AuthorizationException) { throw new Exception(Exception::USER_UNAUTHORIZED); } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, $e->getMessage()); // Should this be GENERAL_QUERY_INVALID? or 500 is ok? + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); } // Add $collectionId and $databaseId for all documents @@ -3052,14 +3077,18 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents/:documen throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } try { $document = $dbForProject->getDocument('database_' . $database->getInternalId() . '_collection_' . $collection->getInternalId(), $documentId, $queries); } catch (AuthorizationException) { throw new Exception(Exception::USER_UNAUTHORIZED); } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, $e->getMessage()); + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); } if ($document->isEmpty()) { @@ -3148,7 +3177,12 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents/:documen throw new Exception(Exception::DOCUMENT_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; diff --git a/app/controllers/api/functions.php b/app/controllers/api/functions.php index 9c1f3cfa9..ea7571c6b 100644 --- a/app/controllers/api/functions.php +++ b/app/controllers/api/functions.php @@ -12,6 +12,7 @@ use Appwrite\Utopia\Response\Model\Rule; use Appwrite\Extend\Exception; use Appwrite\Utopia\Database\Validator\CustomId; use Appwrite\Messaging\Adapter\Realtime; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Validator\Assoc; use Utopia\Database\Helpers\ID; use Utopia\Database\Helpers\Permission; @@ -366,7 +367,11 @@ App::get('/v1/functions') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -1256,7 +1261,11 @@ App::get('/v1/functions/:functionId/deployments') throw new Exception(Exception::FUNCTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -1794,7 +1803,11 @@ App::get('/v1/functions/:functionId/executions') throw new Exception(Exception::FUNCTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/messaging.php b/app/controllers/api/messaging.php index 25260e107..056bc3648 100644 --- a/app/controllers/api/messaging.php +++ b/app/controllers/api/messaging.php @@ -22,6 +22,7 @@ use Utopia\Audit\Audit; use Utopia\Database\Database; use Utopia\Database\Document; use Utopia\Database\Exception\Duplicate as DuplicateException; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Helpers\ID; use Utopia\Database\Query; use Utopia\Database\Validator\Authorization; @@ -837,7 +838,11 @@ App::get('/v1/messaging/providers') ->inject('dbForProject') ->inject('response') ->action(function (array $queries, string $search, Database $dbForProject, Response $response) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -888,7 +893,12 @@ App::get('/v1/messaging/providers/:providerId/logs') throw new Exception(Exception::PROVIDER_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -1944,7 +1954,11 @@ App::get('/v1/messaging/topics') ->inject('dbForProject') ->inject('response') ->action(function (array $queries, string $search, Database $dbForProject, Response $response) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -1995,7 +2009,12 @@ App::get('/v1/messaging/topics/:topicId/logs') throw new Exception(Exception::TOPIC_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -2258,7 +2277,11 @@ App::get('/v1/messaging/topics/:topicId/subscribers') ->inject('dbForProject') ->inject('response') ->action(function (string $topicId, array $queries, string $search, Database $dbForProject, Response $response) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -2331,7 +2354,12 @@ App::get('/v1/messaging/subscribers/:subscriberId/logs') throw new Exception(Exception::SUBSCRIBER_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -2845,7 +2873,11 @@ App::get('/v1/messaging/messages') ->inject('dbForProject') ->inject('response') ->action(function (array $queries, string $search, Database $dbForProject, Response $response) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -2896,7 +2928,12 @@ App::get('/v1/messaging/messages/:messageId/logs') throw new Exception(Exception::MESSAGE_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -2990,7 +3027,11 @@ App::get('/v1/messaging/messages/:messageId/targets') return; } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } $queries[] = Query::equal('$id', $targetIDs); diff --git a/app/controllers/api/migrations.php b/app/controllers/api/migrations.php index 87d3c12c9..7ccf53141 100644 --- a/app/controllers/api/migrations.php +++ b/app/controllers/api/migrations.php @@ -14,6 +14,7 @@ use Utopia\App; use Utopia\Database\Database; use Utopia\Database\DateTime; use Utopia\Database\Document; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Helpers\ID; use Utopia\Database\Query; use Utopia\Database\Validator\UID; @@ -384,7 +385,11 @@ App::get('/v1/migrations') ->inject('response') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 30f6b1f37..c8aab0829 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -18,20 +18,18 @@ use Utopia\Audit\Audit; use Utopia\Cache\Cache; use Utopia\Config\Config; use Utopia\Database\Database; -use Utopia\Database\DateTime; use Utopia\Database\Document; use Utopia\Database\Exception\Duplicate; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Helpers\ID; use Utopia\Database\Helpers\Permission; use Utopia\Database\Helpers\Role; use Utopia\Database\Query; -use Utopia\Database\Validator\Authorization; use Utopia\Database\Validator\Datetime as DatetimeValidator; use Utopia\Database\Validator\UID; use Utopia\Domains\Validator\PublicDomain; use Utopia\Locale\Locale; use Utopia\Pools\Group; -use Utopia\Registry\Registry; use Utopia\Validator\ArrayList; use Utopia\Validator\Boolean; use Utopia\Validator\Hostname; @@ -241,7 +239,11 @@ App::get('/v1/projects') ->inject('dbForConsole') ->action(function (array $queries, string $search, Response $response, Database $dbForConsole) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/proxy.php b/app/controllers/api/proxy.php index 8d3f559d6..85e52599e 100644 --- a/app/controllers/api/proxy.php +++ b/app/controllers/api/proxy.php @@ -10,6 +10,7 @@ use Appwrite\Utopia\Response; use Utopia\App; use Utopia\Database\Database; use Utopia\Database\Document; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Helpers\ID; use Utopia\Database\Query; use Utopia\Database\Validator\UID; @@ -156,7 +157,11 @@ App::get('/v1/proxy/rules') ->inject('project') ->inject('dbForConsole') ->action(function (array $queries, string $search, Response $response, Document $project, Database $dbForConsole) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/storage.php b/app/controllers/api/storage.php index fc5d00dfd..ac4b3a508 100644 --- a/app/controllers/api/storage.php +++ b/app/controllers/api/storage.php @@ -12,10 +12,10 @@ use Utopia\App; use Utopia\Config\Config; use Utopia\Database\Database; use Utopia\Database\Document; -use Utopia\Database\DateTime; use Utopia\Database\Exception\Duplicate; use Utopia\Database\Exception\Authorization as AuthorizationException; use Utopia\Database\Exception\Duplicate as DuplicateException; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Exception\Structure as StructureException; use Utopia\Database\Helpers\ID; use Utopia\Database\Helpers\Permission; @@ -42,7 +42,6 @@ use Utopia\Validator\HexColor; use Utopia\Validator\Range; use Utopia\Validator\Text; use Utopia\Validator\WhiteList; -use Utopia\DSN\DSN; use Utopia\Swoole\Request; use Utopia\Storage\Compression\Compression; @@ -161,7 +160,11 @@ App::get('/v1/storage/buckets') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -737,7 +740,11 @@ App::get('/v1/storage/buckets/:bucketId/files') throw new Exception(Exception::USER_UNAUTHORIZED); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index b8d0a8229..eea721791 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -9,6 +9,7 @@ use Appwrite\Event\Mail; use Appwrite\Event\Messaging; use Appwrite\Extend\Exception; use Appwrite\Network\Validator\Email; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Validator\Host; use Appwrite\Template\Template; use Appwrite\Utopia\Database\Validator\CustomId; @@ -146,7 +147,11 @@ App::get('/v1/teams') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -699,7 +704,11 @@ App::get('/v1/teams/:teamId/memberships') throw new Exception(Exception::TEAM_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -1100,7 +1109,12 @@ App::get('/v1/teams/:teamId/logs') throw new Exception(Exception::TEAM_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; diff --git a/app/controllers/api/users.php b/app/controllers/api/users.php index 375efe77c..d2838ffe1 100644 --- a/app/controllers/api/users.php +++ b/app/controllers/api/users.php @@ -11,6 +11,7 @@ use Appwrite\Network\Validator\Email; use Appwrite\Utopia\Database\Validator\CustomId; use Appwrite\Utopia\Database\Validator\Queries\Identities; use Appwrite\Utopia\Database\Validator\Queries\Targets; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Validator\Queries; use Appwrite\Utopia\Database\Validator\Queries\Users; use Utopia\Database\Validator\Query\Limit; @@ -536,7 +537,11 @@ App::get('/v1/users') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -756,7 +761,12 @@ App::get('/v1/users/:userId/logs') throw new Exception(Exception::USER_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -834,7 +844,11 @@ App::get('/v1/users/:userId/targets') throw new Exception(Exception::USER_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } $queries[] = Query::equal('userId', [$userId]); @@ -876,7 +890,11 @@ App::get('/v1/users/identities') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/vcs.php b/app/controllers/api/vcs.php index df18320cf..6a9397eae 100644 --- a/app/controllers/api/vcs.php +++ b/app/controllers/api/vcs.php @@ -4,6 +4,7 @@ use Appwrite\Auth\OAuth2\Github as OAuth2Github; use Utopia\App; use Appwrite\Event\Build; use Appwrite\Event\Delete; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Validator\Host; use Utopia\Database\Database; use Utopia\Database\Document; @@ -969,7 +970,11 @@ App::get('/v1/vcs/installations') ->inject('dbForProject') ->inject('dbForConsole') ->action(function (array $queries, string $search, Response $response, Document $project, Database $dbForProject, Database $dbForConsole) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } $queries[] = Query::equal('projectInternalId', [$project->getInternalId()]); diff --git a/app/init.php b/app/init.php index 266c080c9..16cc9bf8c 100644 --- a/app/init.php +++ b/app/init.php @@ -35,6 +35,7 @@ use Appwrite\OpenSSL\OpenSSL; use Appwrite\URL\URL as AppwriteURL; use Utopia\App; use Utopia\Database\Adapter\SQL; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Logger\Logger; use Utopia\Cache\Adapter\Redis as RedisCache; use Utopia\Cache\Cache;