From 103fec16640c17d0feea756098581b34885c170e Mon Sep 17 00:00:00 2001 From: fogelito Date: Thu, 8 Feb 2024 18:10:25 +0200 Subject: [PATCH 1/7] parseQueries --- app/controllers/api/databases.php | 12 +++-- composer.lock | 45 ++++++++----------- phpunit.xml | 2 +- .../e2e/Services/Databases/DatabasesBase.php | 12 +++++ 4 files changed, 40 insertions(+), 31 deletions(-) diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php index c913fcca5d..51975405c7 100644 --- a/app/controllers/api/databases.php +++ b/app/controllers/api/databases.php @@ -2898,6 +2898,7 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') ->inject('dbForProject') ->inject('mode') ->action(function (string $databaseId, string $collectionId, array $queries, Response $response, Database $dbForProject, string $mode) { + var_dump("ininin 0"); $database = Authorization::skip(fn() => $dbForProject->getDocument('databases', $databaseId)); $isAPIKey = Auth::isAppUser(Authorization::getRoles()); $isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles()); @@ -2912,7 +2913,13 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); // todo: make this to all parseQueries places? + } catch (QueryException $e) { + // question: should this throw GENERAL_ARGUMENT_INVALID like all QueryException and get 500 ? + // or GENERAL_QUERY_INVALID and get 400? + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } // Get cursor document if there was a cursor query $cursor = \array_filter($queries, function ($query) { @@ -2933,14 +2940,13 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') $cursor->setValue($cursorDocument); } - try { $documents = $dbForProject->find('database_' . $database->getInternalId() . '_collection_' . $collection->getInternalId(), $queries); $total = $dbForProject->count('database_' . $database->getInternalId() . '_collection_' . $collection->getInternalId(), $queries, APP_LIMIT_COUNT); } catch (AuthorizationException) { throw new Exception(Exception::USER_UNAUTHORIZED); } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, $e->getMessage()); + throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, $e->getMessage()); // Should this GENERAL_QUERY_INVALID? or 500 is ok? } // Add $collectionId and $databaseId for all documents diff --git a/composer.lock b/composer.lock index 226d55e38f..1429dfe408 100644 --- a/composer.lock +++ b/composer.lock @@ -1029,16 +1029,16 @@ }, { "name": "symfony/polyfill-php80", - "version": "v1.28.0", + "version": "v1.29.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php80.git", - "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5" + "reference": "87b68208d5c1188808dd7839ee1e6c8ec3b02f1b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/6caa57379c4aec19c0a12a38b59b26487dcfe4b5", - "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5", + "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/87b68208d5c1188808dd7839ee1e6c8ec3b02f1b", + "reference": "87b68208d5c1188808dd7839ee1e6c8ec3b02f1b", "shasum": "" }, "require": { @@ -1046,9 +1046,6 @@ }, "type": "library", "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, "thanks": { "name": "symfony/polyfill", "url": "https://github.com/symfony/polyfill" @@ -1092,7 +1089,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php80/tree/v1.28.0" + "source": "https://github.com/symfony/polyfill-php80/tree/v1.29.0" }, "funding": [ { @@ -1108,7 +1105,7 @@ "type": "tidelift" } ], - "time": "2023-01-26T09:26:14+00:00" + "time": "2024-01-29T20:11:03+00:00" }, { "name": "thecodingmachine/safe", @@ -5123,16 +5120,16 @@ }, { "name": "symfony/polyfill-ctype", - "version": "v1.28.0", + "version": "v1.29.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-ctype.git", - "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb" + "reference": "ef4d7e442ca910c4764bce785146269b30cb5fc4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", - "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/ef4d7e442ca910c4764bce785146269b30cb5fc4", + "reference": "ef4d7e442ca910c4764bce785146269b30cb5fc4", "shasum": "" }, "require": { @@ -5146,9 +5143,6 @@ }, "type": "library", "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, "thanks": { "name": "symfony/polyfill", "url": "https://github.com/symfony/polyfill" @@ -5185,7 +5179,7 @@ "portable" ], "support": { - "source": "https://github.com/symfony/polyfill-ctype/tree/v1.28.0" + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.29.0" }, "funding": [ { @@ -5201,20 +5195,20 @@ "type": "tidelift" } ], - "time": "2023-01-26T09:26:14+00:00" + "time": "2024-01-29T20:11:03+00:00" }, { "name": "symfony/polyfill-mbstring", - "version": "v1.28.0", + "version": "v1.29.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "42292d99c55abe617799667f454222c54c60e229" + "reference": "9773676c8a1bb1f8d4340a62efe641cf76eda7ec" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/42292d99c55abe617799667f454222c54c60e229", - "reference": "42292d99c55abe617799667f454222c54c60e229", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/9773676c8a1bb1f8d4340a62efe641cf76eda7ec", + "reference": "9773676c8a1bb1f8d4340a62efe641cf76eda7ec", "shasum": "" }, "require": { @@ -5228,9 +5222,6 @@ }, "type": "library", "extra": { - "branch-alias": { - "dev-main": "1.28-dev" - }, "thanks": { "name": "symfony/polyfill", "url": "https://github.com/symfony/polyfill" @@ -5268,7 +5259,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.28.0" + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.29.0" }, "funding": [ { @@ -5284,7 +5275,7 @@ "type": "tidelift" } ], - "time": "2023-07-28T09:04:16+00:00" + "time": "2024-01-29T20:11:03+00:00" }, { "name": "textalk/websocket", diff --git a/phpunit.xml b/phpunit.xml index 90ebd4225f..e772866051 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -6,7 +6,7 @@ convertNoticesToExceptions="true" convertWarningsToExceptions="true" processIsolation="false" - stopOnFailure="false" + stopOnFailure="true" > diff --git a/tests/e2e/Services/Databases/DatabasesBase.php b/tests/e2e/Services/Databases/DatabasesBase.php index 7580d73711..60a6ca7cea 100644 --- a/tests/e2e/Services/Databases/DatabasesBase.php +++ b/tests/e2e/Services/Databases/DatabasesBase.php @@ -2034,6 +2034,18 @@ trait DatabasesBase $this->assertEquals(2017, $documents['body']['documents'][1]['releaseYear']); $this->assertCount(2, $documents['body']['documents']); + $documents = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents', array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + ], $this->getHeaders()), [ + 'queries' => [ + '{"method":"contains","attribute":"title","values":[bad]}' + ], + ]); + + $this->assertEquals(400, $documents['headers']['status-code']); + $this->assertEquals('Invalid query: Syntax error', $documents['body']['message']); + $documents = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents', array_merge([ 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], From 7176d7feab82f64a24b9231a08429dc19ba58b62 Mon Sep 17 00:00:00 2001 From: fogelito Date: Thu, 8 Feb 2024 18:12:43 +0200 Subject: [PATCH 2/7] Remove comment --- app/controllers/api/databases.php | 1 - 1 file changed, 1 deletion(-) diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php index 51975405c7..265ea3f6ca 100644 --- a/app/controllers/api/databases.php +++ b/app/controllers/api/databases.php @@ -2898,7 +2898,6 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') ->inject('dbForProject') ->inject('mode') ->action(function (string $databaseId, string $collectionId, array $queries, Response $response, Database $dbForProject, string $mode) { - var_dump("ininin 0"); $database = Authorization::skip(fn() => $dbForProject->getDocument('databases', $databaseId)); $isAPIKey = Auth::isAppUser(Authorization::getRoles()); $isPrivilegedUser = Auth::isPrivilegedUser(Authorization::getRoles()); From bcc6564e5b2163e0c3639459c7d68dc2765104aa Mon Sep 17 00:00:00 2001 From: fogelito Date: Thu, 8 Feb 2024 18:18:39 +0200 Subject: [PATCH 3/7] typo --- app/controllers/api/databases.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php index 265ea3f6ca..d7e4e00bca 100644 --- a/app/controllers/api/databases.php +++ b/app/controllers/api/databases.php @@ -2945,7 +2945,7 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') } catch (AuthorizationException) { throw new Exception(Exception::USER_UNAUTHORIZED); } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, $e->getMessage()); // Should this GENERAL_QUERY_INVALID? or 500 is ok? + throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, $e->getMessage()); // Should this be GENERAL_QUERY_INVALID? or 500 is ok? } // Add $collectionId and $databaseId for all documents From c4b5153abdf7b557fa9f8165f8af8862b050c40b Mon Sep 17 00:00:00 2001 From: fogelito Date: Mon, 12 Feb 2024 17:41:14 +0200 Subject: [PATCH 4/7] composer.lock --- composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/composer.lock b/composer.lock index 1429dfe408..971dbc0a75 100644 --- a/composer.lock +++ b/composer.lock @@ -1748,16 +1748,16 @@ }, { "name": "utopia-php/image", - "version": "0.6.0", + "version": "0.6.1", "source": { "type": "git", "url": "https://github.com/utopia-php/image.git", - "reference": "88f7209172bdabd81e76ac981c95fac117dc6e08" + "reference": "2d74c27e69e65a93cf94a16586598a04fe435bf0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/utopia-php/image/zipball/88f7209172bdabd81e76ac981c95fac117dc6e08", - "reference": "88f7209172bdabd81e76ac981c95fac117dc6e08", + "url": "https://api.github.com/repos/utopia-php/image/zipball/2d74c27e69e65a93cf94a16586598a04fe435bf0", + "reference": "2d74c27e69e65a93cf94a16586598a04fe435bf0", "shasum": "" }, "require": { @@ -1790,9 +1790,9 @@ ], "support": { "issues": "https://github.com/utopia-php/image/issues", - "source": "https://github.com/utopia-php/image/tree/0.6.0" + "source": "https://github.com/utopia-php/image/tree/0.6.1" }, - "time": "2024-01-24T06:59:44+00:00" + "time": "2024-02-05T13:31:44+00:00" }, { "name": "utopia-php/locale", From ace75b0786890ca52b4dab6b977f50af763389a3 Mon Sep 17 00:00:00 2001 From: fogelito Date: Mon, 12 Feb 2024 18:02:04 +0200 Subject: [PATCH 5/7] parseQueries --- app/controllers/api/account.php | 14 ++++++- app/controllers/api/databases.php | 60 +++++++++++++++++++++++------- app/controllers/api/functions.php | 19 ++++++++-- app/controllers/api/messaging.php | 59 ++++++++++++++++++++++++----- app/controllers/api/migrations.php | 7 +++- app/controllers/api/projects.php | 10 +++-- app/controllers/api/proxy.php | 7 +++- app/controllers/api/storage.php | 15 ++++++-- app/controllers/api/teams.php | 20 ++++++++-- app/controllers/api/users.php | 26 +++++++++++-- app/controllers/api/vcs.php | 7 +++- app/init.php | 1 + 12 files changed, 200 insertions(+), 45 deletions(-) diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index 911f366b18..c7b433b658 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -14,6 +14,7 @@ use Appwrite\Event\Mail; use Appwrite\Auth\Phrase; use Appwrite\Extend\Exception; use Appwrite\Network\Validator\Email; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Validator\Host; use Utopia\Validator\URL; use Utopia\Validator\Boolean; @@ -907,7 +908,11 @@ App::get('/v1/account/identities') ->inject('dbForProject') ->action(function (array $queries, Response $response, Document $user, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } $queries[] = Query::equal('userInternalId', [$user->getInternalId()]); @@ -2066,7 +2071,12 @@ App::get('/v1/account/logs') ->inject('dbForProject') ->action(function (array $queries, Response $response, Document $user, Locale $locale, Reader $geodb, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php index cbe6f7995f..444ccc1ec9 100644 --- a/app/controllers/api/databases.php +++ b/app/controllers/api/databases.php @@ -487,7 +487,11 @@ App::get('/v1/databases') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -567,7 +571,12 @@ App::get('/v1/databases/:databaseId/logs') throw new Exception(Exception::DATABASE_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -809,7 +818,11 @@ App::get('/v1/databases/:databaseId/collections') throw new Exception(Exception::DATABASE_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -908,7 +921,12 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/logs') throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -1662,7 +1680,11 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/attributes') throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } \array_push( $queries, @@ -2513,7 +2535,12 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/indexes') throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + \array_push($queries, Query::equal('collectionId', [$collectionId]), Query::equal('databaseId', [$databaseId])); // Get cursor document if there was a cursor query @@ -2922,10 +2949,8 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') } try { - $queries = Query::parseQueries($queries); // todo: make this to all parseQueries places? + $queries = Query::parseQueries($queries); } catch (QueryException $e) { - // question: should this throw GENERAL_ARGUMENT_INVALID like all QueryException and get 500 ? - // or GENERAL_QUERY_INVALID and get 400? throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); } @@ -2954,7 +2979,7 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents') } catch (AuthorizationException) { throw new Exception(Exception::USER_UNAUTHORIZED); } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, $e->getMessage()); // Should this be GENERAL_QUERY_INVALID? or 500 is ok? + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); } // Add $collectionId and $databaseId for all documents @@ -3052,14 +3077,18 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents/:documen throw new Exception(Exception::COLLECTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } try { $document = $dbForProject->getDocument('database_' . $database->getInternalId() . '_collection_' . $collection->getInternalId(), $documentId, $queries); } catch (AuthorizationException) { throw new Exception(Exception::USER_UNAUTHORIZED); } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, $e->getMessage()); + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); } if ($document->isEmpty()) { @@ -3148,7 +3177,12 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents/:documen throw new Exception(Exception::DOCUMENT_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; diff --git a/app/controllers/api/functions.php b/app/controllers/api/functions.php index 9c1f3cfa98..ea7571c6b8 100644 --- a/app/controllers/api/functions.php +++ b/app/controllers/api/functions.php @@ -12,6 +12,7 @@ use Appwrite\Utopia\Response\Model\Rule; use Appwrite\Extend\Exception; use Appwrite\Utopia\Database\Validator\CustomId; use Appwrite\Messaging\Adapter\Realtime; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Validator\Assoc; use Utopia\Database\Helpers\ID; use Utopia\Database\Helpers\Permission; @@ -366,7 +367,11 @@ App::get('/v1/functions') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -1256,7 +1261,11 @@ App::get('/v1/functions/:functionId/deployments') throw new Exception(Exception::FUNCTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -1794,7 +1803,11 @@ App::get('/v1/functions/:functionId/executions') throw new Exception(Exception::FUNCTION_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/messaging.php b/app/controllers/api/messaging.php index 25260e1071..056bc3648c 100644 --- a/app/controllers/api/messaging.php +++ b/app/controllers/api/messaging.php @@ -22,6 +22,7 @@ use Utopia\Audit\Audit; use Utopia\Database\Database; use Utopia\Database\Document; use Utopia\Database\Exception\Duplicate as DuplicateException; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Helpers\ID; use Utopia\Database\Query; use Utopia\Database\Validator\Authorization; @@ -837,7 +838,11 @@ App::get('/v1/messaging/providers') ->inject('dbForProject') ->inject('response') ->action(function (array $queries, string $search, Database $dbForProject, Response $response) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -888,7 +893,12 @@ App::get('/v1/messaging/providers/:providerId/logs') throw new Exception(Exception::PROVIDER_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -1944,7 +1954,11 @@ App::get('/v1/messaging/topics') ->inject('dbForProject') ->inject('response') ->action(function (array $queries, string $search, Database $dbForProject, Response $response) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -1995,7 +2009,12 @@ App::get('/v1/messaging/topics/:topicId/logs') throw new Exception(Exception::TOPIC_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -2258,7 +2277,11 @@ App::get('/v1/messaging/topics/:topicId/subscribers') ->inject('dbForProject') ->inject('response') ->action(function (string $topicId, array $queries, string $search, Database $dbForProject, Response $response) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -2331,7 +2354,12 @@ App::get('/v1/messaging/subscribers/:subscriberId/logs') throw new Exception(Exception::SUBSCRIBER_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -2845,7 +2873,11 @@ App::get('/v1/messaging/messages') ->inject('dbForProject') ->inject('response') ->action(function (array $queries, string $search, Database $dbForProject, Response $response) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -2896,7 +2928,12 @@ App::get('/v1/messaging/messages/:messageId/logs') throw new Exception(Exception::MESSAGE_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -2990,7 +3027,11 @@ App::get('/v1/messaging/messages/:messageId/targets') return; } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } $queries[] = Query::equal('$id', $targetIDs); diff --git a/app/controllers/api/migrations.php b/app/controllers/api/migrations.php index 87d3c12c99..7ccf531411 100644 --- a/app/controllers/api/migrations.php +++ b/app/controllers/api/migrations.php @@ -14,6 +14,7 @@ use Utopia\App; use Utopia\Database\Database; use Utopia\Database\DateTime; use Utopia\Database\Document; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Helpers\ID; use Utopia\Database\Query; use Utopia\Database\Validator\UID; @@ -384,7 +385,11 @@ App::get('/v1/migrations') ->inject('response') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 30f6b1f376..c8aab0829f 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -18,20 +18,18 @@ use Utopia\Audit\Audit; use Utopia\Cache\Cache; use Utopia\Config\Config; use Utopia\Database\Database; -use Utopia\Database\DateTime; use Utopia\Database\Document; use Utopia\Database\Exception\Duplicate; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Helpers\ID; use Utopia\Database\Helpers\Permission; use Utopia\Database\Helpers\Role; use Utopia\Database\Query; -use Utopia\Database\Validator\Authorization; use Utopia\Database\Validator\Datetime as DatetimeValidator; use Utopia\Database\Validator\UID; use Utopia\Domains\Validator\PublicDomain; use Utopia\Locale\Locale; use Utopia\Pools\Group; -use Utopia\Registry\Registry; use Utopia\Validator\ArrayList; use Utopia\Validator\Boolean; use Utopia\Validator\Hostname; @@ -241,7 +239,11 @@ App::get('/v1/projects') ->inject('dbForConsole') ->action(function (array $queries, string $search, Response $response, Database $dbForConsole) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/proxy.php b/app/controllers/api/proxy.php index 8d3f559d62..85e52599e6 100644 --- a/app/controllers/api/proxy.php +++ b/app/controllers/api/proxy.php @@ -10,6 +10,7 @@ use Appwrite\Utopia\Response; use Utopia\App; use Utopia\Database\Database; use Utopia\Database\Document; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Helpers\ID; use Utopia\Database\Query; use Utopia\Database\Validator\UID; @@ -156,7 +157,11 @@ App::get('/v1/proxy/rules') ->inject('project') ->inject('dbForConsole') ->action(function (array $queries, string $search, Response $response, Document $project, Database $dbForConsole) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/storage.php b/app/controllers/api/storage.php index fc5d00dfd0..ac4b3a5086 100644 --- a/app/controllers/api/storage.php +++ b/app/controllers/api/storage.php @@ -12,10 +12,10 @@ use Utopia\App; use Utopia\Config\Config; use Utopia\Database\Database; use Utopia\Database\Document; -use Utopia\Database\DateTime; use Utopia\Database\Exception\Duplicate; use Utopia\Database\Exception\Authorization as AuthorizationException; use Utopia\Database\Exception\Duplicate as DuplicateException; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Exception\Structure as StructureException; use Utopia\Database\Helpers\ID; use Utopia\Database\Helpers\Permission; @@ -42,7 +42,6 @@ use Utopia\Validator\HexColor; use Utopia\Validator\Range; use Utopia\Validator\Text; use Utopia\Validator\WhiteList; -use Utopia\DSN\DSN; use Utopia\Swoole\Request; use Utopia\Storage\Compression\Compression; @@ -161,7 +160,11 @@ App::get('/v1/storage/buckets') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -737,7 +740,11 @@ App::get('/v1/storage/buckets/:bucketId/files') throw new Exception(Exception::USER_UNAUTHORIZED); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index b8d0a8229c..eea7217912 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -9,6 +9,7 @@ use Appwrite\Event\Mail; use Appwrite\Event\Messaging; use Appwrite\Extend\Exception; use Appwrite\Network\Validator\Email; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Validator\Host; use Appwrite\Template\Template; use Appwrite\Utopia\Database\Validator\CustomId; @@ -146,7 +147,11 @@ App::get('/v1/teams') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -699,7 +704,11 @@ App::get('/v1/teams/:teamId/memberships') throw new Exception(Exception::TEAM_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -1100,7 +1109,12 @@ App::get('/v1/teams/:teamId/logs') throw new Exception(Exception::TEAM_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; diff --git a/app/controllers/api/users.php b/app/controllers/api/users.php index 375efe77cb..d2838ffe1f 100644 --- a/app/controllers/api/users.php +++ b/app/controllers/api/users.php @@ -11,6 +11,7 @@ use Appwrite\Network\Validator\Email; use Appwrite\Utopia\Database\Validator\CustomId; use Appwrite\Utopia\Database\Validator\Queries\Identities; use Appwrite\Utopia\Database\Validator\Queries\Targets; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Database\Validator\Queries; use Appwrite\Utopia\Database\Validator\Queries\Users; use Utopia\Database\Validator\Query\Limit; @@ -536,7 +537,11 @@ App::get('/v1/users') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); @@ -756,7 +761,12 @@ App::get('/v1/users/:userId/logs') throw new Exception(Exception::USER_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } + $grouped = Query::groupByType($queries); $limit = $grouped['limit'] ?? APP_LIMIT_COUNT; $offset = $grouped['offset'] ?? 0; @@ -834,7 +844,11 @@ App::get('/v1/users/:userId/targets') throw new Exception(Exception::USER_NOT_FOUND); } - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } $queries[] = Query::equal('userId', [$userId]); @@ -876,7 +890,11 @@ App::get('/v1/users/identities') ->inject('dbForProject') ->action(function (array $queries, string $search, Response $response, Database $dbForProject) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } if (!empty($search)) { $queries[] = Query::search('search', $search); diff --git a/app/controllers/api/vcs.php b/app/controllers/api/vcs.php index df18320cf2..6a9397eaef 100644 --- a/app/controllers/api/vcs.php +++ b/app/controllers/api/vcs.php @@ -4,6 +4,7 @@ use Appwrite\Auth\OAuth2\Github as OAuth2Github; use Utopia\App; use Appwrite\Event\Build; use Appwrite\Event\Delete; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Validator\Host; use Utopia\Database\Database; use Utopia\Database\Document; @@ -969,7 +970,11 @@ App::get('/v1/vcs/installations') ->inject('dbForProject') ->inject('dbForConsole') ->action(function (array $queries, string $search, Response $response, Document $project, Database $dbForProject, Database $dbForConsole) { - $queries = Query::parseQueries($queries); + try { + $queries = Query::parseQueries($queries); + } catch (QueryException $e) { + throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); + } $queries[] = Query::equal('projectInternalId', [$project->getInternalId()]); diff --git a/app/init.php b/app/init.php index 266c080c92..16cc9bf8c4 100644 --- a/app/init.php +++ b/app/init.php @@ -35,6 +35,7 @@ use Appwrite\OpenSSL\OpenSSL; use Appwrite\URL\URL as AppwriteURL; use Utopia\App; use Utopia\Database\Adapter\SQL; +use Utopia\Database\Exception\Query as QueryException; use Utopia\Logger\Logger; use Utopia\Cache\Adapter\Redis as RedisCache; use Utopia\Cache\Cache; From 4018224cc6f4e2283cd8181be08860c39e03e685 Mon Sep 17 00:00:00 2001 From: fogelito Date: Mon, 12 Feb 2024 18:06:37 +0200 Subject: [PATCH 6/7] parseQueries --- app/controllers/api/databases.php | 6 ------ 1 file changed, 6 deletions(-) diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php index 444ccc1ec9..f0b0783b02 100644 --- a/app/controllers/api/databases.php +++ b/app/controllers/api/databases.php @@ -19,7 +19,6 @@ use Utopia\App; use Utopia\Audit\Audit; use Utopia\Config\Config; use Utopia\Database\Database; -use Utopia\Database\DateTime; use Utopia\Database\Document; use Utopia\Database\Exception\Authorization as AuthorizationException; use Utopia\Database\Exception\Conflict as ConflictException; @@ -3079,11 +3078,6 @@ App::get('/v1/databases/:databaseId/collections/:collectionId/documents/:documen try { $queries = Query::parseQueries($queries); - } catch (QueryException $e) { - throw new Exception(Exception::GENERAL_QUERY_INVALID, $e->getMessage()); - } - - try { $document = $dbForProject->getDocument('database_' . $database->getInternalId() . '_collection_' . $collection->getInternalId(), $documentId, $queries); } catch (AuthorizationException) { throw new Exception(Exception::USER_UNAUTHORIZED); From 6f6b39ae20c4cecbb3efb5a1e98eef2a3dc47d65 Mon Sep 17 00:00:00 2001 From: fogelito Date: Mon, 12 Feb 2024 18:09:48 +0200 Subject: [PATCH 7/7] stopOnFailure --- phpunit.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpunit.xml b/phpunit.xml index e772866051..90ebd4225f 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -6,7 +6,7 @@ convertNoticesToExceptions="true" convertWarningsToExceptions="true" processIsolation="false" - stopOnFailure="true" + stopOnFailure="false" >