Skip to content

Commit

Permalink
Handle invalid POST to action resources. (#54)
Browse files Browse the repository at this point in the history
  • Loading branch information
@mrstegeman
mrstegeman authored May 4, 2020
1 parent a643e40 commit e7ccbfb
Show file tree
Hide file tree
Showing 4 changed files with 70 additions and 48 deletions.
7 changes: 6 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

## [Unreleased]

## [0.12.2] - 2020-05-04
### Changed
- Invalid POST requests to action resources now generate an error status.

## [0.12.1] - 2020-03-27
### Added
- Support OPTIONS requests to allow for CORS.
Expand All @@ -24,7 +28,8 @@
### Changed
- Property, Action, and Event description now use `links` rather than `href`. - [Spec PR](https://github.com/mozilla-iot/wot/pull/119)

[Unreleased]: https://github.com/mozilla-iot/webthing-java/compare/v0.12.1...HEAD
[Unreleased]: https://github.com/mozilla-iot/webthing-java/compare/v0.12.2...HEAD
[0.12.2]: https://github.com/mozilla-iot/webthing-java/compare/v0.12.1...v0.12.2
[0.12.1]: https://github.com/mozilla-iot/webthing-java/compare/v0.12.0...v0.12.1
[0.12.0]: https://github.com/mozilla-iot/webthing-java/compare/v0.11.0...v0.12.0
[0.11.0]: https://github.com/mozilla-iot/webthing-java/compare/v0.10.0...v0.11.0
Expand Down
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

<groupId>org.mozilla.iot</groupId>
<artifactId>webthing</artifactId>
<version>0.12.1</version>
<version>0.12.2</version>

<name>WebThing</name>
<description>Implementation of an HTTP Web Thing.</description>
Expand Down
4 changes: 4 additions & 0 deletions src/main/java/org/mozilla/iot/webthing/Thing.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -756,6 +756,10 @@ public boolean validateActionInput(JSONObject actionInput) {
return true;
}

if (actionInput == null) {
actionInput = new JSONObject();
}

try {
this.schema.validate(actionInput);
} catch (ValidationException e) {
Expand Down
105 changes: 59 additions & 46 deletions src/main/java/org/mozilla/iot/webthing/WebThingServer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1224,35 +1224,40 @@ public Response post(UriResource uriResource,
}

try {
JSONObject response = new JSONObject();
JSONArray actionNames = json.names();
if (actionNames == null) {
if (actionNames == null || actionNames.length() != 1) {
return corsResponse(NanoHTTPD.newFixedLengthResponse(
Response.Status.BAD_REQUEST,
null,
null));
}

for (int i = 0; i < actionNames.length(); ++i) {
String actionName = actionNames.getString(i);
JSONObject params = json.getJSONObject(actionName);
JSONObject input = null;
if (params.has("input")) {
input = params.getJSONObject("input");
}

Action action = thing.performAction(actionName, input);
if (action != null) {
response.put(actionName,
action.asActionDescription()
.getJSONObject(actionName));

(new ActionRunner(action)).start();
}
String actionName = actionNames.getString(0);
JSONObject params = json.getJSONObject(actionName);
JSONObject input = null;
if (params.has("input")) {
input = params.getJSONObject("input");
}

Action action = thing.performAction(actionName, input);
if (action != null) {
JSONObject response = new JSONObject();
response.put(actionName,
action.asActionDescription()
.getJSONObject(actionName));

(new ActionRunner(action)).start();

return corsResponse(NanoHTTPD.newFixedLengthResponse(
Response.Status.CREATED,
"application/json",
response.toString()));
} else {
return corsResponse(NanoHTTPD.newFixedLengthResponse(
Response.Status.BAD_REQUEST,
null,
null));
}
return corsResponse(NanoHTTPD.newFixedLengthResponse(Response.Status.CREATED,
"application/json",
response.toString()));
} catch (JSONException e) {
return corsResponse(NanoHTTPD.newFixedLengthResponse(Response.Status.INTERNAL_ERROR,
null,
Expand Down Expand Up @@ -1352,39 +1357,47 @@ public Response post(UriResource uriResource,
String actionName = this.getActionName(uriResource, session);

try {
JSONObject response = new JSONObject();
JSONArray actionNames = json.names();
if (actionNames == null) {
if (actionNames == null || actionNames.length() != 1) {
return corsResponse(NanoHTTPD.newFixedLengthResponse(
Response.Status.BAD_REQUEST,
null,
null));
}

String name = actionNames.getString(0);
if (!name.equals(actionName)) {
return corsResponse(NanoHTTPD.newFixedLengthResponse(
Response.Status.BAD_REQUEST,
null,
null));
}

for (int i = 0; i < actionNames.length(); ++i) {
String name = actionNames.getString(i);
if (!name.equals(actionName)) {
continue;
}

JSONObject params = json.getJSONObject(name);
JSONObject input = null;
if (params.has("input")) {
input = params.getJSONObject("input");
}

Action action = thing.performAction(name, input);
if (action != null) {
response.put(name,
action.asActionDescription()
.getJSONObject(name));

(new ActionRunner(action)).start();
}
JSONObject params = json.getJSONObject(name);
JSONObject input = null;
if (params.has("input")) {
input = params.getJSONObject("input");
}

Action action = thing.performAction(name, input);
if (action != null) {
JSONObject response = new JSONObject();
response.put(name,
action.asActionDescription()
.getJSONObject(name));

(new ActionRunner(action)).start();

return corsResponse(NanoHTTPD.newFixedLengthResponse(
Response.Status.CREATED,
"application/json",
response.toString()));
} else {
return corsResponse(NanoHTTPD.newFixedLengthResponse(
Response.Status.BAD_REQUEST,
null,
null));
}
return corsResponse(NanoHTTPD.newFixedLengthResponse(Response.Status.CREATED,
"application/json",
response.toString()));
} catch (JSONException e) {
return corsResponse(NanoHTTPD.newFixedLengthResponse(Response.Status.INTERNAL_ERROR,
null,
Expand Down

0 comments on commit e7ccbfb

Please sign in to comment.