Bug 35129: Return 400 if _per_page=0 passed

This patch adds a safe guard for when consumers pass _per_page=0 to
endpoints. This condition is checked for on a centralized place and
avoid reaching the controller in such scenarios that would provoke a
division by zero exception.

To test:
1. Apply the regression tests patch
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/api/v1/pagination.t
=> FAIL: We expect a 400, but get a 500 instead
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! No more explosions for this!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 308bb0830c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit b1e9ef93f2)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
This commit is contained in:
Tomás Cohen Arazi 2024-03-18 12:49:20 -03:00 committed by Lucas Gass
parent 92053898a1
commit 25724e8f3e

View file

@ -352,6 +352,9 @@ sub validate_query_parameters {
push @errors, { path => "/query/" . $param, message => 'Malformed query string' } unless exists $valid_parameters{$param}; push @errors, { path => "/query/" . $param, message => 'Malformed query string' } unless exists $valid_parameters{$param};
} }
push @errors, { path => "/query/_per_page", message => 'Invalid value: 0' }
if exists $existing_params->{_per_page} && $existing_params->{_per_page} == 0;
Koha::Exceptions::BadParameter->throw( Koha::Exceptions::BadParameter->throw(
error => \@errors error => \@errors
) if @errors; ) if @errors;