ifttt: Strengthen types using WildValue.

2022-10-08 22:57:08 +05:30 · 2022-10-08 22:57:08 +05:30 · 4210ab6c41
parent 71abbbdd7a
commit 4210ab6c41
2 changed files with 18 additions and 17 deletions
--- a/zerver/webhooks/ifttt/tests.py
+++ b/zerver/webhooks/ifttt/tests.py
@ -33,10 +33,10 @@ class IFTTTHookTests(WebhookTestCase):
        self.url = self.build_webhook_url()
        payload = self.get_body("invalid_payload_with_dict_topic")
        result = self.client_post(self.url, payload, content_type="application/json")
-        self.assert_json_error(result, "Topic must be a string")
+        self.assert_json_error(result, "Malformed payload")

    def test_ifttt_when_content_is_dict(self) -> None:
        self.url = self.build_webhook_url()
        payload = self.get_body("invalid_payload_with_dict_content")
        result = self.client_post(self.url, payload, content_type="application/json")
-        self.assert_json_error(result, "Content must be a string")
+        self.assert_json_error(result, "Malformed payload")
--- a/zerver/webhooks/ifttt/view.py
+++ b/zerver/webhooks/ifttt/view.py
@ -1,5 +1,4 @@
-from typing import Any, Dict
-
+from django.core.exceptions import ValidationError
 from django.http import HttpRequest, HttpResponse
 from django.utils.translation import gettext as _

@ -7,6 +6,7 @@ from zerver.decorator import webhook_view
 from zerver.lib.exceptions import JsonableError
 from zerver.lib.request import REQ, has_request_variables
 from zerver.lib.response import json_success
+from zerver.lib.validator import WildValue, check_none_or, check_string, to_wild_value
 from zerver.lib.webhooks.common import check_send_webhook_message
 from zerver.models import UserProfile

@ -16,24 +16,25 @@ from zerver.models import UserProfile
 def api_iftt_app_webhook(
    request: HttpRequest,
    user_profile: UserProfile,
-    payload: Dict[str, Any] = REQ(argument_type="body"),
+    payload: WildValue = REQ(argument_type="body", converter=to_wild_value),
 ) -> HttpResponse:
-    topic = payload.get("topic")
-    content = payload.get("content")

-    if topic is None:
-        topic = payload.get("subject")  # Backwards-compatibility
+    try:
+        topic = payload.get("topic").tame(check_none_or(check_string))
+        content = payload.get("content").tame(check_none_or(check_string))
+
        if topic is None:
-            raise JsonableError(_("Topic can't be empty"))
+            topic = payload.get("subject").tame(
+                check_none_or(check_string)
+            )  # Backwards-compatibility
+            if topic is None:
+                raise JsonableError(_("Topic can't be empty"))

-    if content is None:
-        raise JsonableError(_("Content can't be empty"))
+        if content is None:
+            raise JsonableError(_("Content can't be empty"))

-    if not isinstance(topic, str):
-        raise JsonableError(_("Topic must be a string"))
-
-    if not isinstance(content, str):
-        raise JsonableError(_("Content must be a string"))
+    except ValidationError:
+        raise JsonableError(_("Malformed payload"))

    check_send_webhook_message(request, user_profile, topic, content)
    return json_success(request)