Enforce int params in routes (#1159)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
This commit is contained in:
parent
f367acbeaf
commit
67be5ba050
|
@ -71,7 +71,7 @@ def create_mailbox():
|
|||
)
|
||||
|
||||
|
||||
@api_bp.route("/mailboxes/<mailbox_id>", methods=["DELETE"])
|
||||
@api_bp.route("/mailboxes/<int:mailbox_id>", methods=["DELETE"])
|
||||
@require_api_auth
|
||||
def delete_mailbox(mailbox_id):
|
||||
"""
|
||||
|
@ -103,7 +103,7 @@ def delete_mailbox(mailbox_id):
|
|||
return jsonify(deleted=True), 200
|
||||
|
||||
|
||||
@api_bp.route("/mailboxes/<mailbox_id>", methods=["PUT"])
|
||||
@api_bp.route("/mailboxes/<int:mailbox_id>", methods=["PUT"])
|
||||
@require_api_auth
|
||||
def update_mailbox(mailbox_id):
|
||||
"""
|
||||
|
|
|
@ -60,7 +60,7 @@ def get_notifications():
|
|||
)
|
||||
|
||||
|
||||
@api_bp.route("/notifications/<notification_id>/read", methods=["POST"])
|
||||
@api_bp.route("/notifications/<int:notification_id>/read", methods=["POST"])
|
||||
@require_api_auth
|
||||
def mark_as_read(notification_id):
|
||||
"""
|
||||
|
|
|
@ -9,7 +9,7 @@ from app.models import (
|
|||
)
|
||||
|
||||
|
||||
@api_bp.route("/phone/reservations/<reservation_id>", methods=["GET", "POST"])
|
||||
@api_bp.route("/phone/reservations/<int:reservation_id>", methods=["GET", "POST"])
|
||||
@require_api_auth
|
||||
def phone_messages(reservation_id):
|
||||
"""
|
||||
|
|
|
@ -229,7 +229,7 @@ def delete_contact(alias: Alias, contact_id: int):
|
|||
flash(f"Reverse-alias for {delete_contact_email} has been deleted", "success")
|
||||
|
||||
|
||||
@dashboard_bp.route("/alias_contact_manager/<alias_id>/", methods=["GET", "POST"])
|
||||
@dashboard_bp.route("/alias_contact_manager/<int:alias_id>/", methods=["GET", "POST"])
|
||||
@login_required
|
||||
def alias_contact_manager(alias_id):
|
||||
highlight_contact_id = None
|
||||
|
|
|
@ -9,7 +9,7 @@ from app.phone.base import phone_bp
|
|||
current_user: User
|
||||
|
||||
|
||||
@phone_bp.route("/reservation/<reservation_id>", methods=["GET", "POST"])
|
||||
@phone_bp.route("/reservation/<int:reservation_id>", methods=["GET", "POST"])
|
||||
@login_required
|
||||
def reservation_route(reservation_id: int):
|
||||
reservation: PhoneReservation = PhoneReservation.get(reservation_id)
|
||||
|
|
Loading…
Reference in New Issue