Mirror
/
app-MAIL-temp
mirror of https://github.com/simple-login/app.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enforce int params in routes (#1159) 

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
This commit is contained in:
Adrià Casajús 2022-07-15 17:10:00 +02:00 committed by GitHub
parent f367acbeaf
commit 67be5ba050
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/api/views/mailbox.py
View File

@ -71,7 +71,7 @@ def create_mailbox():
)
@api_bp.route("/mailboxes/<mailbox_id>", methods=["DELETE"])
@api_bp.route("/mailboxes/<int:mailbox_id>", methods=["DELETE"])
@require_api_auth
def delete_mailbox(mailbox_id):
"""
@ -103,7 +103,7 @@ def delete_mailbox(mailbox_id):
return jsonify(deleted=True), 200
@api_bp.route("/mailboxes/<mailbox_id>", methods=["PUT"])
@api_bp.route("/mailboxes/<int:mailbox_id>", methods=["PUT"])
@require_api_auth
def update_mailbox(mailbox_id):
"""

2
app/api/views/notification.py
View File

@ -60,7 +60,7 @@ def get_notifications():
)
@api_bp.route("/notifications/<notification_id>/read", methods=["POST"])
@api_bp.route("/notifications/<int:notification_id>/read", methods=["POST"])
@require_api_auth
def mark_as_read(notification_id):
"""

2
app/api/views/phone.py
View File

@ -9,7 +9,7 @@ from app.models import (
)
@api_bp.route("/phone/reservations/<reservation_id>", methods=["GET", "POST"])
@api_bp.route("/phone/reservations/<int:reservation_id>", methods=["GET", "POST"])
@require_api_auth
def phone_messages(reservation_id):
"""

2
app/dashboard/views/alias_contact_manager.py
View File

@ -229,7 +229,7 @@ def delete_contact(alias: Alias, contact_id: int):
flash(f"Reverse-alias for {delete_contact_email} has been deleted", "success")
@dashboard_bp.route("/alias_contact_manager/<alias_id>/", methods=["GET", "POST"])
@dashboard_bp.route("/alias_contact_manager/<int:alias_id>/", methods=["GET", "POST"])
@login_required
def alias_contact_manager(alias_id):
highlight_contact_id = None

2
app/phone/views/phone_reservation.py
View File

@ -9,7 +9,7 @@ from app.phone.base import phone_bp
current_user: User
@phone_bp.route("/reservation/<reservation_id>", methods=["GET", "POST"])
@phone_bp.route("/reservation/<int:reservation_id>", methods=["GET", "POST"])
@login_required
def reservation_route(reservation_id: int):
reservation: PhoneReservation = PhoneReservation.get(reservation_id)