sunoru/mastodon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Ensure that boolean params in the API are parsed for truthiness (#6575)

Browse source 
Use Rails smart boolean cast to account for values such as "f",
"0", "false", etc. Previously, if a param was present in the request,
it would count as true.
This commit is contained in:
Eugen Rochko 2018-03-01 02:47:59 +01:00 committed by GitHub
parent 47bdb9b33b
commit fce8464077
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 13 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/api/base_controller.rb
View file

@ -51,6 +51,10 @@ class Api::BaseController < ApplicationController
[params[:limit].to_i.abs, default_limit * 2].min
end
def truthy_param?(key)
ActiveModel::Type::Boolean.new.cast(params[key])
end
def current_resource_owner
@current_user ||= User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
end