einundzwanzig/einundzwanzig-app
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git synced 2026-06-11 02:50:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

**Enhance input validation and error handling across APIs**

Browse Source 
- 🛠️ Refactored controllers to utilize `FiltersNumericIds` concern, ensuring secure numeric ID filtering and avoiding type-sensitive errors in queries.
-  Added feature tests to validate robust input hardening for non-numeric or malformed query parameters (`user_id`, `selected[]`).
- 🔒 Introduced `PublicPropertyNotFoundException` handling in Livewire, returning 400 for invalid property probes and suppressing unnecessary log entries.
-  Updated `MeetupEventController` to handle invalid date formats gracefully, aborting with a 400 response instead of 500.
-  Expanded exception handling pipeline for enhanced resilience against malformed input, bot noise, and exploitable probes.
This commit is contained in:
HolgerHatGarKeineNode
2026-06-08 02:53:44 +02:00
parent 3b93e22e95
commit 3cad5f5636
11 changed files with 132 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Controllers/Api/CityController.php
+4 -2
View File
@@ -2,6 +2,7 @@
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Api\Concerns\FiltersNumericIds;
use App\Http\Controllers\Controller;
use App\Http\Requests\Api\StoreCityRequest;
use App\Http\Requests\Api\UpdateCityRequest;
@@ -20,6 +21,8 @@ use Symfony\Component\HttpFoundation\Response;
#[Group(name: 'Stammdaten', weight: 5)]
class CityController extends Controller
{
use FiltersNumericIds;
/**
* Städte auflisten und durchsuchen
*
@@ -40,8 +43,7 @@ class CityController extends Controller
)
->when(
$request->exists('selected'),
fn (Builder $query) => $query->whereIn('id',
$request->input('selected', [])),
fn (Builder $query) => $query->whereIn('id', $this->numericIds($request)),
fn (Builder $query) => $query->limit(10)
)
->get();