POST|PUT: Throw 400 if request body is not valid json

sukhwinder33445 · sukhwinder33445 · commit dcd74117c086 · 2024-07-05T11:13:54.000+02:00
diff --git a/application/controllers/ApiV1ContactgroupsController.php b/application/controllers/ApiV1ContactgroupsController.php
@@ -4,6 +4,7 @@
 
 namespace Icinga\Module\Notifications\Controllers;
 
+use Exception;
 use Icinga\Exception\Http\HttpBadRequestException;
 use Icinga\Exception\Http\HttpException;
 use Icinga\Exception\Http\HttpNotFoundException;
@@ -382,9 +383,14 @@ private function removeContactgroup(int $id): void
      */
     private function getValidatedData(): array
     {
-        $data = $this->getRequest()->getPost();
         $msgPrefix = 'Invalid request body: ';
 
+        try {
+            $data = $this->getRequest()->getPost();
+        } catch (Exception $e) {
+            $this->httpBadRequest($msgPrefix . 'given content is not a valid JSON');
+        }
+
         if (
             ! isset($data['id'], $data['name'])
             || ! is_string($data['id'])
diff --git a/application/controllers/ApiV1ContactsController.php b/application/controllers/ApiV1ContactsController.php
@@ -4,6 +4,7 @@
 
 namespace Icinga\Module\Notifications\Controllers;
 
+use Exception;
 use Icinga\Exception\Http\HttpBadRequestException;
 use Icinga\Exception\Http\HttpException;
 use Icinga\Exception\Http\HttpNotFoundException;
@@ -506,9 +507,14 @@ private function removeContact(int $id): void
      */
     private function getValidatedData(): array
     {
-        $data = $this->getRequest()->getPost();
         $msgPrefix = 'Invalid request body: ';
 
+        try {
+            $data = $this->getRequest()->getPost();
+        } catch (Exception $e) {
+            $this->httpBadRequest($msgPrefix . 'given content is not a valid JSON');
+        }
+
         if (
             ! isset($data['id'], $data['full_name'], $data['default_channel'])
             || ! is_string($data['id'])
