Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #3377269 by _tarik_, ReINFaTe, smustgrave, bbrala: Warning: Undefined array key "id" in Drupal\jsonapi\Controller\EntityResource->patchIndividual()

merge-requests/6490/head
Dave Long 2024-02-07 14:40:31 +00:00
parent 1bcfd82ce8
commit b930619b05
No known key found for this signature in database
GPG Key ID: ED52AE211E142771
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/modules/jsonapi/src/Controller/EntityResource.php
View File

@ -315,11 +315,11 @@ class EntityResource {
$body = Json::decode($request->getContent());
$data = $body['data'];
if ($data['id'] != $entity->uuid()) {
if (!isset($data['id']) || $data['id'] != $entity->uuid()) {
throw new BadRequestHttpException(sprintf(
'The selected entity (%s) does not match the ID in the payload (%s).',
$entity->uuid(),
$data['id']
$data['id'] ?? '',
));
}
$data += ['attributes' => [], 'relationships' => []];

10
core/modules/jsonapi/tests/src/Functional/ResourceTestBase.php
View File

@ -2200,6 +2200,10 @@ abstract class ResourceTestBase extends BrowserTestBase {
if ($this->entity instanceof FieldableEntityInterface && $this->entity->hasField('field_jsonapi_test_entity_ref')) {
$parseable_invalid_request_body_5 = Json::encode(NestedArray::mergeDeep(['data' => ['attributes' => ['field_jsonapi_test_entity_ref' => ['target_id' => $this->randomString()]]]], $this->getPostDocument()));
}
// Invalid PATCH request with missing id key.
$parseable_invalid_request_body_6 = $this->getPatchDocument();
unset($parseable_invalid_request_body_6['data']['id']);
$parseable_invalid_request_body_6 = Json::encode($parseable_invalid_request_body_6);
// The URL and Guzzle request options that will be used in this test. The
// request options will be modified/expanded throughout this test:
@ -2304,6 +2308,12 @@ abstract class ResourceTestBase extends BrowserTestBase {
$this->assertResourceErrorResponse(422, "The following relationship fields were provided as attributes: [ field_jsonapi_test_entity_ref ]", $url, $response, FALSE);
}
// DX: 400 when request document doesn't contain id.
// This also tests that no PHP warnings raised due to non-existent key.
$request_options[RequestOptions::BODY] = $parseable_invalid_request_body_6;
$response = $this->request('PATCH', $url, $request_options);
$this->assertResourceResponse(400, FALSE, $response);
// 200 for well-formed PATCH request that sends all fields (even including
// read-only ones, but with unchanged values).
$valid_request_body = NestedArray::mergeDeep($this->normalize($this->entity, $url), $this->getPatchDocument());