From 1561aaf788248bdba4a64fc105625b6cce93e56a Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Sun, 29 Sep 2024 16:00:38 +0400 Subject: [PATCH] remove query unescape usage --- controllers/middleware.go | 3 +-- controllers/user.go | 3 +-- logic/security.go | 3 +-- pro/controllers/users.go | 20 ++++++++++---------- 4 files changed, 13 insertions(+), 16 deletions(-) diff --git a/controllers/middleware.go b/controllers/middleware.go index bfc88aa4..fb2bef68 100644 --- a/controllers/middleware.go +++ b/controllers/middleware.go @@ -2,7 +2,6 @@ package controller import ( "net/http" - "net/url" "strings" "github.com/gorilla/mux" @@ -92,7 +91,7 @@ func userMiddleWare(handler http.Handler) http.Handler { if userID, ok := params["username"]; ok { r.Header.Set("TARGET_RSRC_ID", userID) } else { - username, _ := url.QueryUnescape(r.URL.Query().Get("username")) + username := r.URL.Query().Get("username") if username != "" { r.Header.Set("TARGET_RSRC_ID", username) } diff --git a/controllers/user.go b/controllers/user.go index e1166576..c48a1b1d 100644 --- a/controllers/user.go +++ b/controllers/user.go @@ -5,7 +5,6 @@ import ( "errors" "fmt" "net/http" - "net/url" "reflect" "github.com/gorilla/mux" @@ -240,7 +239,7 @@ func getUser(w http.ResponseWriter, r *http.Request) { func getUserV1(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") - usernameFetched, _ := url.QueryUnescape(r.URL.Query().Get("username")) + usernameFetched := r.URL.Query().Get("username") if usernameFetched == "" { logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("username is required"), "badrequest")) return diff --git a/logic/security.go b/logic/security.go index 84f7a3cf..f4c8a23e 100644 --- a/logic/security.go +++ b/logic/security.go @@ -2,7 +2,6 @@ package logic import ( "net/http" - "net/url" "strings" "github.com/gorilla/mux" @@ -97,7 +96,7 @@ func ContinueIfUserMatch(next http.Handler) http.HandlerFunc { var params = mux.Vars(r) var requestedUser = params["username"] if requestedUser == "" { - requestedUser, _ = url.QueryUnescape(r.URL.Query().Get("username")) + requestedUser = r.URL.Query().Get("username") } if requestedUser != r.Header.Get("user") { ReturnErrorResponse(w, r, errorResponse) diff --git a/pro/controllers/users.go b/pro/controllers/users.go index 0c6c4093..c8119b79 100644 --- a/pro/controllers/users.go +++ b/pro/controllers/users.go @@ -71,8 +71,8 @@ func UserHandlers(r *mux.Router) { // Responses: // 200: ReturnSuccessResponse func userInviteSignUp(w http.ResponseWriter, r *http.Request) { - email, _ := url.QueryUnescape(r.URL.Query().Get("email")) - code, _ := url.QueryUnescape(r.URL.Query().Get("invite_code")) + email := r.URL.Query().Get("email") + code := r.URL.Query().Get("invite_code") in, err := logic.GetUserInvite(email) if err != nil { logger.Log(0, "failed to fetch users: ", err.Error()) @@ -133,8 +133,8 @@ func userInviteSignUp(w http.ResponseWriter, r *http.Request) { // Responses: // 200: ReturnSuccessResponse func userInviteVerify(w http.ResponseWriter, r *http.Request) { - email, _ := url.QueryUnescape(r.URL.Query().Get("email")) - code, _ := url.QueryUnescape(r.URL.Query().Get("invite_code")) + email := r.URL.Query().Get("email") + code := r.URL.Query().Get("invite_code") err := logic.ValidateAndApproveUserInvite(email, code) if err != nil { logger.Log(0, "failed to fetch users: ", err.Error()) @@ -299,7 +299,7 @@ func listUserInvites(w http.ResponseWriter, r *http.Request) { // Responses: // 200: ReturnSuccessResponse func deleteUserInvite(w http.ResponseWriter, r *http.Request) { - email, _ := url.QueryUnescape(r.URL.Query().Get("invitee_email")) + email := r.URL.Query().Get("invitee_email") err := logic.DeleteUserInvite(email) if err != nil { logger.Log(0, "failed to delete user invite: ", email, err.Error()) @@ -365,7 +365,7 @@ func listUserGroups(w http.ResponseWriter, r *http.Request) { // 200: userBodyResponse func getUserGroup(w http.ResponseWriter, r *http.Request) { - gid, _ := url.QueryUnescape(r.URL.Query().Get("group_id")) + gid := r.URL.Query().Get("group_id") if gid == "" { logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("group id is required"), "badrequest")) return @@ -486,7 +486,7 @@ func updateUserGroup(w http.ResponseWriter, r *http.Request) { // @Failure 500 {object} models.ErrorResponse func deleteUserGroup(w http.ResponseWriter, r *http.Request) { - gid, _ := url.QueryUnescape(r.URL.Query().Get("group_id")) + gid := r.URL.Query().Get("group_id") if gid == "" { logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("group id is required"), "badrequest")) return @@ -512,7 +512,7 @@ func deleteUserGroup(w http.ResponseWriter, r *http.Request) { // @Success 200 {object} []models.UserRolePermissionTemplate // @Failure 500 {object} models.ErrorResponse func ListRoles(w http.ResponseWriter, r *http.Request) { - platform, _ := url.QueryUnescape(r.URL.Query().Get("platform")) + platform := r.URL.Query().Get("platform") var roles []models.UserRolePermissionTemplate var err error if platform == "true" { @@ -538,7 +538,7 @@ func ListRoles(w http.ResponseWriter, r *http.Request) { // @Success 200 {object} models.UserRolePermissionTemplate // @Failure 500 {object} models.ErrorResponse func getRole(w http.ResponseWriter, r *http.Request) { - rid, _ := url.QueryUnescape(r.URL.Query().Get("role_id")) + rid := r.URL.Query().Get("role_id") if rid == "" { logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("role is required"), "badrequest")) return @@ -628,7 +628,7 @@ func updateRole(w http.ResponseWriter, r *http.Request) { // @Failure 500 {object} models.ErrorResponse func deleteRole(w http.ResponseWriter, r *http.Request) { - rid, _ := url.QueryUnescape(r.URL.Query().Get("role_id")) + rid := r.URL.Query().Get("role_id") if rid == "" { logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("role is required"), "badrequest")) return