From dbe4acd47d7189bcb27f8417d9291fb2a5bb9777 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gina=20H=C3=A4u=C3=9Fge?= Date: Tue, 21 Feb 2017 13:18:59 +0100 Subject: [PATCH] flask.request.json => flask.request.get_json() Old property is deprecated as of Flask 0.11 --- src/octoprint/plugins/corewizard/__init__.py | 6 +++--- .../plugins/softwareupdate/__init__.py | 4 +++- src/octoprint/server/api/__init__.py | 11 ++++++---- src/octoprint/server/api/printer.py | 5 ++++- src/octoprint/server/api/printer_profiles.py | 10 ++++++++-- src/octoprint/server/api/settings.py | 5 ++++- src/octoprint/server/api/slicing.py | 10 ++++++++-- src/octoprint/server/api/system.py | 6 +++--- src/octoprint/server/api/timelapse.py | 6 +++--- src/octoprint/server/api/users.py | 20 +++++++++++++++---- src/octoprint/server/apps/__init__.py | 5 ++++- 11 files changed, 63 insertions(+), 25 deletions(-) diff --git a/src/octoprint/plugins/corewizard/__init__.py b/src/octoprint/plugins/corewizard/__init__.py index f5475239..787300b6 100644 --- a/src/octoprint/plugins/corewizard/__init__.py +++ b/src/octoprint/plugins/corewizard/__init__.py @@ -87,9 +87,9 @@ class CoreWizardPlugin(octoprint.plugin.AssetPlugin, from flask import request from octoprint.server.api import valid_boolean_trues, NO_CONTENT - data = request.values - if hasattr(request, "json") and request.json: - data = request.json + data = request.get_json() + if data is None: + data = request.values if "ac" in data and data["ac"] in valid_boolean_trues and \ "user" in data.keys() and "pass1" in data.keys() and \ diff --git a/src/octoprint/plugins/softwareupdate/__init__.py b/src/octoprint/plugins/softwareupdate/__init__.py index 61558718..fccd2214 100644 --- a/src/octoprint/plugins/softwareupdate/__init__.py +++ b/src/octoprint/plugins/softwareupdate/__init__.py @@ -495,7 +495,9 @@ class SoftwareUpdatePlugin(octoprint.plugin.BlueprintPlugin, if not "application/json" in flask.request.headers["Content-Type"]: return flask.make_response("Expected content-type JSON", 400) - json_data = flask.request.json + json_data = flask.request.get_json(silent=True) + if json_data is None: + return flask.make_response("Invalid JSON", 400) if "check" in json_data: check_targets = map(lambda x: x.strip(), json_data["check"]) diff --git a/src/octoprint/server/api/__init__.py b/src/octoprint/server/api/__init__.py index 6d056fe0..ecad3e93 100644 --- a/src/octoprint/server/api/__init__.py +++ b/src/octoprint/server/api/__init__.py @@ -134,10 +134,13 @@ def wizardFinish(): data = dict() try: - data = request.json + data = request.get_json() except: abort(400) + if data is None: + abort(400) + if not "handled" in data: abort(400) handled = data["handled"] @@ -186,9 +189,9 @@ def apiVersion(): @api.route("/login", methods=["POST"]) def login(): - data = request.values - if hasattr(request, "json") and request.json: - data = request.json + data = request.get_json() + if data is None: + data = request.values if octoprint.server.userManager.enabled and "user" in data and "pass" in data: username = data["user"] diff --git a/src/octoprint/server/api/printer.py b/src/octoprint/server/api/printer.py index b6e81b22..68d69146 100644 --- a/src/octoprint/server/api/printer.py +++ b/src/octoprint/server/api/printer.py @@ -326,10 +326,13 @@ def printerCommand(): return make_response("Expected content type JSON", 400) try: - data = request.json + data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if data is None: + return make_response("Malformed JSON body in request", 400) + if "command" in data and "commands" in data: return make_response("'command' and 'commands' are mutually exclusive", 400) elif ("command" in data or "commands" in data) and "script" in data: diff --git a/src/octoprint/server/api/printer_profiles.py b/src/octoprint/server/api/printer_profiles.py index bc9f6f2c..6e3d5dcd 100644 --- a/src/octoprint/server/api/printer_profiles.py +++ b/src/octoprint/server/api/printer_profiles.py @@ -50,10 +50,13 @@ def printerProfilesAdd(): return make_response("Expected content-type JSON", 400) try: - json_data = request.json + json_data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if json_data is None: + return make_response("Malformed JSON body in request", 400) + if not "profile" in json_data: return make_response("No profile included in request", 400) @@ -117,10 +120,13 @@ def printerProfilesUpdate(identifier): return make_response("Expected content-type JSON", 400) try: - json_data = request.json + json_data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if json_data is None: + return make_response("Malformed JSON body in request", 400) + if not "profile" in json_data: return make_response("No profile included in request", 400) diff --git a/src/octoprint/server/api/settings.py b/src/octoprint/server/api/settings.py index 7ef37a35..645a4ef7 100644 --- a/src/octoprint/server/api/settings.py +++ b/src/octoprint/server/api/settings.py @@ -251,10 +251,13 @@ def setSettings(): return make_response("Expected content-type JSON", 400) try: - data = request.json + data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if data is None: + return make_response("Malformed JSON body in request", 400) + _saveSettings(data) return getSettings() diff --git a/src/octoprint/server/api/slicing.py b/src/octoprint/server/api/slicing.py index 824faf02..6644024e 100644 --- a/src/octoprint/server/api/slicing.py +++ b/src/octoprint/server/api/slicing.py @@ -118,10 +118,13 @@ def slicingAddSlicerProfile(slicer, name): return make_response("Expected content-type JSON", 400) try: - json_data = request.json + json_data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if json_data is None: + return make_response("Malformed JSON body in request", 400) + data = dict() display_name = None description = None @@ -157,10 +160,13 @@ def slicingPatchSlicerProfile(slicer, name): return make_response("Profile {name} for slicer {slicer} not found".format(**locals()), 404) try: - json_data = request.json + json_data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if json_data is None: + return make_response("Malformed JSON body in request", 400) + data = dict() display_name = None description = None diff --git a/src/octoprint/server/api/system.py b/src/octoprint/server/api/system.py index 14a0e084..24b0ae52 100644 --- a/src/octoprint/server/api/system.py +++ b/src/octoprint/server/api/system.py @@ -24,9 +24,9 @@ from octoprint.server.util.flask import restricted_access, get_remote_address def performSystemAction(): logging.getLogger(__name__).warn("Deprecated API call to /api/system made by {}, should be migrated to use /system/commands/custom/".format(get_remote_address(request))) - data = request.values - if hasattr(request, "json") and request.json: - data = request.json + data = request.get_json(silent=True) + if data is None: + data = request.values if not "action" in data: return make_response("action to perform is not defined", 400) diff --git a/src/octoprint/server/api/timelapse.py b/src/octoprint/server/api/timelapse.py index e7272eb6..a108fad4 100644 --- a/src/octoprint/server/api/timelapse.py +++ b/src/octoprint/server/api/timelapse.py @@ -162,9 +162,9 @@ def processUnrenderedTimelapseCommand(name): @api.route("/timelapse", methods=["POST"]) @restricted_access def setTimelapseConfig(): - data = request.values - if hasattr(request, "json") and request.json: - data = request.json + data = request.get_json(silent=True) + if data is None: + data = request.values if "type" in data: config = { diff --git a/src/octoprint/server/api/users.py b/src/octoprint/server/api/users.py index fbee5c16..b907e560 100644 --- a/src/octoprint/server/api/users.py +++ b/src/octoprint/server/api/users.py @@ -40,10 +40,13 @@ def addUser(): return make_response("Expected content-type JSON", 400) try: - data = request.json + data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if data is None: + return make_response("Malformed JSON body in request", 400) + if not "name" in data: return make_response("Missing mandatory name field", 400) if not "password" in data: @@ -95,10 +98,13 @@ def updateUser(username): return make_response("Expected content-type JSON", 400) try: - data = request.json + data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if data is None: + return make_response("Malformed JSON body in request", 400) + # change roles roles = ["user"] if "admin" in data and data["admin"] in valid_boolean_trues: @@ -138,10 +144,13 @@ def changePasswordForUser(username): return make_response("Expected content-type JSON", 400) try: - data = request.json + data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if data is None: + return make_response("Malformed JSON body in request", 400) + if not "password" in data or not data["password"]: return make_response("password is missing from request", 400) @@ -179,10 +188,13 @@ def changeSettingsForUser(username): return make_response("Forbidden", 403) try: - data = request.json + data = request.get_json() except BadRequest: return make_response("Malformed JSON body in request", 400) + if data is None: + return make_response("Malformed JSON body in request", 400) + try: userManager.changeUserSettings(username, data) return jsonify(SUCCESS) diff --git a/src/octoprint/server/apps/__init__.py b/src/octoprint/server/apps/__init__.py index f5e9e328..b98d11e1 100644 --- a/src/octoprint/server/apps/__init__.py +++ b/src/octoprint/server/apps/__init__.py @@ -29,7 +29,10 @@ def verifySessionKey(): if not "application/json" in request.headers["Content-Type"]: return None, None, make_response("Expected content-type JSON", 400) - data = request.json + data = request.get_json() + if data is None: + return make_response("Malformed JSON body in request", 400) + for key in ("appid", "key", "_sig"): if not key in data: return make_response("Missing argument: {key}".format(key=key), 400)