search

iDigBio / idigbio-search-api

Server-side code driving iDigBio's search functionality.
GNU General Public License v3.0
24 stars 5 forks source link

Search API should return 400 when passed bad message body and not fall through to a default return value #58

Open roncanepa opened 3 years ago

roncanepa commented 3 years ago

For example: I wrote a request and accidentally did not form the rq object correctly:

# note: this is NOT correct
curl --location --request GET 'https://search.idigbio.org/v2/summary/count/records/' \
--header 'Content-Type: application/json' \
--data-raw '{"recordset": "b40e13f7-a79a-4265-93d9-3b4878dfc988"}'

The expected value is (at time of this issue) ~130k. Instead, we get a return value of 128M. The search api should have noticed that a body was passed as part of the request, that it was malformed, and then returned http 400 instead of returning the total count of all records in iDigBio instead.

Example of correct query:

curl --location --request GET 'https://search.idigbio.org/v2/summary/count/records/' \
--header 'Content-Type: application/json' \
--data-raw '{"rq": {"recordset": "b40e13f7-a79a-4265-93d9-3b4878dfc988"}}'