From abf2a0ae550cfcd5cb5ea857d4e23da474ad6b66 Mon Sep 17 00:00:00 2001 From: David Garcia Date: Mon, 18 Feb 2019 15:43:59 +0000 Subject: [PATCH] Mailgun-461: Validate limits (#565) * Check limit for paginated domains * Check limit for paginated events * Check limit for paginated rotues * Check limit for paginated tags * Check limit for paginated mailing lists * Replace unexpected Assert --- src/Api/Domain.php | 2 ++ src/Api/Event.php | 4 ++++ src/Api/MailingList.php | 3 +-- src/Api/Route.php | 1 + src/Api/Tag.php | 2 ++ 5 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/Api/Domain.php b/src/Api/Domain.php index 0c28c61..f099645 100644 --- a/src/Api/Domain.php +++ b/src/Api/Domain.php @@ -40,6 +40,8 @@ class Domain extends HttpApi */ public function index(int $limit = 100, int $skip = 0) { + Assert::range($limit, 1, 1000); + $params = [ 'limit' => $limit, 'skip' => $skip, diff --git a/src/Api/Event.php b/src/Api/Event.php index d1b4bf3..748f1bd 100644 --- a/src/Api/Event.php +++ b/src/Api/Event.php @@ -30,6 +30,10 @@ class Event extends HttpApi { Assert::stringNotEmpty($domain); + if (array_key_exists('limit', $params)) { + Assert::range($params['limit'], 1, 300); + } + $response = $this->httpGet(sprintf('/v3/%s/events', $domain), $params); return $this->hydrateResponse($response, EventResponse::class); diff --git a/src/Api/MailingList.php b/src/Api/MailingList.php index 3acac1f..8538629 100644 --- a/src/Api/MailingList.php +++ b/src/Api/MailingList.php @@ -40,8 +40,7 @@ class MailingList extends HttpApi */ public function pages(int $limit = 100) { - Assert::integer($limit); - Assert::greaterThan($limit, 0); + Assert::range($limit, 1, 1000); $params = [ 'limit' => $limit, diff --git a/src/Api/Route.php b/src/Api/Route.php index 231e8ed..859a6c2 100644 --- a/src/Api/Route.php +++ b/src/Api/Route.php @@ -37,6 +37,7 @@ class Route extends HttpApi { Assert::greaterThan($limit, 0); Assert::greaterThanEq($skip, 0); + Assert::range($limit, 1, 1000); $params = [ 'limit' => $limit, diff --git a/src/Api/Tag.php b/src/Api/Tag.php index 95d8862..be5f123 100644 --- a/src/Api/Tag.php +++ b/src/Api/Tag.php @@ -38,6 +38,8 @@ class Tag extends HttpApi public function index(string $domain, int $limit = 100) { Assert::stringNotEmpty($domain); + Assert::range($limit, 1, 1000); + $params = [ 'limit' => $limit, ];