Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue calling undocumented API #1056

Closed
clintbxtreme opened this issue Oct 1, 2024 · 2 comments · Fixed by #1057
Closed

Issue calling undocumented API #1056

clintbxtreme opened this issue Oct 1, 2024 · 2 comments · Fixed by #1057

Comments

@clintbxtreme
Copy link

Describe the bug
Discovered an undocumented API /api/search_endpoints/<search_endpoint_id> but making a PUT request with the same data from the GET response (just modifying some field values) doesn't update the search_endpoint. Receives a 204 and no changes when looking at the endpoint in the UI. Specifically interested in making updates to the custom_headers field.

To Reproduce
Steps to reproduce the behavior:

  1. Make a GET request to /api/search_endpoints to retrieve search endpoints
  2. Use the search_endpoint_id from the response to make a GET request to /api/search_endpoints/<search_endpoint_id>
  3. Using the response, modify the custom_headers field
  4. Make a PUT request to /api/search_endpoints/<search_endpoint_id> with the updated data
  5. Receive a response code 204 and no updates visible in the UI

Expected behavior
Should be able to update the search endpoint's custom headers

Additional context
Here are some json payload examples that have been tried:
{ "name": "Name", "search_endpoint_id": 1234, "endpoint_url": "https://example.com/search", "search_engine": "searchapi", "api_method": "GET", "custom_headers": {"Custom-Flag": "foobar", "Authorization": "Bearer foo"}, "basic_auth_credential": "", "mapper_code": "...", "proxy_requests": true }
and
{ "search_endpoint": { "name": "Name", "search_endpoint_id": 1234, "endpoint_url": "https://example.com/search", "search_engine": "searchapi", "api_method": "GET", "custom_headers": {"Custom-Flag": "foobar", "Authorization": "Bearer foo"}, "basic_auth_credential": "", "mapper_code": "...", "proxy_requests": true } }
I've also tried the form data below (similar to what happens in the UI):
search_endpoint[custom_headers]: ""{\"Custom-Flag\": \"foobar\", \"Authorization\": "Bearer foo\"}"" _method: "patch" authenticity_token: "1234asdf" commit: "Update Search endpoint"
@epugh
Copy link
Member

epugh commented Oct 3, 2024

Have you used the api docs in general? https://app.quepid.com/apipie And yes, search_endpoint isn't documented...

@epugh
Copy link
Member

epugh commented Oct 3, 2024

okay... yeah,

        params.require(:search_endpoint).permit(:archived)
      end

is at fault! the front end app only ever sets the archived flag, but you want to use it for more things. So I need to example the permit list.

@epugh epugh mentioned this issue Oct 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Extend search endpoints controller to allow delete, complete update, … o19s/quepid
2 participants
@epugh @clintbxtreme