From f2b40b51c2d631a6185e1c4614632d29c40bce6c Mon Sep 17 00:00:00 2001
From: MeiMei <30769358+mei23@users.noreply.github.com>
Date: Mon, 31 Jan 2022 01:40:27 +0900
Subject: [PATCH] =?UTF-8?q?refactor:=20API=E3=81=A7=E9=9D=9EJSON=E5=85=A5?=
 =?UTF-8?q?=E5=8A=9B=E3=81=AE=E5=9E=8B=E5=A4=89=E6=8F=9B=E3=81=AFendpoint?=
 =?UTF-8?q?=E3=81=AB=E6=B8=A1=E3=81=99=E5=89=8D=E3=81=AB=E8=A1=8C=E3=81=86?=
 =?UTF-8?q?=E3=82=88=E3=81=86=E3=81=AB=20(#8229)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Resolve #8228

* fix
---
 packages/backend/src/server/api/api-handler.ts   |  2 +-
 packages/backend/src/server/api/call.ts          | 16 ++++++++++++++--
 .../server/api/endpoints/drive/files/create.ts   |  6 ++----
 3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/packages/backend/src/server/api/api-handler.ts b/packages/backend/src/server/api/api-handler.ts
index faa35d12d4..362bbb0f57 100644
--- a/packages/backend/src/server/api/api-handler.ts
+++ b/packages/backend/src/server/api/api-handler.ts
@@ -32,7 +32,7 @@ export default (endpoint: IEndpoint, ctx: Koa.Context) => new Promise((res) => {
 	// Authentication
 	authenticate(body['i']).then(([user, app]) => {
 		// API invoking
-		call(endpoint.name, user, app, body, (ctx as any).file).then((res: any) => {
+		call(endpoint.name, user, app, body, ctx).then((res: any) => {
 			reply(res);
 		}).catch((e: ApiError) => {
 			reply(e.httpStatusCode ? e.httpStatusCode : e.kind === 'client' ? 400 : 500, e);
diff --git a/packages/backend/src/server/api/call.ts b/packages/backend/src/server/api/call.ts
index 399ee65bde..5bc7d2f25e 100644
--- a/packages/backend/src/server/api/call.ts
+++ b/packages/backend/src/server/api/call.ts
@@ -1,3 +1,4 @@
+import * as Koa from 'koa';
 import { performance } from 'perf_hooks';
 import { limiter } from './limiter';
 import { User } from '@/models/entities/user';
@@ -12,7 +13,7 @@ const accessDenied = {
 	id: '56f35758-7dd5-468b-8439-5d6fb8ec9b8e',
 };
 
-export default async (endpoint: string, user: User | null | undefined, token: AccessToken | null | undefined, data: any, file?: any) => {
+export default async (endpoint: string, user: User | null | undefined, token: AccessToken | null | undefined, data: any, ctx?: Koa.Context) => {
 	const isSecure = user != null && token == null;
 
 	const ep = endpoints.find(e => e.name === endpoint);
@@ -76,9 +77,20 @@ export default async (endpoint: string, user: User | null | undefined, token: Ac
 		});
 	}
 
+	// Cast non JSON input
+	if (ep.meta.requireFile && ep.meta.params) {
+		const body = (ctx!.request as any).body;
+		for (const k of Object.keys(ep.meta.params)) {
+			const param = ep.meta.params[k];
+			if (['Boolean', 'Number'].includes(param.validator.name) && typeof body[k] === 'string') {
+				body[k] = JSON.parse(body[k]);
+			}
+		}
+	}
+
 	// API invoking
 	const before = performance.now();
-	return await ep.exec(data, user, token, file).catch((e: Error) => {
+	return await ep.exec(data, user, token, ctx!.file).catch((e: Error) => {
 		if (e instanceof ApiError) {
 			throw e;
 		} else {
diff --git a/packages/backend/src/server/api/endpoints/drive/files/create.ts b/packages/backend/src/server/api/endpoints/drive/files/create.ts
index dd65ab0611..877e76677e 100644
--- a/packages/backend/src/server/api/endpoints/drive/files/create.ts
+++ b/packages/backend/src/server/api/endpoints/drive/files/create.ts
@@ -39,15 +39,13 @@ export const meta = {
 		},
 
 		isSensitive: {
-			validator: $.optional.either($.bool, $.str),
+			validator: $.optional.bool,
 			default: false,
-			transform: (v: any): boolean => v === true || v === 'true',
 		},
 
 		force: {
-			validator: $.optional.either($.bool, $.str),
+			validator: $.optional.bool,
 			default: false,
-			transform: (v: any): boolean => v === true || v === 'true',
 		},
 	},