diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index 2873d7c69b..7398e451b5 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -36,6 +36,7 @@ use Utopia\Database\Exception\Authorization as AuthorizationException; use Utopia\Database\Exception\Duplicate; use Utopia\Database\Exception\Order as OrderException; use Utopia\Database\Exception\Query as QueryException; +use Utopia\Database\Exception\Structure as StructureException; use Utopia\Database\Helpers\ID; use Utopia\Database\Helpers\Permission; use Utopia\Database\Helpers\Role; @@ -282,7 +283,13 @@ App::get('/v1/teams/:teamId/prefs') $prefs = $team->getAttribute('prefs', []); - $response->dynamic(new Document($prefs), Response::MODEL_PREFERENCES); + try { + $prefs = new Document($prefs); + } catch (StructureException $e) { + throw new Exception(Exception::DOCUMENT_INVALID_STRUCTURE, $e->getMessage()); + } + + $response->dynamic($prefs, Response::MODEL_PREFERENCES); }); App::put('/v1/teams/:teamId') @@ -357,6 +364,11 @@ App::put('/v1/teams/:teamId/prefs') ->inject('dbForProject') ->inject('queueForEvents') ->action(function (string $teamId, array $prefs, Response $response, Database $dbForProject, Event $queueForEvents) { + try { + $prefs = new Document($prefs); + } catch (StructureException $e) { + throw new Exception(Exception::DOCUMENT_INVALID_STRUCTURE, $e->getMessage()); + } $team = $dbForProject->getDocument('teams', $teamId); @@ -364,11 +376,13 @@ App::put('/v1/teams/:teamId/prefs') throw new Exception(Exception::TEAM_NOT_FOUND); } - $team = $dbForProject->updateDocument('teams', $team->getId(), $team->setAttribute('prefs', $prefs)); + $team = $dbForProject->updateDocument('teams', $team->getId(), new Document([ + 'prefs' => $prefs->getArrayCopy() + ])); $queueForEvents->setParam('teamId', $team->getId()); - $response->dynamic(new Document($prefs), Response::MODEL_PREFERENCES); + $response->dynamic($prefs, Response::MODEL_PREFERENCES); }); App::delete('/v1/teams/:teamId')