diff --git a/src/server/internalServer.cpp b/src/server/internalServer.cpp index 6548a2468..2025a0380 100644 --- a/src/server/internalServer.cpp +++ b/src/server/internalServer.cpp @@ -173,6 +173,16 @@ ParameterizedMessage rawEntryNotFoundMsg(const std::string& dt, const std::strin ); } +ParameterizedMessage tooManyBooksMsg(size_t nbBooks, size_t limit) +{ + return ParameterizedMessage("too-many-books", + { + {"NB_BOOKS", nbBooks}, + {"LIMIT", limit}, + } + ); +} + ParameterizedMessage nonParameterizedMessage(const std::string& msgId) { const ParameterizedMessage::Parameters noParams; @@ -193,6 +203,15 @@ struct Error : public std::runtime_error { const ParameterizedMessage _message; }; +void checkBookNumber(const Library::BookIdSet& bookIds, size_t limit) { + if (bookIds.empty()) { + throw Error(nonParameterizedMessage("no-book-found")); + } + if (bookIds.size() > limit) { + throw Error(tooManyBooksMsg(bookIds.size(), limit)); + } +} + } // unnamed namespace Library::BookIdSet InternalServer::selectBooks(const RequestContext& request) const @@ -216,7 +235,8 @@ Library::BookIdSet InternalServer::selectBooks(const RequestContext& request) co if (id_vec.empty()) { throw Error(noValueForArgMsg("books.id")); } - return Library::BookIdSet(id_vec.begin(), id_vec.end()); + const auto bookIds = Library::BookIdSet(id_vec.begin(), id_vec.end()); + return bookIds; } catch(const std::out_of_range&) {} // Use the names @@ -242,12 +262,14 @@ Library::BookIdSet InternalServer::selectBooks(const RequestContext& request) co if (id_vec.empty()) { throw Error(nonParameterizedMessage("no-book-found")); } - return Library::BookIdSet(id_vec.begin(), id_vec.end()); + const auto bookIds = Library::BookIdSet(id_vec.begin(), id_vec.end()); + return bookIds; } SearchInfo InternalServer::getSearchInfo(const RequestContext& request) const { auto bookIds = selectBooks(request); + checkBookNumber(bookIds, 5); auto pattern = request.get_optional_param("pattern", ""); GeoQuery geoQuery; diff --git a/static/i18n/en.json b/static/i18n/en.json index c67e190c4..89c83c915 100644 --- a/static/i18n/en.json +++ b/static/i18n/en.json @@ -6,6 +6,7 @@ "name":"English", "suggest-full-text-search" : "containing '{{{SEARCH_TERMS}}}'..." , "no-such-book" : "No such book: {{BOOK_NAME}}" + , "too-many-books" : "Too many books requested ({{NB_BOOKS}}) where limit is {{LIMIT}}" , "no-book-found" : "No book matches selection criteria" , "url-not-found" : "The requested URL \"{{url}}\" was not found on this server." , "suggest-search" : "Make a full text search for {{PATTERN}}" diff --git a/static/i18n/qqq.json b/static/i18n/qqq.json index 6a3f10caa..895cd120f 100644 --- a/static/i18n/qqq.json +++ b/static/i18n/qqq.json @@ -9,6 +9,7 @@ "name": "{{Doc-important|Don't write \"English\" in your language!}}\n\n'''Write the name of ''your'' language in its native script.'''\n\nCurrent language to which the string is being translated to.\n\nFor example, write \"français\" when translating to French, or \"Deutsch\" when translating to German.\n\n'''Important:''' Do not use your language’s word for “English”. Use the word that your language uses to refer to itself. If you translate this message to mean “English” in your language, your change will be reverted.", "suggest-full-text-search": "Text appearing in the suggestion list that, when selected, runs a full text search instead of the title search", "no-such-book": "Error text when the requested book is not found in the library", + "too-many-books":"Error text when user request more books than the limit set by the administrator", "url-not-found": "Error text about wrong URL for an HTTP 404 error", "no-book-found": "Error text when no book matches the selection criteria", "suggest-search": "Suggest a search when the URL points to a non existing article",