Merge remote-tracking branch 'origin/AC-746' into spartans_pr_07072025_v2

glo60612 · glo60612 · commit e9f73982b76c · 2025-07-08T16:23:14.000+05:30
diff --git a/dev/tests/api-functional/testsuite/Magento/Framework/Webapi/ApiErrorProcessorTest.php b/dev/tests/api-functional/testsuite/Magento/Framework/Webapi/ApiErrorProcessorTest.php
@@ -0,0 +1,199 @@
+<?php
+/**
+ * Copyright 2025 Adobe
+ * All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Framework\Webapi;
+
+use Magento\Catalog\Test\Fixture\Product as ProductFixture;
+use Magento\Indexer\Test\Fixture\Indexer as IndexerFixture;
+use Magento\Quote\Test\Fixture\AddProductToCart as AddProductToCartFixture;
+use Magento\Quote\Test\Fixture\GuestCart as GuestCartFixture;
+use Magento\TestFramework\Fixture\DataFixture;
+use Magento\TestFramework\Fixture\DataFixtureStorage;
+use Magento\TestFramework\Fixture\DataFixtureStorageManager;
+use Magento\TestFramework\TestCase\WebapiAbstract;
+
+/**
+ * Test API error processor for malformed requests/bodies.
+ */
+class ApiErrorProcessorTest extends WebapiAbstract
+{
+    private const RESOURCE_PATH = '/V1/';
+
+    /**
+     * @var DataFixtureStorage
+     */
+    protected $fixtures;
+
+    protected function setUp(): void
+    {
+        $this->_markTestAsRestOnly();
+        parent::setUp();
+        /** @var DataFixtureStorage $fixtures */
+        $this->fixtures = DataFixtureStorageManager::getStorage();
+    }
+
+    /**
+     * Test that the API returns a 400 error when the request params are malformed.
+     *
+     * @param array $requestData
+     * @param string $endpoint
+     * @param int $expectedExceptionCode
+     *
+     * @dataProvider malformedRequestParamsDataProvider
+     */
+    public function testMalformedRequestParams(array $requestData, string $endpoint, int $expectedExceptionCode)
+    {
+        $this->expectException(\Exception::class);
+        $this->expectExceptionCode($expectedExceptionCode);
+
+        $serviceInfo = [
+            'rest' => [
+                'resourcePath' => self::RESOURCE_PATH . $endpoint . '?' . http_build_query($requestData),
+                'httpMethod' => \Magento\Framework\Webapi\Rest\Request::HTTP_METHOD_GET,
+            ]
+        ];
+
+        $this->_webApiCall($serviceInfo, $requestData);
+    }
+
+    /**
+     * Data provider for testMalformedRequestParams
+     *
+     * @return array
+     */
+    public static function malformedRequestParamsDataProvider()
+    {
+        return [
+            'empty_filter_groups_value' => [
+                'requestData' => [
+                    'searchCriteria' => [
+                        'filterGroups' => [
+                            [
+                                'filters' => [
+                                    [
+                                        'field' => 'string'
+                                    ]
+                                ]
+                            ]
+                        ]
+                    ]
+                ],
+                'endpoint' => 'coupons/search',
+                'expectedExceptionCode' => 400,
+            ],
+            'empty_filter_groups_value2' => [
+                'requestData' => [
+                    'searchCriteria' => [
+                        'filterGroups' => [
+                            [
+                                'filters' => [
+                                    [
+                                        'field' => 'string'
+                                    ]
+                                ]
+                            ]
+                        ]
+                    ]
+                ],
+                'endpoint' => 'categories/attributes',
+                'expectedExceptionCode' => 400,
+            ],
+            'empty_sort_orders' => [
+                'requestData' => [
+                    'searchCriteria' => [
+                        'sortOrders' => [
+                            [
+                                'field' => 'string'
+                            ]
+                        ]
+                    ]
+                ],
+                'endpoint' => 'cmsPage/search',
+                'expectedExceptionCode' => 400,
+            ]
+        ];
+    }
+
+    /**
+     * Test that the POST API returns a 400 error when the request body is malformed.
+     */
+    #[
+        DataFixture(ProductFixture::class, as: 'product'),
+        DataFixture(IndexerFixture::class, as: 'indexer'),
+        DataFixture(GuestCartFixture::class, as: 'cart'),
+        DataFixture(AddProductToCartFixture::class, ['cart_id' => '$cart.id$', 'product_id' => '$product.id$']),
+    ]
+    public function testPOSTWithMalformedBody(): void
+    {
+        $this->expectException(\Exception::class);
+        $this->expectExceptionCode(400);
+
+        $cart = $this->fixtures->get('cart');
+        /** @var \Magento\Quote\Model\QuoteIdMask $quoteIdMask */
+        $quoteIdMask = \Magento\TestFramework\Helper\Bootstrap::getObjectManager()
+            ->create(\Magento\Quote\Model\QuoteIdMaskFactory::class)
+            ->create();
+        $quoteIdMask->load($cart->getId(), 'quote_id');
+        //Use masked cart Id
+        $cartId = $quoteIdMask->getMaskedId();
+
+        $serviceInfo = [
+            'rest' => [
+                'resourcePath' => self::RESOURCE_PATH . 'guest-carts/' . $cartId . '/shipping-information',
+                'httpMethod' => \Magento\Framework\Webapi\Rest\Request::HTTP_METHOD_POST,
+            ],
+        ];
+        $requestData = [
+            "addressInformation" => [
+                "extension_attributes" => [
+                    "discounts" => [
+                        [
+                            "discount_data" => [
+                                "amount" => 0
+                            ]
+                        ]
+                    ]
+                ]
+            ]
+        ];
+        $this->_webApiCall($serviceInfo, $requestData);
+    }
+
+    /**
+     * Test that the PUT API returns a 400 error when the request body is malformed.
+     */
+    #[
+        DataFixture(ProductFixture::class, as: 'product'),
+        DataFixture(IndexerFixture::class, as: 'indexer'),
+    ]
+    public function testPUTWithMalformedBody(): void
+    {
+        $this->expectException(\Exception::class);
+        $this->expectExceptionCode(400);
+
+        $product = $this->fixtures->get('product');
+        $sku = $product->getSku();
+
+        $serviceInfo = [
+            'rest' => [
+                'resourcePath' => self::RESOURCE_PATH . 'products/' . $sku,
+                'httpMethod' => \Magento\Framework\Webapi\Rest\Request::HTTP_METHOD_PUT,
+            ],
+        ];
+        $requestData = [
+            "product" => [
+                "extension_attributes" => [
+                    "stock_item" => [
+                        "show_default_notification_message" => true
+                    ]
+                ]
+            ]
+        ];
+        $this->_webApiCall($serviceInfo, $requestData);
+    }
+}
diff --git a/lib/internal/Magento/Framework/Webapi/ErrorProcessor.php b/lib/internal/Magento/Framework/Webapi/ErrorProcessor.php
@@ -1,7 +1,7 @@
 <?php
 /**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
+ * Copyright 2012 Adobe
+ * All rights reserved.
  */
 declare(strict_types=1);
 
@@ -145,6 +145,8 @@ public function maskException(\Exception $exception)
                 $stackTrace
             );
         } else {
+            // Check if this is a client error based on the exception type
+            $httpCode = $this->getClientErrorHttpCode($exception);
             $message = $exception->getMessage();
             $code = $exception->getCode();
             //if not in Dev mode, make sure the message and code is masked for unanticipated exceptions
@@ -157,7 +159,7 @@ public function maskException(\Exception $exception)
             $maskedException = new WebapiException(
                 new Phrase($message),
                 $code,
-                WebapiException::HTTP_INTERNAL_ERROR,
+                $httpCode,
                 [],
                 '',
                 null,
@@ -167,6 +169,29 @@ public function maskException(\Exception $exception)
         return $maskedException;
     }
 
+    /**
+     * Return the HTTP code for a client error based on the exception type
+     *
+     * @param \Exception $exception
+     * @return int
+     */
+    private function getClientErrorHttpCode(\Exception $exception)
+    {
+        // Check if this is a client error based on the exception type
+        if ($exception instanceof \Zend_Db_Exception
+            || $exception instanceof \Zend_Db_Adapter_Exception
+            || $exception instanceof \Zend_Db_Statement_Exception
+            || $exception instanceof \PDOException
+            || $exception instanceof \InvalidArgumentException
+            || $exception instanceof \BadMethodCallException
+            || $exception instanceof \UnexpectedValueException
+            || $exception instanceof \Magento\Framework\Search\Request\NonExistingRequestNameException
+        ) {
+            return WebapiException::HTTP_BAD_REQUEST;
+        }
+        return WebapiException::HTTP_INTERNAL_ERROR;
+    }
+
     /**
      * Process API exception.
      *
