feat: handles put and patch body

Author: metalogico

django_sonar/middlewares/requests.py

@@ -20,9 +20,6 @@ def __init__(self, get_response):
         tracemalloc.start()  # Start tracing memory allocation    
 
     def __call__(self, request):
-        # Get the list of excluded paths from settings
-        excluded_paths = settings.DJANGO_SONAR.get('excludes', [])
-
         # Check if the request path is excluded
         if self._should_exclude(request.path):
             return self.get_response(request)
@@ -47,7 +44,7 @@ def __call__(self, request):
 
         # Capture GET/POST data
         get_payload = request.GET.dict()
-        post_payload = self.get_post_payload(request)
+        post_payload = self.get_body_payload(request)
 
         # Process the request
         response = self.get_response(request)
@@ -152,9 +149,65 @@ def get_client_ip(self, request):
     def is_ajax(self, request):
         return request.headers.get('X-Requested-With') == 'XMLHttpRequest'
 
-    def get_post_payload(self, request):
-        post_data = request.POST.copy()
-        return post_data
+    def get_body_payload(self, request):
+        """Get request body data for all HTTP methods (POST, PUT, PATCH, etc.)"""
+        if request.method == 'GET':
+            return {}
+        
+        # For POST requests, use the standard request.POST
+        if request.method == 'POST':
+            return request.POST.copy()
+        
+        # For PUT, PATCH, and other methods, parse the request body
+        try:
+            content_type = request.content_type.lower()
+            
+            # Handle JSON content
+            if 'application/json' in content_type:
+                if hasattr(request, 'body') and request.body:
+                    return json.loads(request.body.decode('utf-8'))
+                return {}
+            
+            # Handle form-encoded content
+            elif 'application/x-www-form-urlencoded' in content_type:
+                if hasattr(request, 'body') and request.body:
+                    parsed_data = parse_qs(request.body.decode('utf-8'))
+                    # Convert lists to single values for consistency with request.POST
+                    return {k: v[0] if len(v) == 1 else v for k, v in parsed_data.items()}
+                return {}
+            
+            # Handle multipart form data (files)
+            elif 'multipart/form-data' in content_type:
+                # For multipart, try to get data from request.FILES and any parsed data
+                data = {}
+                if hasattr(request, 'FILES') and request.FILES:
+                    data['_files'] = list(request.FILES.keys())
+                # Note: Django doesn't populate request.POST for PUT/PATCH multipart,
+                # so we'd need custom parsing for complex multipart PUT/PATCH requests
+                return data
+            
+            # For other content types, store raw body (truncated for safety)
+            else:
+                if hasattr(request, 'body') and request.body:
+                    body_str = request.body.decode('utf-8', errors='ignore')
+                    # Truncate large bodies to avoid storage issues
+                    if len(body_str) > 10000:
+                        body_str = body_str[:10000] + '... (truncated)'
+                    return {'_raw_body': body_str, '_content_type': content_type}
+                return {}
+                
+        except (json.JSONDecodeError, UnicodeDecodeError, Exception) as e:
+            # If parsing fails, store error info and raw body (truncated)
+            try:
+                body_str = request.body.decode('utf-8', errors='ignore')[:1000]
+            except:
+                body_str = '<unable to decode>'
+            
+            return {
+                '_parse_error': str(e),
+                '_raw_body': body_str,
+                '_content_type': getattr(request, 'content_type', 'unknown')
+            }
 
     def process_exception(self, request, exception):
         """Process the exception and keep it in local storage."""