From 2bd54d30e5eb6465d789f9261b1b8c5e8fe9e57a Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 15 May 2024 09:47:22 +0200 Subject: [PATCH] fix(search): Limit maximum number of search results Signed-off-by: Joas Schilling --- core/Controller/UnifiedSearchController.php | 7 +++++-- core/openapi.json | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/core/Controller/UnifiedSearchController.php b/core/Controller/UnifiedSearchController.php index 469c6c6ed7bf4..3df7749ce723a 100644 --- a/core/Controller/UnifiedSearchController.php +++ b/core/Controller/UnifiedSearchController.php @@ -92,7 +92,7 @@ public function getProviders(string $from = ''): DataResponse { * @param string $providerId ID of the provider * @param string $term Term to search * @param int|null $sortOrder Order of entries - * @param int|null $limit Maximum amount of entries + * @param int|null $limit Maximum amount of entries, limited to 25 * @param int|string|null $cursor Offset for searching * @param string $from The current user URL * @@ -113,6 +113,9 @@ public function search( ): DataResponse { [$route, $routeParameters] = $this->getRouteInformation($from); + $limit ??= SearchQuery::LIMIT_DEFAULT; + $limit = max(1, min($limit, 25)); + try { $filters = $this->composer->buildFilterList($providerId, $this->request->getParams()); } catch (UnsupportedFilter|InvalidArgumentException $e) { @@ -125,7 +128,7 @@ public function search( new SearchQuery( $filters, $sortOrder ?? ISearchQuery::SORT_DATE_DESC, - $limit ?? SearchQuery::LIMIT_DEFAULT, + $limit, $cursor, $route, $routeParameters diff --git a/core/openapi.json b/core/openapi.json index 1c7b2caeeac42..014e001b08e5c 100644 --- a/core/openapi.json +++ b/core/openapi.json @@ -5366,7 +5366,7 @@ { "name": "limit", "in": "query", - "description": "Maximum amount of entries", + "description": "Maximum amount of entries, limited to 25", "schema": { "type": "integer", "format": "int64",