From 509d0e8dcf8df1627428c9e3431431d28b5b817d Mon Sep 17 00:00:00 2001
From: Alejandro Sirgo Rica <asirgo@soleta.eu>
Date: Thu, 13 Jun 2024 15:53:52 +0200
Subject: views: fix folder/update validation

Validate request parameters before accessing the dictionary values.
Prevent web backtrace.
---
 ogcp/views.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ogcp/views.py b/ogcp/views.py
index b7552e2..ede1ed0 100644
--- a/ogcp/views.py
+++ b/ogcp/views.py
@@ -1427,12 +1427,12 @@ def action_folder_update():
         return redirect(url_for("scopes"))
     else:
         params = request.args.to_dict()
-        folder_id = int(params.get('folder'))
 
-        if not folder_id:
+        if not 'folder' in params:
             flash(_('Please, select a folder to modify'), category='error')
             return redirect(url_for('scopes'))
 
+        folder_id = int(params.get('folder'))
         scopes, clients = get_scopes()
         folder = find_element_scope(folder_id, 'folder', scopes)
         form.server.data = params['scope-server']
-- 
cgit v1.2.3-18-g5258