From 2d5798685d77805bba133c5b0b9f1cbd3e60b159 Mon Sep 17 00:00:00 2001
From: Quentin RIBAC <quentin.ribac@xelians.fr>
Date: Wed, 3 Nov 2021 12:02:17 +0100
Subject: [PATCH] FEAT #14837 TIME 0:15 using Validator in routes

---
 .../multigest/controllers/MultigestController.php        | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/app/external/multigest/controllers/MultigestController.php b/src/app/external/multigest/controllers/MultigestController.php
index dc2d2202dcd..ce2256c9524 100644
--- a/src/app/external/multigest/controllers/MultigestController.php
+++ b/src/app/external/multigest/controllers/MultigestController.php
@@ -294,8 +294,13 @@ class MultigestController
         }
 
         $body = $request->getParsedBody();
-        ValidatorModel::stringType($body, ['sasId', 'login', 'password']);
-        ValidatorModel::notEmpty($body, ['sasId', 'login']);
+        if (!Validator::stringType()->notEmpty()->validate($body['sasId'])) {
+            return $response->withStatus(400)->withJson(['errors' => 'Body sasId is empty or not a string']);
+        } elseif (!Validator::stringType()->notEmpty()->validate($body['login'])) {
+            return $response->withStatus(400)->withJson(['errors' => 'Body login is empty or not a string']);
+        } elseif (!Validator::stringType()->validate($body['password'])) {
+            return $response->withStatus(400)->withJson(['errors' => 'Body password is not a string']);
+        }
 
         $result = MultigestController::checkAccountWithCredentials([
             'sasId' => $body['sasId'],
-- 
GitLab