DEV: raise error if search term length is less than required

DEV: raise error if search term length is less than required
diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb
index ad74f59..76a21ca 100644
--- a/app/controllers/search_controller.rb
+++ b/app/controllers/search_controller.rb
@@ -9,6 +9,9 @@ class SearchController < ApplicationController
   end
 
   def show
+    @search_term = params.require(:q)
+    raise Discourse::InvalidParameters.new(:q) if @search_term.length < SiteSetting.min_search_term_length
+
     search_args = {
       type_filter: 'topic',
       guardian: guardian,
@@ -29,7 +32,6 @@ class SearchController < ApplicationController
     search_args[:ip_address] = request.remote_ip
     search_args[:user_id] = current_user.id if current_user.present?
 
-    @search_term = params[:q]
     search = Search.new(@search_term, search_args)
     result = search.execute
 
diff --git a/spec/requests/search_controller_spec.rb b/spec/requests/search_controller_spec.rb
index 3f2446c..16ce926 100644
--- a/spec/requests/search_controller_spec.rb
+++ b/spec/requests/search_controller_spec.rb
@@ -127,6 +127,11 @@ describe SearchController do
   end
 
   context "#show" do
+    it "raises an error when the search term length is less than required" do
+      get "/search.json", params: { q: 'ba' }
+      expect(response.status).to eq(400)
+    end
+
     it "logs the search term" do
       SiteSetting.log_search_queries = true
       get "/search.json", params: { q: 'bantha' }

GitHub
sha: a313b011

Hmm why was this marked as DEV?

It should be “SPEC” right? Lol I confused it with another commit.

I think it should have been FIX since we’re actually fixing the fact that an endpoint accepted an invalid parameter.

1 Like

I agree. I thought nothing is broken.