FIX: Return error if new topic category not found

FIX: Return error if new topic category not found

If creating a topic via the api as an admin and the category you specify cannot be found an error will now be returned instead of just creating the topic with no category. This will prevent accidental public topic creation originally intended for a private category.

diff --git a/lib/topic_creator.rb b/lib/topic_creator.rb
index f65f302..57b921f 100644
--- a/lib/topic_creator.rb
+++ b/lib/topic_creator.rb
@@ -122,6 +122,9 @@ class TopicCreator
 
     @guardian.ensure_can_create!(Topic, category) unless (@opts[:skip_validations] || @opts[:archetype] == Archetype.private_message)
 
+    if @opts[:category] && category.nil?
+      raise Discourse::NotFound
+    end
     topic_params[:category_id] = category.id if category.present?
 
     topic_params[:created_at] = Time.zone.parse(@opts[:created_at].to_s) if @opts[:created_at].present?
diff --git a/spec/requests/posts_controller_spec.rb b/spec/requests/posts_controller_spec.rb
index 3657507..af119c5 100644
--- a/spec/requests/posts_controller_spec.rb
+++ b/spec/requests/posts_controller_spec.rb
@@ -775,6 +775,20 @@ describe PostsController do
         }
         expect(response.status).to eq(403)
       end
+
+      it 'will raise an error if specified category cannot be found' do
+        user = Fabricate(:admin)
+        master_key = ApiKey.create_master_key.key
+
+        post "/posts.json", params: {
+          api_username: user.username,
+          api_key: master_key,
+          title: 'this is a test title',
+          raw: 'this is test body',
+          category: 'invalid'
+        }
+        expect(response.status).to eq(404)
+      end
     end
 
     describe "when logged in" do

GitHub sha: 9c606dd9

1 Like

Revert "FIX: Return error if new topic category not found"