Update routes/notifications.py
Browse files- routes/notifications.py +8 -0
routes/notifications.py
CHANGED
|
@@ -92,6 +92,10 @@ async def log_notification(send_by: str, title: str, content: str, target_id: Op
|
|
| 92 |
detail = await resp.text()
|
| 93 |
raise HTTPException(status_code=500, detail=f"Failed to log notification: {detail}")
|
| 94 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 95 |
@router.post("/send-global-notification")
|
| 96 |
async def send_global_notification(
|
| 97 |
payload: SimpleNotification,
|
|
@@ -103,6 +107,10 @@ async def send_global_notification(
|
|
| 103 |
if not sender or not sender.get("manage_notifications"):
|
| 104 |
raise HTTPException(status_code=403, detail="You are not authorized to send notifications.")
|
| 105 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 106 |
message = {
|
| 107 |
"notification": {
|
| 108 |
"title": payload.title,
|
|
|
|
| 92 |
detail = await resp.text()
|
| 93 |
raise HTTPException(status_code=500, detail=f"Failed to log notification: {detail}")
|
| 94 |
|
| 95 |
+
def is_valid_image_url(url: str) -> bool:
|
| 96 |
+
valid_extensions = (".jpg", ".jpeg", ".png", ".gif", ".webp")
|
| 97 |
+
return url.lower().endswith(valid_extensions)
|
| 98 |
+
|
| 99 |
@router.post("/send-global-notification")
|
| 100 |
async def send_global_notification(
|
| 101 |
payload: SimpleNotification,
|
|
|
|
| 107 |
if not sender or not sender.get("manage_notifications"):
|
| 108 |
raise HTTPException(status_code=403, detail="You are not authorized to send notifications.")
|
| 109 |
|
| 110 |
+
# Validate image_url, if provided
|
| 111 |
+
if payload.image_url and not is_valid_image_url(payload.image_url):
|
| 112 |
+
raise HTTPException(status_code=400, detail="The image_url provided is not a valid image format.")
|
| 113 |
+
|
| 114 |
message = {
|
| 115 |
"notification": {
|
| 116 |
"title": payload.title,
|