From bb38c20efe1b69ee43447264b57be5afb3762189 Mon Sep 17 00:00:00 2001
From: Stefo <stefo@stefo.pl>
Date: Thu, 21 Nov 2024 22:56:07 +0100
Subject: [PATCH 1/2] fix(#633): handle invalid UUIDs in found_by parameter

---
 .../caches/search/SearchAssistant.php         | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/okapi/services/caches/search/SearchAssistant.php b/okapi/services/caches/search/SearchAssistant.php
index a0173fe4..c48508fd 100644
--- a/okapi/services/caches/search/SearchAssistant.php
+++ b/okapi/services/caches/search/SearchAssistant.php
@@ -423,10 +423,29 @@ public function prepare_common_search_params()
             try {
                 $users = OkapiServiceRunner::call("services/users/users", new OkapiInternalRequest(
                     $this->request->consumer, null, array('user_uuids' => $tmp, 'fields' => 'internal_id')));
+	            if (empty($users) || !is_array($users)) {
+		            throw new InvalidParam('found_by', "No valid users found for the given parameter.");
+	            }
             } catch (InvalidParam $e) { # too many uuids
                 throw new InvalidParam('found_by', $e->whats_wrong_about_it);
             }
 
+	        $user_uuids = explode("|", $tmp);
+
+	        $invalid_uuids = [];
+	        foreach ($user_uuids as $uuid) {
+		        if (!isset($users[$uuid])) {
+			        $invalid_uuids[] = $uuid;
+		        }
+	        }
+
+	        if (!empty($invalid_uuids)) {
+		        throw new InvalidParam(
+			        'found_by',
+			        "The following UUID(s) are invalid or not found: " . implode(", ", $invalid_uuids)
+		        );
+	        }
+
             $internal_user_ids = array_map(function ($user) { return $user["internal_id"]; }, $users);
             if (Settings::get('USE_SQL_SUBQUERIES')) {
                 $found_cache_subquery = self::get_found_cache_ids_subquery($internal_user_ids);

From 8f8c8808406369006d8dce0dbada25ec33b6593e Mon Sep 17 00:00:00 2001
From: Stefo <stefo@stefo.pl>
Date: Thu, 21 Nov 2024 23:23:01 +0100
Subject: [PATCH 2/2] fix(#633): handle invalid UUIDs in found_by parameter

---
 .../caches/search/SearchAssistant.php         | 30 +++++++++----------
 1 file changed, 14 insertions(+), 16 deletions(-)

diff --git a/okapi/services/caches/search/SearchAssistant.php b/okapi/services/caches/search/SearchAssistant.php
index c48508fd..24c32049 100644
--- a/okapi/services/caches/search/SearchAssistant.php
+++ b/okapi/services/caches/search/SearchAssistant.php
@@ -423,28 +423,26 @@ public function prepare_common_search_params()
             try {
                 $users = OkapiServiceRunner::call("services/users/users", new OkapiInternalRequest(
                     $this->request->consumer, null, array('user_uuids' => $tmp, 'fields' => 'internal_id')));
-	            if (empty($users) || !is_array($users)) {
-		            throw new InvalidParam('found_by', "No valid users found for the given parameter.");
-	            }
             } catch (InvalidParam $e) { # too many uuids
                 throw new InvalidParam('found_by', $e->whats_wrong_about_it);
             }
 
-	        $user_uuids = explode("|", $tmp);
+            if (empty($users) || !is_array($users)) {
+                throw new InvalidParam('found_by', "No valid users found for the given parameter.");
+            }
 
-	        $invalid_uuids = [];
-	        foreach ($user_uuids as $uuid) {
-		        if (!isset($users[$uuid])) {
-			        $invalid_uuids[] = $uuid;
-		        }
-	        }
+            $user_uuids = explode("|", $tmp);
 
-	        if (!empty($invalid_uuids)) {
-		        throw new InvalidParam(
-			        'found_by',
-			        "The following UUID(s) are invalid or not found: " . implode(", ", $invalid_uuids)
-		        );
-	        }
+            $invalid_uuids = [];
+            foreach ($user_uuids as $uuid) {
+                if (!isset($users[$uuid])) {
+                    $invalid_uuids[] = $uuid;
+                }
+            }
+
+            if (!empty($invalid_uuids)) {
+                throw new InvalidParam('found_by', "The following UUID(s) are invalid or not found: " . implode(", ", $invalid_uuids));
+            }
 
             $internal_user_ids = array_map(function ($user) { return $user["internal_id"]; }, $users);
             if (Settings::get('USE_SQL_SUBQUERIES')) {