Change order of endpoints to avoid validation errors from /:mimeType(*)

apps/app/src/server/routes/apiv3/content-disposition-settings.ts

@@ -27,7 +27,7 @@ const validator = {
       .withMessage('Invalid or unconfigurable MIME type specified.'),
 
     body('disposition')
-      .isIn(['inline', 'attachment']) // Validate that it's one of these two strings
+      .isIn(['inline', 'attachment'])
       .withMessage('`disposition` must be either "inline" or "attachment".'),
   ],
 };
@@ -84,6 +84,87 @@ module.exports = (crowi) => {
     }
   });
 
+  router.put(
+    '/strict',
+    loginRequiredStrictly,
+    adminRequired,
+    addActivity,
+
+    async(req, res) => {
+
+      try {
+        const strictMimeTypeSettings: Record<string, 'inline' | 'attachment'> = {
+          'application/pdf': 'attachment',
+          'application/json': 'attachment',
+          'text/csv': 'attachment',
+          'font/woff2': 'attachment',
+          'font/woff': 'attachment',
+          'font/ttf': 'attachment',
+          'font/otf': 'attachment',
+        };
+
+        await configManager.updateConfigs({ 'attachments:contentDisposition:mimeTypeOverrides': strictMimeTypeSettings });
+
+        const parameters = {
+          action: SupportedAction.ACTION_ADMIN_ATTACHMENT_DISPOSITION_UPDATE,
+          contentDispositionSettings: strictMimeTypeSettings,
+          currentMode: 'strict',
+        };
+        activityEvent.emit('update', res.locals.activity._id, parameters);
+
+        return res.apiv3({ currentMode: 'strict', contentDispositionSettings: strictMimeTypeSettings });
+      }
+      catch (err) {
+        const msg = 'Error occurred in updating content disposition for MIME types';
+        logger.error(msg, err);
+        return res.apiv3Err(
+          new ErrorV3(msg, 'update-content-disposition-failed'),
+        );
+      }
+    },
+  );
+
+  router.put(
+    '/lax',
+    loginRequiredStrictly,
+    adminRequired,
+    addActivity,
+
+    async(req, res) => {
+
+      try {
+        const strictMimeTypeSettings: Record<string, 'inline' | 'attachment'> = {
+          'application/pdf': 'inline',
+          'application/json': 'inline',
+          'text/csv': 'inline',
+          'font/woff2': 'inline',
+          'font/woff': 'inline',
+          'font/ttf': 'inline',
+          'font/otf': 'inline',
+        };
+
+        await configManager.updateConfigs({ 'attachments:contentDisposition:mimeTypeOverrides': strictMimeTypeSettings });
+
+        const parameters = {
+          action: SupportedAction.ACTION_ADMIN_ATTACHMENT_DISPOSITION_UPDATE,
+          contentDispositionSettings: strictMimeTypeSettings,
+          currentMode: 'lax',
+        };
+        activityEvent.emit('update', res.locals.activity._id, parameters);
+
+        return res.apiv3({ currentMode: 'lax', contentDispositionSettings: strictMimeTypeSettings });
+      }
+      catch (err) {
+        const msg = 'Error occurred in updating content disposition for MIME types';
+        logger.error(msg, err);
+        return res.apiv3Err(
+          new ErrorV3(msg, 'update-content-disposition-failed'),
+        );
+      }
+    },
+  );
+
+
   /**
  * @swagger
  *
@@ -166,87 +247,6 @@ module.exports = (crowi) => {
     },
   );
 
-  router.put(
-    '/strict',
-    loginRequiredStrictly,
-    adminRequired,
-    addActivity,
-    apiV3FormValidator,
-
-    async(req, res) => {
-
-      try {
-        const strictMimeTypeSettings: Record<string, 'inline' | 'attachment'> = {
-          'application/pdf': 'attachment',
-          'application/json': 'attachment',
-          'text/csv': 'attachment',
-          'font/woff2': 'attachment',
-          'font/woff': 'attachment',
-          'font/ttf': 'attachment',
-          'font/otf': 'attachment',
-        };
-
-        await configManager.updateConfigs({ 'attachments:contentDisposition:mimeTypeOverrides': strictMimeTypeSettings });
-
-        const parameters = {
-          action: SupportedAction.ACTION_ADMIN_ATTACHMENT_DISPOSITION_UPDATE,
-          contentDispositionSettings: strictMimeTypeSettings,
-          currentMode: 'strict',
-        };
-        activityEvent.emit('update', res.locals.activity._id, parameters);
-
-        return res.apiv3({ currentMode: 'strict', contentDispositionSettings: strictMimeTypeSettings });
-      }
-      catch (err) {
-        const msg = 'Error occurred in updating content disposition for MIME types';
-        logger.error(msg, err);
-        return res.apiv3Err(
-          new ErrorV3(msg, 'update-content-disposition-failed'),
-        );
-      }
-    },
-  );
-
-  router.put(
-    '/lax',
-    loginRequiredStrictly,
-    adminRequired,
-    addActivity,
-    apiV3FormValidator,
-
-    async(req, res) => {
-
-      try {
-        const strictMimeTypeSettings: Record<string, 'inline' | 'attachment'> = {
-          'application/pdf': 'inline',
-          'application/json': 'inline',
-          'text/csv': 'inline',
-          'font/woff2': 'inline',
-          'font/woff': 'inline',
-          'font/ttf': 'inline',
-          'font/otf': 'inline',
-        };
-
-        await configManager.updateConfigs({ 'attachments:contentDisposition:mimeTypeOverrides': strictMimeTypeSettings });
-
-        const parameters = {
-          action: SupportedAction.ACTION_ADMIN_ATTACHMENT_DISPOSITION_UPDATE,
-          contentDispositionSettings: strictMimeTypeSettings,
-          currentMode: 'lax',
-        };
-        activityEvent.emit('update', res.locals.activity._id, parameters);
-
-        return res.apiv3({ currentMode: 'lax', contentDispositionSettings: strictMimeTypeSettings });
-      }
-      catch (err) {
-        const msg = 'Error occurred in updating content disposition for MIME types';
-        logger.error(msg, err);
-        return res.apiv3Err(
-          new ErrorV3(msg, 'update-content-disposition-failed'),
-        );
-      }
-    },
-  );
 
   return router;
 };