From baa343dd9748580206b8fcf5f4153208c48d5d85 Mon Sep 17 00:00:00 2001
From: Alexander Ebert <ebert@woltlab.com>
Date: Mon, 23 Sep 2024 10:52:50 +0200
Subject: [PATCH] Gracefully handle `IllegalLinkException` in API actions

---
 wcfsetup/install/files/lib/action/ApiAction.class.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/wcfsetup/install/files/lib/action/ApiAction.class.php b/wcfsetup/install/files/lib/action/ApiAction.class.php
index 8d3a57b6c4..9bbbe0681f 100644
--- a/wcfsetup/install/files/lib/action/ApiAction.class.php
+++ b/wcfsetup/install/files/lib/action/ApiAction.class.php
@@ -17,6 +17,7 @@ use wcf\system\endpoint\IController;
 use wcf\system\endpoint\RequestFailure;
 use wcf\system\endpoint\RequestType;
 use wcf\system\event\EventHandler;
+use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\exception\UserInputException;
 use wcf\system\request\RouteHandler;
@@ -95,6 +96,8 @@ final class ApiAction implements RequestHandlerInterface
             return $this->toErrorResponse(RequestFailure::PermissionDenied, 'permission_denied');
         } catch (UserInputException $e) {
             return $this->toErrorResponse(RequestFailure::ValidationFailed, $e->getType(), $e->getMessage(), $e->getField());
+        } catch (IllegalLinkException) {
+            return $this->toErrorResponse(RequestFailure::ValidationFailed, 'assertion_failed');
         } catch (\Throwable $e) {
             logThrowable($e);
 
-- 
2.20.1