api: raise bad request when ?full=on is given to global forms API (#53944)

tests/api/test_formdata.py

@@ -1200,6 +1200,7 @@ def test_api_global_listing(pub, local_user, user, auth):
     # check error handling
     get_url('/api/forms/?status=done&limit=plop', status=400)
     get_url('/api/forms/?status=done&offset=plop', status=400)
+    get_url('/api/forms/?full=on', status=400)
 
     # check when there are missing statuses
     for formdata in data_class.select():

wcs/api.py

@@ -25,7 +25,7 @@ from django.http import HttpResponse, HttpResponseBadRequest, JsonResponse
 from django.utils.encoding import force_text
 from quixote import get_publisher, get_request, get_response, get_session
 from quixote.directory import Directory
-from quixote.errors import MethodNotAllowedError
+from quixote.errors import MethodNotAllowedError, RequestError
 
 import wcs.qommon.storage as st
 from wcs.admin.settings import UserFieldsFormDef
@@ -388,6 +388,9 @@ class ApiFormsDirectory(Directory):
         self.check_access()
         get_request()._user = get_user_from_api_query_string() or get_request().user
 
+        if get_request().form.get('full') == 'on':
+            raise RequestError('no such parameter "full"')
+
         if FormDef.count() == 0:
             # early return, this avoids running a query against a missing SQL view.
             get_response().set_content_type('application/json')