While the situation is not expected in a normal utilization of the service an complete crash of the app is not acceptable response. Returning a 400 or 404 would have been expected.

The static analysis did not catch the issue because the type has been manually set to the expected one without proper checks.



Reproduction scenario:
1. Go to https://tuleap-web.tuleap-aio-dev.docker/plugins/document/:project_name/folders/:id/download-folder-as-zip where :id is the ID of an item that is not a folder

Error log:
PHP message: PHP Fatal error: Uncaught TypeError: Return value of Tuleap\Document\DownloadFolderAsZip\DocumentFolderZipStreamer::getFolder() must be an instance of Docman_Folder, instance of Docman_Link returned in /usr/share/tuleap/plugins/document/include/DownloadFolderAsZip/DocumentFolderZipStreamer.php:116
Stack trace:
#0 /usr/share/tuleap/plugins/document/include/DownloadFolderAsZip/DocumentFolderZipStreamer.php(84): Tuleap\Document\DownloadFolderAsZip\DocumentFolderZipStreamer->getFolder(Object(PFUser), Object(Project), Array)
#1 /usr/share/tuleap/src/common/Request/FrontRouter.php(242): Tuleap\Document\DownloadFolderAsZip\DocumentFolderZipStreamer->process(Object(HTTPRequest), Object(FlamingParrot_Theme), Array)
#2 /usr/share/tuleap/src/common/Request/FrontRouter.php(109): Tuleap\Request\FrontRouter->routeHandler(Object(HTTPRequest), Object(Tuleap\Document\DownloadFolderAsZip\DocumentFolderZipStreamer), Array)
#3 /usr/share/tuleap/src/www/index.php(49): Tuleap\Request\FrontRouter->route(Ob" while reading response header from upstream, client: 172.23.0.6, server: tuleap-web.tuleap-aio-dev.docker, request: "GET /plugins/document/project1/folders/15/download-folder-as-zip HTTP/1.0", upstream: "fastcgi://127.0.0.1:9000", host: "tuleap-web.tuleap-aio-dev.docker"