Skip to content
This repository has been archived by the owner on Jan 8, 2025. It is now read-only.

Commit

Permalink
Merge pull request #101 from serato/WEB-9021
Browse files Browse the repository at this point in the history 
[WEB-9021] Move input validations from Profile service to the bootstrap library
  • Loading branch information
@Jasmin12
Jasmin12 authored Sep 27, 2023
2 parents 0aa3b7b + 1f19d01 commit fe1f483
Show file tree
Hide file tree
Showing 4 changed files with 225 additions and 7 deletions.
23 changes: 23 additions & 0 deletions src/Exception/BadRequestContainHTMLTagsException.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
<?php

namespace Serato\SwsApp\Exception;

use Serato\SwsApp\Http\Rest\Exception\AbstractBadRequestException;

/**
* Class BadRequestContainHTMLTagsException
* The request param is invalid with html tags
* @package App\Exception\RequestValidation
*/
class BadRequestContainHTMLTagsException extends AbstractBadRequestException
{
/**
* @var int
*/
protected $code = 5023;

/**
* @var string
*/
protected $message;
}
12 changes: 10 additions & 2 deletions src/Validation/RequestValidation.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,11 @@

use Serato\SwsApp\Exception\MissingRequiredParametersException;
use Serato\SwsApp\Exception\InvalidRequestParametersException;
use Serato\SwsApp\Exception\BadRequestContainHTMLTagsException;
use Psr\Http\Message\ServerRequestInterface as Request;
use Rakit\Validation\Validator;
use Rakit\Validation\Rules\Regex;
use Serato\SwsApp\Validation\Rules\NoHtmlTag;

/**
* Class RequestValidation
Expand All @@ -28,6 +31,12 @@ public function validateRequestData(
$requestBody = $request->getParsedBody() ?? [];
$validator = new Validator();

// add custom validators
$validator->addValidator(NoHtmlTag::NO_HTML_TAG_RULE, new NoHtmlTag());

// add custom exceptions
$exceptions[NoHtmlTag::NO_HTML_TAG_RULE] = BadRequestContainHTMLTagsException::class;

// Add custom validation rules
if (!empty($customRules)) {
foreach ($customRules as $key => $customRule) {
Expand Down Expand Up @@ -58,7 +67,7 @@ public function validateRequestData(

foreach ($exceptions as $exceptionKey => $exception) {
if (!empty($error[$exceptionKey])) {
throw new $exception('', $request);
throw new $exception($error[$exceptionKey], $request);
}
}

Expand All @@ -68,7 +77,6 @@ public function validateRequestData(
if (!empty($required)) {
throw new MissingRequiredParametersException('', $request, $required);
}

if (!empty($invalid)) {
$errors = implode('. ', $invalid);
throw new InvalidRequestParametersException($errors, $request);
Expand Down
33 changes: 33 additions & 0 deletions src/Validation/Rules/NoHtmlTag.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
<?php

namespace Serato\SwsApp\Validation\Rules;

use Rakit\Validation\Rule;

class NoHtmlTag extends Rule
{
/**
* Validation rule name for params without HTML tags.
* @var string
*/
public const NO_HTML_TAG_RULE = 'no_html_tag';
/**
* Regex validation rule for params without HTML tags.
* @var string
*/
public const NO_HTML_TAG_REGEX = '/^(?:(?!<[^>]*$)[^<])*$/';

/** @var string */
protected $message = "The :attribute contains html tag.";

/**
* Check the $value is valid by checking it does not contain html tags
*
* @param mixed $value
* @return bool
*/
public function check($value): bool
{
return preg_match(self::NO_HTML_TAG_REGEX, $value) > 0;
}
}
164 changes: 159 additions & 5 deletions tests/Validation/RequestValidationTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,10 @@
use Psr\Http\Message\ServerRequestInterface as Request;
use Rakit\Validation\RuleNotFoundException;
use Rakit\Validation\Rules\Numeric;
use Rakit\Validation\Rules\Regex;
use Serato\SwsApp\Validation\Rules\NoHtmlTag;
use Serato\SwsApp\Exception\InvalidRequestParametersException;
use Serato\SwsApp\Exception\BadRequestContainHTMLTagsException;
use Serato\SwsApp\Exception\MissingRequiredParametersException;
use Serato\SwsApp\Http\Rest\Exception\UnsupportedContentTypeException;
use Serato\SwsApp\Test\TestCase;
Expand Down Expand Up @@ -75,6 +78,8 @@ public function testValidateRequestData(
*/
public function dataProvider(): array
{
$paramStartWithARule = new Regex();
$paramStartWithARule->setParameter('regex', '/^a/');
return [
// no errors
[
Expand Down Expand Up @@ -115,17 +120,129 @@ public function dataProvider(): array
],
'errorExpected' => RuleNotFoundException::class,
],
// valid params without html tags throw no error
[
'body' => [
'paramName' => 'br'
],
'rules' => [
'paramName' => NoHtmlTag::NO_HTML_TAG_RULE
],
'errorExpected' => null
],
// invalid params with html tags but no `no_html_tag` specified not throw error
[
'body' => [
'paramName' => '<br>'
],
'rules' => [
'paramName' => 'required'
],
'errorExpected' => null
],
// invalid params contains html tags throw BadRequestContainHTMLTagsException
[
'body' => [
'paramName' => '<br>'
],
'rules' => [
'paramName' => NoHtmlTag::NO_HTML_TAG_RULE,
],
'errorExpected' => BadRequestContainHTMLTagsException::class,
],
// invalid params contains html tags throw BadRequestContainHTMLTagsException 2
[
'body' => [
'paramName' => '<a>test</a>'
],
'rules' => [
'paramName' => NoHtmlTag::NO_HTML_TAG_RULE
],
'errorExpected' => BadRequestContainHTMLTagsException::class
],
// invalid params contains html tags throw BadRequestContainHTMLTagsException 3
[
'body' => [
'paramName' => '<fake></fake>'
],
'rules' => [
'paramName' => NoHtmlTag::NO_HTML_TAG_RULE
],
'errorExpected' => BadRequestContainHTMLTagsException::class
],
// invalid params contains html tags throw BadRequestContainHTMLTagsException 4
[
'body' => [
'paramName' => 'test</a>'
],
'rules' => [
'paramName' => NoHtmlTag::NO_HTML_TAG_RULE
],
'errorExpected' => BadRequestContainHTMLTagsException::class
],
// invalid params contains invalid format throws InvalidRequestParametersException
[
'body' => [
'paramName' => '<br>'
],
'rules' => [
'paramName' => 'start_with_a'
],
'errorExpected' => InvalidRequestParametersException::class,
'customRules' => [
'start_with_a' => $paramStartWithARule
],
'customException' => [
'start_with_a' => InvalidRequestParametersException::class
]
],
// invalid params contains invalid format and html tags throws InvalidRequestParametersException
[
'body' => [
'paramName' => '<br>',
'paramName2' => '<a>'
],
'rules' => [
'paramName' => 'start_with_a',
'paramName2' => NoHtmlTag::NO_HTML_TAG_RULE
],
'errorExpected' => InvalidRequestParametersException::class,
'customRules' => [
'start_with_a' => $paramStartWithARule
],
'customException' => [
'start_with_a' => InvalidRequestParametersException::class
]
],
// custom rule
[
'body' => [
'paramName' => '1'
],
'rules' => [
'paramName' => 'required|is_numberic'
'paramName' => 'required|is_numeric'
],
'errorExpected' => null,
'customRules' => [
'is_numberic' => new Numeric()
'is_numeric' => new Numeric()
]
],
// custom rule and invalid params contains html tags not excepting errors
[
'body' => [
'paramName' => '1',
'paramNam2' => '<a>'
],
'rules' => [
'paramName' => 'required|is_numeric',
'paramName2' => NoHtmlTag::NO_HTML_TAG_RULE
],
'errorExpected' => null,
'customRules' => [
'is_numeric' => new Numeric()
],
'customException' => [
'is_numeric' => UnsupportedContentTypeException::class
]
],
// custom exception
Expand All @@ -134,14 +251,51 @@ public function dataProvider(): array
'paramName' => 'invalid-number'
],
'rules' => [
'paramName' => 'required|is_numberic'
'paramName' => 'required|is_numeric'
],
'errorExpected' => UnsupportedContentTypeException::class,
'customRules' => [
'is_numberic' => new Numeric()
'is_numeric' => new Numeric()
],
'customException' => [
'is_numeric' => UnsupportedContentTypeException::class
]
],
// custom exception and invalid params contains html tags throws UnsupportedContentTypeException
[
'body' => [
'paramName' => 'invalid-number',
'paramName2' => '<br>'
],
'rules' => [
'paramName' => 'required|is_numeric',
'paramName2' => NoHtmlTag::NO_HTML_TAG_RULE
],
'errorExpected' => UnsupportedContentTypeException::class,
'customRules' => [
'is_numeric' => new Numeric()
],
'customException' => [
'is_numeric' => UnsupportedContentTypeException::class,
]
],
// custom exception and invalid params contains html tags throws BadRequestContainHTMLTagsException
// (params order changed)
[
'body' => [
'paramName' => '<br>',
'paramName2' => 'invalid-number',
],
'rules' => [
'paramName' => NoHtmlTag::NO_HTML_TAG_RULE,
'paramName2' => 'required|is_numeric',
],
'errorExpected' => BadRequestContainHTMLTagsException::class,
'customRules' => [
'is_numeric' => new Numeric()
],
'customException' => [
'is_numberic' => UnsupportedContentTypeException::class
'is_numeric' => UnsupportedContentTypeException::class
]
],
//preprocess data with default values
Expand Down

0 comments on commit fe1f483

Please sign in to comment.