diff options
author | Maxence Lange <maxence@artificial-owl.com> | 2018-12-03 21:43:47 -0100 |
---|---|---|
committer | Maxence Lange <maxence@artificial-owl.com> | 2018-12-03 21:43:47 -0100 |
commit | 4c82ab8612ce6909ebb4d7d3cf92dc3c4fce2ac3 (patch) | |
tree | 7249d67ddd796b6e79d98bf75a48cd55f29bd630 | |
parent | 9457e563e39bb1e608b5cf8b01d81441043a0ed3 (diff) |
validate entries
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
-rw-r--r-- | lib/Exceptions/InvalidResourceEntryException.php | 8 | ||||
-rw-r--r-- | lib/Model/ActivityPub/ACore.php | 33 | ||||
-rw-r--r-- | lib/Service/ActivityPub/NoteService.php | 5 |
3 files changed, 32 insertions, 14 deletions
diff --git a/lib/Exceptions/InvalidResourceEntryException.php b/lib/Exceptions/InvalidResourceEntryException.php new file mode 100644 index 00000000..612eb0d3 --- /dev/null +++ b/lib/Exceptions/InvalidResourceEntryException.php @@ -0,0 +1,8 @@ +<?php + +namespace OCA\Social\Exceptions; + +class InvalidResourceEntryException extends \Exception { + +} + diff --git a/lib/Model/ActivityPub/ACore.php b/lib/Model/ActivityPub/ACore.php index ebb2e0e0..a71a3579 100644 --- a/lib/Model/ActivityPub/ACore.php +++ b/lib/Model/ActivityPub/ACore.php @@ -35,6 +35,7 @@ use daita\MySmallPhpTools\Traits\TPathTools; use JsonSerializable; use OCA\Social\Exceptions\ActivityCantBeVerifiedException; use OCA\Social\Exceptions\InvalidOriginException; +use OCA\Social\Exceptions\InvalidResourceEntryException; use OCA\Social\Exceptions\UrlCloudException; use OCA\Social\Service\ActivityPub\ICoreService; @@ -175,7 +176,6 @@ abstract class ACore extends Item implements JsonSerializable { * @throws InvalidOriginException */ public function checkOrigin($id) { - // TODO - compare with verify $host = parse_url($id, PHP_URL_HOST); if ($this->getRoot() ->getOrigin() === $host) { @@ -194,7 +194,7 @@ abstract class ACore extends Item implements JsonSerializable { * @throws ActivityCantBeVerifiedException */ public function verify(string $url) { - // TODO - Compare this with checkOrigin() + // TODO - Compare this with checkOrigin() - and delete this method. $url1 = parse_url($this->getId()); $url2 = parse_url($url); @@ -348,6 +348,7 @@ abstract class ACore extends Item implements JsonSerializable { * @param string $default * * @return string + * @throws InvalidResourceEntryException */ public function validate(int $as, string $k, array $arr, string $default = ''): string { $value = $this->validateEntryString($as, $this->get($k, $arr, $default)); @@ -364,6 +365,7 @@ abstract class ACore extends Item implements JsonSerializable { * @param array $default * * @return array + * @throws InvalidResourceEntryException */ public function validateArray(int $as, string $k, array $arr, array $default = []): array { $values = $this->getArray($k, $arr, $default); @@ -378,44 +380,51 @@ abstract class ACore extends Item implements JsonSerializable { /** + * // TODO - better checks + * * @param $as * @param $value * * @return string + * @throws InvalidResourceEntryException */ public function validateEntryString(int $as, string $value): string { switch ($as) { case self::AS_ID: - // TODO check if id looks valid or Exception + if (parse_url($value) !== false) { + return $value; + } break; case self::AS_TYPE: - // TODO check if type looks valid or Exception - break; + return $value; case self::AS_URL: - // TODO check if url looks valid or Exception + if (parse_url($value) !== false) { + return $value; + } break; case self::AS_DATE: - // TODO check that date is valid - break; + return $value; case self::AS_STRING: - // Clean string - break; + $value = strip_tags($value); + + return $value; default: - // exception break; } - return $value; + throw new InvalidResourceEntryException($as . ' ' . $value); } /** * @param array $data + * + * @throws InvalidResourceEntryException */ public function import(array $data) { $this->setId($this->validate(self::AS_ID, 'id', $data, '')); diff --git a/lib/Service/ActivityPub/NoteService.php b/lib/Service/ActivityPub/NoteService.php index e3b4f050..cd294a1b 100644 --- a/lib/Service/ActivityPub/NoteService.php +++ b/lib/Service/ActivityPub/NoteService.php @@ -27,6 +27,7 @@ declare(strict_types=1); * */ + namespace OCA\Social\Service\ActivityPub; @@ -49,6 +50,7 @@ use OCA\Social\Service\ConfigService; use OCA\Social\Service\CurlService; use OCA\Social\Service\MiscService; + class NoteService implements ICoreService { @@ -93,8 +95,7 @@ class NoteService implements ICoreService { */ public function __construct( NotesRequest $notesRequest, ActivityService $activityService, ActorService $actorService, - PersonService $personService, - CurlService $curlService, ConfigService $configService, + PersonService $personService, CurlService $curlService, ConfigService $configService, MiscService $miscService ) { $this->notesRequest = $notesRequest; |