Add a validator on URL entity

This commit is contained in:
Nicolas Lœuillet 2023-08-29 14:17:53 +02:00
parent ec4d23b584
commit 94303c92e6
No known key found for this signature in database
GPG key ID: FA576177B1EBB573
5 changed files with 75 additions and 5 deletions

View file

@ -15,6 +15,7 @@ use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException; use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use Symfony\Component\HttpKernel\Exception\HttpException; use Symfony\Component\HttpKernel\Exception\HttpException;
use Symfony\Component\Routing\Annotation\Route; use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Validator\Validator\ValidatorInterface;
use Wallabag\CoreBundle\Entity\Entry; use Wallabag\CoreBundle\Entity\Entry;
use Wallabag\CoreBundle\Entity\Tag; use Wallabag\CoreBundle\Entity\Tag;
use Wallabag\CoreBundle\Event\EntryDeletedEvent; use Wallabag\CoreBundle\Event\EntryDeletedEvent;
@ -688,8 +689,15 @@ class EntryRestController extends WallabagRestController
* *
* @return JsonResponse * @return JsonResponse
*/ */
public function postEntriesAction(Request $request, EntryRepository $entryRepository, ContentProxy $contentProxy, LoggerInterface $logger, TagsAssigner $tagsAssigner, EventDispatcherInterface $eventDispatcher) public function postEntriesAction(
{ Request $request,
EntryRepository $entryRepository,
ContentProxy $contentProxy,
LoggerInterface $logger,
TagsAssigner $tagsAssigner,
EventDispatcherInterface $eventDispatcher,
ValidatorInterface $validator
) {
$this->validateAuthentication(); $this->validateAuthentication();
$url = $request->request->get('url'); $url = $request->request->get('url');
@ -760,6 +768,13 @@ class EntryRestController extends WallabagRestController
$contentProxy->setDefaultEntryTitle($entry); $contentProxy->setDefaultEntryTitle($entry);
} }
$errors = $validator->validate($entry);
if (\count($errors) > 0) {
$errorsString = (string) $errors;
return $this->sendResponse($errorsString);
}
$this->entityManager->persist($entry); $this->entityManager->persist($entry);
$this->entityManager->flush(); $this->entityManager->flush();

View file

@ -197,6 +197,8 @@ class EntryController extends AbstractController
// entry saved, dispatch event about it! // entry saved, dispatch event about it!
$this->eventDispatcher->dispatch(new EntrySavedEvent($entry), EntrySavedEvent::NAME); $this->eventDispatcher->dispatch(new EntrySavedEvent($entry), EntrySavedEvent::NAME);
return $this->redirect($this->generateUrl('homepage'));
} elseif ($form->isSubmitted() && !$form->isValid()) {
return $this->redirect($this->generateUrl('homepage')); return $this->redirect($this->generateUrl('homepage'));
} }

View file

@ -78,6 +78,9 @@ class Entry
* @var string * @var string
* *
* @Assert\NotBlank() * @Assert\NotBlank()
* @Assert\Url(
* message = "The url '{{ value }}' is not a valid url",
* )
* @ORM\Column(name="url", type="text", nullable=true) * @ORM\Column(name="url", type="text", nullable=true)
* *
* @Groups({"entries_for_user", "export_all"}) * @Groups({"entries_for_user", "export_all"})

View file

@ -509,6 +509,25 @@ class EntryRestControllerTest extends WallabagApiTestCase
$this->assertSame(400, $this->client->getResponse()->getStatusCode()); $this->assertSame(400, $this->client->getResponse()->getStatusCode());
} }
public function testBadFormatURL()
{
$this->client->request('POST', '/api/entries.json', [
'url' => 'wallabagIsAwesome',
'tags' => 'google',
'title' => 'New title for my article',
'content' => 'my content',
'language' => 'de',
'published_at' => '2016-09-08T11:55:58+0200',
'authors' => 'bob,helen',
'public' => 1,
]);
$this->assertSame(200, $this->client->getResponse()->getStatusCode());
$content = json_decode($this->client->getResponse()->getContent(), true);
$this->assertStringContainsString('The url \'"wallabagIsAwesome"\' is not a valid url', $content);
}
public function testPostEntry() public function testPostEntry()
{ {
$this->client->request('POST', '/api/entries.json', [ $this->client->request('POST', '/api/entries.json', [

View file

@ -20,6 +20,7 @@ class EntryControllerTest extends WallabagCoreTestCase
public const AN_URL_CONTAINING_AN_ARTICLE_WITH_IMAGE = 'https://www.lemonde.fr/judo/article/2017/11/11/judo-la-decima-de-teddy-riner_5213605_1556020.html'; public const AN_URL_CONTAINING_AN_ARTICLE_WITH_IMAGE = 'https://www.lemonde.fr/judo/article/2017/11/11/judo-la-decima-de-teddy-riner_5213605_1556020.html';
public $downloadImagesEnabled = false; public $downloadImagesEnabled = false;
public $url = 'https://www.lemonde.fr/pixels/article/2019/06/18/ce-qu-il-faut-savoir-sur-le-libra-la-cryptomonnaie-de-facebook_5477887_4408996.html'; public $url = 'https://www.lemonde.fr/pixels/article/2019/06/18/ce-qu-il-faut-savoir-sur-le-libra-la-cryptomonnaie-de-facebook_5477887_4408996.html';
public $wrongUrl = 'wallabagIsAwesome';
private $entryDataTestAttribute = '[data-test="entry"]'; private $entryDataTestAttribute = '[data-test="entry"]';
/** /**
@ -137,9 +138,7 @@ class EntryControllerTest extends WallabagCoreTestCase
$crawler = $client->submit($form); $crawler = $client->submit($form);
$this->assertSame(200, $client->getResponse()->getStatusCode()); $this->assertSame(302, $client->getResponse()->getStatusCode());
$this->assertCount(1, $alert = $crawler->filter('form ul li')->extract(['_text']));
$this->assertSame('This value should not be blank.', $alert[0]);
} }
/** /**
@ -423,6 +422,38 @@ class EntryControllerTest extends WallabagCoreTestCase
$em->flush(); $em->flush();
} }
/**
* @group NetworkCalls
*/
public function testBadFormatURL()
{
$this->logInAs('admin');
$client = $this->getTestClient();
$client->getContainer()->get(Config::class)->set('store_article_headers', 1);
$crawler = $client->request('GET', '/new');
$this->assertSame(200, $client->getResponse()->getStatusCode());
$form = $crawler->filter('form[name=entry]')->form();
$data = [
'entry[url]' => $this->wrongUrl,
];
$client->submit($form, $data);
$this->assertSame(302, $client->getResponse()->getStatusCode());
$content = $client->getContainer()
->get(EntityManagerInterface::class)
->getRepository(Entry::class)
->findByUrlAndUserId($this->wrongUrl, $this->getLoggedInUserId());
$this->assertFalse($content);
}
public function testArchive() public function testArchive()
{ {
$this->logInAs('admin'); $this->logInAs('admin');