Validate language & preview picture fields

Instead of saving the value of each field right into the content without any validation, it seems better to validate them. This might sounds obvious now we say that.
author: Jeremy Benoist <jeremy.benoist@gmail.com> 2017-06-08 21:51:46 +0200
committer: Jeremy Benoist <jeremy.benoist@gmail.com> 2017-06-08 21:51:46 +0200
commit: 0d349ea67073c535e1aa7f19f3cf842a54458bfe (patch)
tree: c5449f49c941ea7cc09f7606e87464c3d03367cf /src
parent: 3f474025d889c3eff20b481f005f4d292f1ef29d (diff)
download: wallabag-0d349ea67073c535e1aa7f19f3cf842a54458bfe.tar.gz
wallabag-0d349ea67073c535e1aa7f19f3cf842a54458bfe.tar.zst
wallabag-0d349ea67073c535e1aa7f19f3cf842a54458bfe.zip
2 files changed, 68 insertions, 11 deletions
diff --git a/src/Wallabag/CoreBundle/Helper/ContentProxy.php b/src/Wallabag/CoreBundle/Helper/ContentProxy.php
index d5820e66..dd9170ad 100644
--- a/src/Wallabag/CoreBundle/Helper/ContentProxy.php
+++ b/src/Wallabag/CoreBundle/Helper/ContentProxy.php
@@ -7,6 +7,9 @@ use Psr\Log\LoggerInterface;
 use Wallabag\CoreBundle\Entity\Entry;
 use Wallabag\CoreBundle\Tools\Utils;
 use Symfony\Component\HttpFoundation\File\MimeType\MimeTypeExtensionGuesser;
+use Symfony\Component\Validator\Constraints\Language as LanguageConstraint;
+use Symfony\Component\Validator\Constraints\Url as UrlConstraint;
+use Symfony\Component\Validator\Validator\ValidatorInterface;
 /**
 * This kind of proxy class take care of getting the content from an url
@@ -21,10 +24,11 @@ class ContentProxy
    protected $fetchingErrorMessage;
    protected $eventDispatcher;
-    public function __construct(Graby $graby, RuleBasedTagger $tagger, LoggerInterface $logger, $fetchingErrorMessage)
+    public function __construct(Graby $graby, RuleBasedTagger $tagger, ValidatorInterface $validator, LoggerInterface $logger, $fetchingErrorMessage)
    {
        $this->graby = $graby;
        $this->tagger = $tagger;
+        $this->validator = $validator;
        $this->logger = $logger;
        $this->mimeGuesser = new MimeTypeExtensionGuesser();
        $this->fetchingErrorMessage = $fetchingErrorMessage;
@@ -113,7 +117,24 @@ class ContentProxy
            $entry->setHeaders($content['all_headers']);
        }
-        $entry->setLanguage(isset($content['language']) ? $content['language'] : '');
+        $this->validateAndSetLanguage(
+            $entry,
+            isset($content['language']) ? $content['language'] : ''
+        );
+        $this->validateAndSetPreviewPicture(
+            $entry,
+            isset($content['open_graph']['og_image']) ? $content['open_graph']['og_image'] : ''
+        );
+        // if content is an image define as a preview too
+        if (!empty($content['content_type']) && in_array($this->mimeGuesser->guess($content['content_type']), ['jpeg', 'jpg', 'gif', 'png'], true)) {
+            $this->validateAndSetPreviewPicture(
+                $entry,
+                $content['url']
+            );
+        }
        $entry->setMimetype(isset($content['content_type']) ? $content['content_type'] : '');
        $entry->setReadingTime(Utils::getReadingTime($html));
@@ -122,15 +143,6 @@ class ContentProxy
            $entry->setDomainName($domainName);
        }
-        if (!empty($content['open_graph']['og_image'])) {
-            $entry->setPreviewPicture($content['open_graph']['og_image']);
-        }
-        // if content is an image define as a preview too
-        if (!empty($content['content_type']) && in_array($this->mimeGuesser->guess($content['content_type']), ['jpeg', 'jpg', 'gif', 'png'], true)) {
-            $entry->setPreviewPicture($content['url']);
-        }
        try {
            $this->tagger->tag($entry);
        } catch (\Exception $e) {
@@ -152,4 +164,48 @@ class ContentProxy
    {
        return !empty($content['title']) && !empty($content['html']) && !empty($content['url']);
    }
+    /**
+     * Use a Symfony validator to ensure the language is well formatted.
+     *
+     * @param Entry  $entry
+     * @param string $value Language to validate
+     */
+    private function validateAndSetLanguage($entry, $value)
+    {
+        $errors = $this->validator->validate(
+            $value,
+            (new LanguageConstraint())
+        );
+        if (0 === count($errors)) {
+            $entry->setLanguage($value);
+            return;
+        }
+        $this->logger->warning('Language validation failed. '.(string) $errors);
+    }
+    /**
+     * Use a Symfony validator to ensure the preview picture is a real url.
+     *
+     * @param Entry  $entry
+     * @param string $value URL to validate
+     */
+    private function validateAndSetPreviewPicture($entry, $value)
+    {
+        $errors = $this->validator->validate(
+            $value,
+            (new UrlConstraint())
+        );
+        if (0 === count($errors)) {
+            $entry->setPreviewPicture($value);
+            return;
+        }
+        $this->logger->warning('PreviewPicture validation failed. '.(string) $errors);
+    }
 }
diff --git a/src/Wallabag/CoreBundle/Resources/config/services.yml b/src/Wallabag/CoreBundle/Resources/config/services.yml
index a9b0d2d5..2ae5d27f 100644
--- a/src/Wallabag/CoreBundle/Resources/config/services.yml
+++ b/src/Wallabag/CoreBundle/Resources/config/services.yml
@@ -90,6 +90,7 @@ services:
        arguments:
            - "@wallabag_core.graby"
            - "@wallabag_core.rule_based_tagger"
+            - "@validator"
            - "@logger"
            - '%wallabag_core.fetching_error_message%'
author	Jeremy Benoist <jeremy.benoist@gmail.com>	2017-06-08 21:51:46 +0200
committer	Jeremy Benoist <jeremy.benoist@gmail.com>	2017-06-08 21:51:46 +0200
commit	0d349ea67073c535e1aa7f19f3cf842a54458bfe (patch)
tree	c5449f49c941ea7cc09f7606e87464c3d03367cf /src
parent	3f474025d889c3eff20b481f005f4d292f1ef29d (diff)
download	wallabag-0d349ea67073c535e1aa7f19f3cf842a54458bfe.tar.gz wallabag-0d349ea67073c535e1aa7f19f3cf842a54458bfe.tar.zst wallabag-0d349ea67073c535e1aa7f19f3cf842a54458bfe.zip

diff --git a/src/Wallabag/CoreBundle/Helper/ContentProxy.php b/src/Wallabag/CoreBundle/Helper/ContentProxy.php index d5820e66..dd9170ad 100644 --- a/src/Wallabag/CoreBundle/Helper/ContentProxy.php +++ b/src/Wallabag/CoreBundle/Helper/ContentProxy.php
@@ -7,6 +7,9 @@ use Psr\Log\LoggerInterface;
7	use Wallabag\CoreBundle\Entity\Entry;	7	use Wallabag\CoreBundle\Entity\Entry;
8	use Wallabag\CoreBundle\Tools\Utils;	8	use Wallabag\CoreBundle\Tools\Utils;
9	use Symfony\Component\HttpFoundation\File\MimeType\MimeTypeExtensionGuesser;	9	use Symfony\Component\HttpFoundation\File\MimeType\MimeTypeExtensionGuesser;
		10	use Symfony\Component\Validator\Constraints\Language as LanguageConstraint;
		11	use Symfony\Component\Validator\Constraints\Url as UrlConstraint;
		12	use Symfony\Component\Validator\Validator\ValidatorInterface;
10		13
11	/**	14	/**
12	* This kind of proxy class take care of getting the content from an url	15	* This kind of proxy class take care of getting the content from an url
@@ -21,10 +24,11 @@ class ContentProxy
21	protected $fetchingErrorMessage;	24	protected $fetchingErrorMessage;
22	protected $eventDispatcher;	25	protected $eventDispatcher;
23		26
24	public function __construct(Graby $graby, RuleBasedTagger $tagger, LoggerInterface $logger, $fetchingErrorMessage)	27	public function __construct(Graby $graby, RuleBasedTagger $tagger, ValidatorInterface $validator, LoggerInterface $logger, $fetchingErrorMessage)
25	{	28	{
26	$this->graby = $graby;	29	$this->graby = $graby;
27	$this->tagger = $tagger;	30	$this->tagger = $tagger;
		31	$this->validator = $validator;
28	$this->logger = $logger;	32	$this->logger = $logger;
29	$this->mimeGuesser = new MimeTypeExtensionGuesser();	33	$this->mimeGuesser = new MimeTypeExtensionGuesser();
30	$this->fetchingErrorMessage = $fetchingErrorMessage;	34	$this->fetchingErrorMessage = $fetchingErrorMessage;
@@ -113,7 +117,24 @@ class ContentProxy
113	$entry->setHeaders($content['all_headers']);	117	$entry->setHeaders($content['all_headers']);
114	}	118	}
115		119
116	$entry->setLanguage(isset($content['language']) ? $content['language'] : '');	120	$this->validateAndSetLanguage(
		121	$entry,
		122	isset($content['language']) ? $content['language'] : ''
		123	);
		124
		125	$this->validateAndSetPreviewPicture(
		126	$entry,
		127	isset($content['open_graph']['og_image']) ? $content['open_graph']['og_image'] : ''
		128	);
		129
		130	// if content is an image define as a preview too
		131	if (!empty($content['content_type']) && in_array($this->mimeGuesser->guess($content['content_type']), ['jpeg', 'jpg', 'gif', 'png'], true)) {
		132	$this->validateAndSetPreviewPicture(
		133	$entry,
		134	$content['url']
		135	);
		136	}
		137
117	$entry->setMimetype(isset($content['content_type']) ? $content['content_type'] : '');	138	$entry->setMimetype(isset($content['content_type']) ? $content['content_type'] : '');
118	$entry->setReadingTime(Utils::getReadingTime($html));	139	$entry->setReadingTime(Utils::getReadingTime($html));
119		140
@@ -122,15 +143,6 @@ class ContentProxy
122	$entry->setDomainName($domainName);	143	$entry->setDomainName($domainName);
123	}	144	}
124		145
125	if (!empty($content['open_graph']['og_image'])) {
126	$entry->setPreviewPicture($content['open_graph']['og_image']);
127	}
128
129	// if content is an image define as a preview too
130	if (!empty($content['content_type']) && in_array($this->mimeGuesser->guess($content['content_type']), ['jpeg', 'jpg', 'gif', 'png'], true)) {
131	$entry->setPreviewPicture($content['url']);
132	}
133
134	try {	146	try {
135	$this->tagger->tag($entry);	147	$this->tagger->tag($entry);
136	} catch (\Exception $e) {	148	} catch (\Exception $e) {
@@ -152,4 +164,48 @@ class ContentProxy
152	{	164	{
153	return !empty($content['title']) && !empty($content['html']) && !empty($content['url']);	165	return !empty($content['title']) && !empty($content['html']) && !empty($content['url']);
154	}	166	}
		167
		168	/**
		169	* Use a Symfony validator to ensure the language is well formatted.
		170	*
		171	* @param Entry $entry
		172	* @param string $value Language to validate
		173	*/
		174	private function validateAndSetLanguage($entry, $value)
		175	{
		176	$errors = $this->validator->validate(
		177	$value,
		178	(new LanguageConstraint())
		179	);
		180
		181	if (0 === count($errors)) {
		182	$entry->setLanguage($value);
		183
		184	return;
		185	}
		186
		187	$this->logger->warning('Language validation failed. '.(string) $errors);
		188	}
		189
		190	/**
		191	* Use a Symfony validator to ensure the preview picture is a real url.
		192	*
		193	* @param Entry $entry
		194	* @param string $value URL to validate
		195	*/
		196	private function validateAndSetPreviewPicture($entry, $value)
		197	{
		198	$errors = $this->validator->validate(
		199	$value,
		200	(new UrlConstraint())
		201	);
		202
		203	if (0 === count($errors)) {
		204	$entry->setPreviewPicture($value);
		205
		206	return;
		207	}
		208
		209	$this->logger->warning('PreviewPicture validation failed. '.(string) $errors);
		210	}
155	}	211	}


diff --git a/src/Wallabag/CoreBundle/Resources/config/services.yml b/src/Wallabag/CoreBundle/Resources/config/services.yml index a9b0d2d5..2ae5d27f 100644 --- a/src/Wallabag/CoreBundle/Resources/config/services.yml +++ b/src/Wallabag/CoreBundle/Resources/config/services.yml
@@ -90,6 +90,7 @@ services:
90	arguments:	90	arguments:
91	- "@wallabag_core.graby"	91	- "@wallabag_core.graby"
92	- "@wallabag_core.rule_based_tagger"	92	- "@wallabag_core.rule_based_tagger"
		93	- "@validator"
93	- "@logger"	94	- "@logger"
94	- '%wallabag_core.fetching_error_message%'	95	- '%wallabag_core.fetching_error_message%'
95		96