From ca2c73a2cda6f0dca30866777a80c0a60f61d980 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sat, 16 Oct 2021 15:23:40 -0400 Subject: [PATCH 1/2] Account for the PUBLIC value for id parameter in Depository\PermissionSet::selectOneById --- src/Model/ProfileField.php | 2 +- src/Module/PermissionTooltip.php | 2 +- .../PermissionSet/Depository/PermissionSet.php | 14 +++++++++++--- 3 files changed, 13 insertions(+), 5 deletions(-) diff --git a/src/Model/ProfileField.php b/src/Model/ProfileField.php index 66833890e8..c5905f934c 100644 --- a/src/Model/ProfileField.php +++ b/src/Model/ProfileField.php @@ -65,7 +65,7 @@ class ProfileField extends BaseModel switch ($name) { case 'permissionSet': if (empty($this->permissionSet)) { - $permissionSet = $this->permissionSetDepository->selectOneById($this->psid); + $permissionSet = $this->permissionSetDepository->selectOneById($this->psid, $this->uid); if ($permissionSet->uid !== $this->uid) { throw new NotFoundException(sprintf('PermissionSet %d (user-id: %d) for ProfileField %d (user-id: %d) is invalid.', $permissionSet->id, $permissionSet->uid, $this->id, $this->uid)); } diff --git a/src/Module/PermissionTooltip.php b/src/Module/PermissionTooltip.php index 3f23032d6d..df82574e92 100644 --- a/src/Module/PermissionTooltip.php +++ b/src/Module/PermissionTooltip.php @@ -39,7 +39,7 @@ class PermissionTooltip extends \Friendica\BaseModule } if (isset($model['psid'])) { - $permissionSet = DI::permissionSet()->selectOneById($model['psid']); + $permissionSet = DI::permissionSet()->selectOneById($model['psid'], $model['uid']); $model['allow_cid'] = $permissionSet->allow_cid; $model['allow_gid'] = $permissionSet->allow_gid; $model['deny_cid'] = $permissionSet->deny_cid; diff --git a/src/Security/PermissionSet/Depository/PermissionSet.php b/src/Security/PermissionSet/Depository/PermissionSet.php index fed3accee1..b4a918b6d1 100644 --- a/src/Security/PermissionSet/Depository/PermissionSet.php +++ b/src/Security/PermissionSet/Depository/PermissionSet.php @@ -89,13 +89,21 @@ class PermissionSet extends BaseDepository } /** - * @param int $id - * + * @param int $id A permissionset table row id or self::PUBLIC + * @param int|null $uid Should be provided when id can be self::PUBLIC * @return Entity\PermissionSet * @throws NotFoundException */ - public function selectOneById(int $id): Entity\PermissionSet + public function selectOneById(int $id, int $uid = null): Entity\PermissionSet { + if ($id === self::PUBLIC) { + if (empty($uid)) { + throw new \InvalidArgumentException('Missing uid for Public permission set instantiation'); + } + + return $this->factory->createFromString($uid); + } + return $this->selectOne(['id' => $id]); } From 29be333cec6af40446e864cb3c65f9f2ad0e7e82 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sat, 16 Oct 2021 15:24:40 -0400 Subject: [PATCH 2/2] Add test for public value of Depository\PermissionSet->selectOneById --- .../Depository/PermissionSetTest.php | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 tests/src/Security/PermissionSet/Depository/PermissionSetTest.php diff --git a/tests/src/Security/PermissionSet/Depository/PermissionSetTest.php b/tests/src/Security/PermissionSet/Depository/PermissionSetTest.php new file mode 100644 index 0000000000..3057694117 --- /dev/null +++ b/tests/src/Security/PermissionSet/Depository/PermissionSetTest.php @@ -0,0 +1,40 @@ +addRules(include __DIR__ . '/../../../../../static/dependencies.config.php') + ->addRule(Database::class, ['instanceOf' => StaticDatabase::class, 'shared' => true]); + DI::init($dice); + + $this->depository = DI::permissionSet(); + } + + public function testSelectOneByIdPublicMissingUid() + { + $this->expectException(\InvalidArgumentException::class); + + $this->depository->selectOneById(PermissionSet::PUBLIC); + } + + public function testSelectOneByIdPublic() + { + $permissionSet = $this->depository->selectOneById(PermissionSet::PUBLIC, 1); + + $this->assertInstanceOf(\Friendica\Security\PermissionSet\Entity\PermissionSet::class, $permissionSet); + } +}