From a06e8bfaee7de3bc8c2691e8d6462a52d5345e09 Mon Sep 17 00:00:00 2001 From: Harald Eilertsen Date: Tue, 18 Jul 2023 20:18:42 +0200 Subject: Zotlabs: Improve type safety for AccessList class. Add type annotations for constructor and set* methods, and throw an exception if the passed in arrays are missing required keys. This means that both invalid input types and missing keys will throw and exception rather than just die with a runtime error. There's not checks to verify that the contents of the required array keys are valid or make sense, though. They are just assigned, and returned as is by the get method when requested. Also, the set_from_array method is not well tested at the moment. --- Zotlabs/Access/AccessList.php | 40 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 37 insertions(+), 3 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Access/AccessList.php b/Zotlabs/Access/AccessList.php index 790ef4745..a7da1274f 100644 --- a/Zotlabs/Access/AccessList.php +++ b/Zotlabs/Access/AccessList.php @@ -2,6 +2,7 @@ namespace Zotlabs\Access; + /** * @brief AccessList class which represents individual content ACLs. * @@ -40,6 +41,25 @@ class AccessList { */ private $explicit; + /** + * @brief Keys required by the constructor if the channel array is given. + */ + private const REQUIRED_KEYS_CONSTRUCTOR = [ + 'channel_allow_cid', + 'channel_allow_gid', + 'channel_deny_cid', + 'channel_deny_gid' + ]; + + /** + * @brief Keys required by the set method. + */ + private const REQUIRED_KEYS_SET = [ + 'allow_cid', + 'allow_gid', + 'deny_cid', + 'deny_gid' + ]; /** * @brief Constructor for AccessList class. @@ -53,8 +73,9 @@ class AccessList { * * \e string \b channel_deny_cid => string of denied cids * * \e string \b channel_deny_gid => string of denied gids */ - function __construct($channel) { + function __construct(array $channel) { if ($channel) { + $this->validate_input_array($channel, self::REQUIRED_KEYS_CONSTRUCTOR); $this->allow_cid = $channel['channel_allow_cid']; $this->allow_gid = $channel['channel_allow_gid']; $this->deny_cid = $channel['channel_deny_cid']; @@ -70,6 +91,17 @@ class AccessList { $this->explicit = false; } + private function validate_input_array(array $arr, array $required_keys) { + $missing_keys = array_diff($required_keys, array_keys($arr)); + + if (!empty($missing_keys)) { + throw new \Exception( + 'Invalid AccessList object: Expected array with keys: ' + . implode(', ', $missing_keys) + ); + } + } + /** * @brief Get if we are using the default constructor values * or values that have been set explicitly. @@ -94,7 +126,9 @@ class AccessList { * * \e string \b deny_gid => string of denied gids * @param boolean $explicit (optional) default true */ - function set($arr, $explicit = true) { + function set(array $arr, bool $explicit = true) { + $this->validate_input_array($arr, self::REQUIRED_KEYS_SET); + $this->allow_cid = $arr['allow_cid']; $this->allow_gid = $arr['allow_gid']; $this->deny_cid = $arr['deny_cid']; @@ -138,7 +172,7 @@ class AccessList { * * \e array|string \b group_deny => array with gids or comma-seperated string * @param boolean $explicit (optional) default true */ - function set_from_array($arr, $explicit = true) { + function set_from_array(array $arr, bool $explicit = true) { $arr['contact_allow'] = $arr['contact_allow'] ?? []; $arr['group_allow'] = $arr['group_allow'] ?? []; $arr['contact_deny'] = $arr['contact_deny'] ?? []; -- cgit v1.2.3 From 718c303086e6ab6061b2a920bd8293b2c0d11348 Mon Sep 17 00:00:00 2001 From: Harald Eilertsen Date: Wed, 19 Jul 2023 20:19:00 +0200 Subject: Zotlabs: More type safety for AccessList class. Add more type declarations to class attributes and functions. This should ensure that only strings and null values can be assigned to the various access list members. This is still a bit loose, as we should probably aim for lists of channel or group id's instead of a generic type like a string. I'll leave that for later, though. --- Zotlabs/Access/AccessList.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Access/AccessList.php b/Zotlabs/Access/AccessList.php index a7da1274f..3f5271e87 100644 --- a/Zotlabs/Access/AccessList.php +++ b/Zotlabs/Access/AccessList.php @@ -18,28 +18,28 @@ class AccessList { * @brief Allow contacts * @var string */ - private $allow_cid; + private ?string $allow_cid; /** * @brief Allow groups * @var string */ - private $allow_gid; + private ?string $allow_gid; /** * @brief Deny contacts * @var string */ - private $deny_cid; + private ?string $deny_cid; /** * @brief Deny groups * @var string */ - private $deny_gid; + private ?string $deny_gid; /** * @brief Indicates if we are using the default constructor values or * values that have been set explicitly. * @var boolean */ - private $explicit; + private bool $explicit; /** * @brief Keys required by the constructor if the channel array is given. @@ -91,7 +91,7 @@ class AccessList { $this->explicit = false; } - private function validate_input_array(array $arr, array $required_keys) { + private function validate_input_array(array $arr, array $required_keys) : void { $missing_keys = array_diff($required_keys, array_keys($arr)); if (!empty($missing_keys)) { @@ -108,7 +108,7 @@ class AccessList { * * @return boolean */ - function get_explicit() { + function get_explicit() : bool { return $this->explicit; } @@ -126,7 +126,7 @@ class AccessList { * * \e string \b deny_gid => string of denied gids * @param boolean $explicit (optional) default true */ - function set(array $arr, bool $explicit = true) { + function set(array $arr, bool $explicit = true) : void { $this->validate_input_array($arr, self::REQUIRED_KEYS_SET); $this->allow_cid = $arr['allow_cid']; @@ -146,7 +146,7 @@ class AccessList { * * \e string \b deny_cid => string of denied cids * * \e string \b deny_gid => string of denied gids */ - function get() { + function get() : array { return [ 'allow_cid' => $this->allow_cid, 'allow_gid' => $this->allow_gid, @@ -172,7 +172,7 @@ class AccessList { * * \e array|string \b group_deny => array with gids or comma-seperated string * @param boolean $explicit (optional) default true */ - function set_from_array(array $arr, bool $explicit = true) { + function set_from_array(array $arr, bool $explicit = true) : void { $arr['contact_allow'] = $arr['contact_allow'] ?? []; $arr['group_allow'] = $arr['group_allow'] ?? []; $arr['contact_deny'] = $arr['contact_deny'] ?? []; @@ -195,7 +195,7 @@ class AccessList { * * @return boolean Return true if any of allow_* deny_* values is set. */ - function is_private() { + function is_private() : bool { return (($this->allow_cid || $this->allow_gid || $this->deny_cid || $this->deny_gid) ? true : false); } -- cgit v1.2.3