Tobias Gritschacher has submitted this change and it was merged.
Change subject: (bug 48473) Validate claim guid in api and return error
......................................................................
(bug 48473) Validate claim guid in api and return error
- currently it throws an exception and returns a stack trace in the api results
Change-Id: Id388b510a18ddd3ccd899b78c97c77650df4dd2b
---
M lib/WikibaseLib.classes.php
M lib/WikibaseLib.hooks.php
A lib/includes/ClaimGuidValidator.php
A lib/tests/phpunit/ClaimGuidValidatorTest.php
M repo/includes/api/GetClaims.php
M repo/includes/api/RemoveClaims.php
M repo/includes/api/RemoveQualifiers.php
M repo/includes/api/RemoveReferences.php
M repo/includes/api/SetClaimValue.php
M repo/includes/api/SetQualifier.php
M repo/includes/api/SetReference.php
M repo/includes/api/SetStatementRank.php
M repo/tests/phpunit/includes/api/GetClaimsTest.php
M repo/tests/phpunit/includes/api/RemoveClaimsTest.php
M repo/tests/phpunit/includes/api/RemoveQualifiersTest.php
M repo/tests/phpunit/includes/api/RemoveReferencesTest.php
M repo/tests/phpunit/includes/api/SetClaimValueTest.php
M repo/tests/phpunit/includes/api/SetQualifierTest.php
M repo/tests/phpunit/includes/api/SetReferenceTest.php
M repo/tests/phpunit/includes/api/SetStatementRankTest.php
20 files changed, 633 insertions(+), 11 deletions(-)
Approvals:
Tobias Gritschacher: Looks good to me, approved
jenkins-bot: Verified
diff --git a/lib/WikibaseLib.classes.php b/lib/WikibaseLib.classes.php
index 6dd483d..ec3aaec 100644
--- a/lib/WikibaseLib.classes.php
+++ b/lib/WikibaseLib.classes.php
@@ -44,6 +44,7 @@
'Wikibase\Lib\V4GuidGenerator' => 'includes/GuidGenerator.php',
'Wikibase\Lib\EntityRetrievingDataTypeLookup' =>
'includes/EntityRetrievingDataTypeLookup.php',
'Wikibase\Lib\ClaimGuidGenerator' =>
'includes/GuidGenerator.php',
+ 'Wikibase\Lib\ClaimGuidValidator' =>
'includes/ClaimGuidValidator.php',
'Wikibase\Lib\InMemoryDataTypeLookup' =>
'includes/InMemoryDataTypeLookup.php',
'Wikibase\LibRegistry' => 'includes/LibRegistry.php',
'Wikibase\Template' => 'includes/TemplateRegistry.php',
diff --git a/lib/WikibaseLib.hooks.php b/lib/WikibaseLib.hooks.php
index dafd214..ed1c5a5 100644
--- a/lib/WikibaseLib.hooks.php
+++ b/lib/WikibaseLib.hooks.php
@@ -70,6 +70,7 @@
'ByPropertyIdArray',
'ChangesTable',
'ClaimDifference',
+ 'ClaimGuidValidator',
'ReferencedEntitiesFinder',
'EntityRetrievingDataTypeLookup',
'InMemoryDataTypeLookup',
diff --git a/lib/includes/ClaimGuidValidator.php
b/lib/includes/ClaimGuidValidator.php
new file mode 100644
index 0000000..bce056a
--- /dev/null
+++ b/lib/includes/ClaimGuidValidator.php
@@ -0,0 +1,132 @@
+<?php
+
+namespace Wikibase\Lib;
+
+use Wikibase\Repo\WikibaseRepo;
+use ValueParsers\ParserOptions;
+
+/**
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @since 0.4
+ *
+ * @file
+ * @ingroup WikibaseLib
+ *
+ * @licence GNU GPL v2+
+ * @author Katie Filbert < aude.w...@gmail.com >
+ */
+class ClaimGuidValidator {
+
+ protected $entityPrefixes;
+
+ public function __construct( array $entityPrefixes ) {
+ $this->entityPrefixes = $entityPrefixes;
+ }
+
+ /**
+ * Validates a claim guid
+ *
+ * @since 0.4
+ *
+ * @param string $guid
+ *
+ * @return boolean
+ */
+ public function validate( $guid ) {
+ if ( ! $this->validateFormat( $guid ) ) {
+ return false;
+ }
+
+ $guidParts = explode( '$', $guid );
+
+ if ( ! $this->validateClaimGuidPrefix( $guidParts[0] ) || !
$this->validateGuid( $guidParts[1] ) ) {
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Basic validation for claim guid format
+ *
+ * @since 0.4
+ *
+ * @param string $guid
+ *
+ * @return boolean
+ */
+ public function validateFormat( $guid ) {
+ if ( ! is_string( $guid ) ) {
+ return false;
+ }
+
+ $keyParts = explode( '$', $guid );
+
+ if ( count( $keyParts ) !== 2 ) {
+ wfDebugLog( __CLASS__, __METHOD__ . ': claim guid does
not have the correct number of parts.' );
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Validate the second part of a claim guid, after the $
+ *
+ * @since 0.4
+ *
+ * @param string $guid
+ *
+ * @return boolean
+ */
+ protected function validateGuid( $guid ) {
+ $guidFormat =
'/^\{?[A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12}\}?$/';
+
+ if ( ! ( preg_match( $guidFormat, $guid ) ) ) {
+ wfDebugLog( __CLASS__, __METHOD__ . ': claim guid param
has an invalid format.' );
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Validate the claim guid prefix is a valid entity id
+ *
+ * @since 0.4
+ *
+ * @param string $guid
+ *
+ * @return boolean
+ */
+ protected function validateClaimGuidPrefix( $prefixedId ) {
+ $options = new ParserOptions( array(
+ EntityIdParser::OPT_PREFIX_MAP => $this->entityPrefixes
+ ) );
+
+ $entityIdParser = new EntityIdParser( $options );
+ $entityId = $entityIdParser->parse( $prefixedId );
+
+ if ( ! ( $entityId instanceof \Wikibase\EntityId ) ) {
+ wfDebugLog( __CLASS__, __METHOD__ . ': claim guid is
missing an entity id prefix.' );
+ return false;
+ }
+
+ return true;
+ }
+
+}
diff --git a/lib/tests/phpunit/ClaimGuidValidatorTest.php
b/lib/tests/phpunit/ClaimGuidValidatorTest.php
new file mode 100644
index 0000000..fcb4a88
--- /dev/null
+++ b/lib/tests/phpunit/ClaimGuidValidatorTest.php
@@ -0,0 +1,142 @@
+<?php
+
+namespace Wikibase\Lib\Test;
+
+use Wikibase\Lib\ClaimGuidValidator;
+
+/**
+ * Tests for the ClaimGuidValidator class.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
USA
+ *
+ * @file
+ * @since 0.4
+ *
+ * @ingroup Wikibase
+ * @ingroup Test
+ *
+ * @group Wikibase
+ * @group WikibaseLib
+ *
+ * @licence GNU GPL v2+
+ * @author Katie Filbert < aude.w...@gmail.com >
+ */
+class ClaimGuidValidatorTest extends \PHPUnit_Framework_TestCase {
+
+ protected $entityPrefixes;
+
+ public function setUp() {
+ parent::setUp();
+
+ $this->entityPrefixes = array(
+ 'q' => \Wikibase\Item::ENTITY_TYPE,
+ 'p' => \Wikibase\Property::ENTITY_TYPE,
+ );
+ }
+
+ /**
+ * @dataProvider validateProvider
+ */
+ public function testValidate( $guid ) {
+ $claimGuidValidator = new ClaimGuidValidator(
$this->entityPrefixes );
+ $isValid = $claimGuidValidator->validate( $guid );
+
+ $this->assertTrue( $isValid, "Assert that claim guid $guid is
valid" );
+ }
+
+ public function validateProvider() {
+ return array(
+ array( 'q60$5083E43C-228B-4E3E-B82A-4CB20A22A3FB' ),
+ array( 'q604192$5672A3B1-7693-4DF9-ADE8-8FC13E095604' ),
+ array( 'q37$a212184b-434c-7e90-dd26-29eda5ee2580' )
+ );
+ }
+
+ /**
+ * @dataProvider validateInvalidProvider
+ */
+ public function testValidateInvalid( $guid ) {
+ $claimGuidValidator = new ClaimGuidValidator(
$this->entityPrefixes );
+ $isValid = $claimGuidValidator->validate( $guid );
+
+ $this->assertFalse( $isValid, "Assert that claim guid $guid is
invalid" );
+ }
+
+ public function validateInvalidProvider() {
+ return array(
+ array( 'q60$5083E43C-228B-4E3E-B82A-4CB20A22A3F' ),
+ array( 'q60$5083E43C-228B-4E3E-B82A-$4CB20A22A3FB' ),
+ array( '$q60$5083E43C-228B-4E3E-B82A-4CB20A22A3FB' ),
+ array( '5083E43C-228B-4E3E-B82A-4CB20A22A3FB' ),
+ array( 9000 ),
+ array( 'q604192$56723B1-7693-4DF9-ADE8-8FC13E095604' ),
+ array( 'q604192$5672w3B1-693-4DF9-ADE8-8FC13E095604' ),
+ array( 'q604192$5672w3B1-6935-4F9-ADE8-8FC13E095604' ),
+ array( 'q604192$5672w3B1-6935-4DF9-AD8-8FC13E095604' ),
+ array( 'q604192$5672w3B1-6935-4DF9-ADE8-8FC13E09604' ),
+ array( 'q604192$5672A3B1--7693-4DF9-ADE8-8FC13E095604'
),
+ array( 'foo' ),
+ array( 'q12345' )
+ );
+ }
+
+ /**
+ * @dataProvider validateProvider
+ */
+ public function testValidateFormat( $guid ) {
+ $claimGuidValidator = new ClaimGuidValidator(
$this->entityPrefixes );
+ $isValid = $claimGuidValidator->validate( $guid );
+
+ $this->assertTrue( $isValid, "Assert that claim guid $guid has
a valid format." );
+ }
+
+ /**
+ * @dataProvider invalidFormatProvider
+ */
+ public function testInvalidFormat( $guid ) {
+ $claimGuidValidator = new ClaimGuidValidator(
$this->entityPrefixes );
+ $isValid = $claimGuidValidator->validate( $guid );
+
+ $this->assertFalse( $isValid, "Assert that claim guid $guid has
an invalid format." );
+ }
+
+ public function invalidFormatProvider() {
+ return array(
+ array( 'q12345' ),
+ array( 'q$1$2$3' ),
+ array( '$q60$5083E43C-228B-4E3E-B82A-4CB20A22A3FB' )
+ );
+ }
+
+ /**
+ * @dataProvider validateInvalidPrefixedIdProvider
+ */
+ public function testValidateInvalidPrefixedId( $guid ) {
+ $claimGuidValidator = new ClaimGuidValidator(
$this->entityPrefixes );
+
+ $this->setExpectedException( 'ValueParsers\ParseException' );
+
+ $isValid = $claimGuidValidator->validate( $guid );
+
+ $this->assertFalse( $isValid, "Assert that claim guid prefix is
invalid" );
+ }
+
+ public function validateInvalidPrefixedIdProvider() {
+ return array(
+ array( '060$5083E43C-228B-4E3E-B82A-4CB20A22A3FB' ),
+ array( 'a060$5083E43C-228B-4E3E-B82A-4CB20A22A3FB' )
+ );
+ }
+}
diff --git a/repo/includes/api/GetClaims.php b/repo/includes/api/GetClaims.php
index 72d998c..eebc0e5 100644
--- a/repo/includes/api/GetClaims.php
+++ b/repo/includes/api/GetClaims.php
@@ -5,6 +5,7 @@
use ApiBase;
use MWException;
+use Wikibase\Lib\ClaimGuidValidator;
use Wikibase\Lib\Serializers\ClaimSerializer;
use Wikibase\Lib\Serializers\SerializerFactory;
use Wikibase\EntityId;
@@ -13,6 +14,7 @@
use Wikibase\Statement;
use Wikibase\Claims;
use Wikibase\Claim;
+use Wikibase\Repo\WikibaseRepo;
/**
* API module for getting claims.
@@ -167,6 +169,15 @@
$claimGuid = null;
+ // @todo handle the settings in a more generalized way for all
the api modules
+ $settings = WikibaseRepo::getDefaultInstance()->getSettings();
+ $entityPrefixes = $settings->getSetting( 'entityPrefixes' );
+ $claimGuidValidator = new ClaimGuidValidator( $entityPrefixes );
+
+ if ( isset( $params['claim'] ) &&
$claimGuidValidator->validateFormat( $params['claim'] ) === false ) {
+ $this->dieUsage( 'Claim guid is invalid',
'getclaims-invalid-guid' );
+ }
+
if ( isset( $params['entity'] ) && isset( $params['claim'] ) ) {
$entityId = Entity::getIdFromClaimGuid(
$params['claim'] );
diff --git a/repo/includes/api/RemoveClaims.php
b/repo/includes/api/RemoveClaims.php
index 814454c..155db87 100644
--- a/repo/includes/api/RemoveClaims.php
+++ b/repo/includes/api/RemoveClaims.php
@@ -13,6 +13,8 @@
use Wikibase\Claims;
use Wikibase\Summary;
use Wikibase\PropertyValueSnak;
+use Wikibase\Lib\ClaimGuidValidator;
+use Wikibase\Repo\WikibaseRepo;
/**
* API module for removing claims.
@@ -147,14 +149,22 @@
$guids = array();
+ $settings = WikibaseRepo::getDefaultInstance()->getSettings();
+ $entityPrefixes = $settings->getSetting( 'entityPrefixes' );
+ $claimGuidValidator = new ClaimGuidValidator( $entityPrefixes );
+
foreach ( $params['claim'] as $guid ) {
- $entityId = Entity::getIdFromClaimGuid( $guid );
+ if ( $claimGuidValidator->validateFormat( $guid ) ) {
+ $entityId = Entity::getIdFromClaimGuid( $guid );
- if ( !array_key_exists( $entityId, $guids ) ) {
- $guids[$entityId] = array();
+ if ( !array_key_exists( $entityId, $guids ) ) {
+ $guids[$entityId] = array();
+ }
+
+ $guids[$entityId][] = $guid;
+ } else {
+ $this->dieUsage( 'Invalid claim guid',
'removeclaims-invalid-guid' );
}
-
- $guids[$entityId][] = $guid;
}
return $guids;
diff --git a/repo/includes/api/RemoveQualifiers.php
b/repo/includes/api/RemoveQualifiers.php
index 40b506d..9dbb802 100644
--- a/repo/includes/api/RemoveQualifiers.php
+++ b/repo/includes/api/RemoveQualifiers.php
@@ -12,6 +12,8 @@
use Wikibase\Claim;
use Wikibase\Claims;
use Wikibase\Settings;
+use Wikibase\Lib\ClaimGuidValidator;
+use Wikibase\Repo\WikibaseRepo;
/**
* API module for removing qualifiers from a claim.
@@ -72,6 +74,15 @@
protected function getEntityContent() {
$params = $this->extractRequestParams();
+ // @todo generalize handling of settings in api modules
+ $settings = WikibaseRepo::getDefaultInstance()->getSettings();
+ $entityPrefixes = $settings->getSetting( 'entityPrefixes' );
+ $claimGuidValidator = new ClaimGuidValidator( $entityPrefixes );
+
+ if ( !( $claimGuidValidator->validateFormat( $params['claim'] )
) ) {
+ $this->dieUsage( 'Invalid claim guid',
'removequalifiers-invalid-guid' );
+ }
+
$entityId = EntityId::newFromPrefixedId(
Entity::getIdFromClaimGuid( $params['claim'] ) );
$entityTitle =
EntityContentFactory::singleton()->getTitleForId( $entityId );
diff --git a/repo/includes/api/RemoveReferences.php
b/repo/includes/api/RemoveReferences.php
index 7f745ac..fd680ef 100644
--- a/repo/includes/api/RemoveReferences.php
+++ b/repo/includes/api/RemoveReferences.php
@@ -12,6 +12,8 @@
use Wikibase\References;
use Wikibase\Settings;
use Wikibase\Claims;
+use Wikibase\Lib\ClaimGuidValidator;
+use Wikibase\Repo\WikibaseRepo;
/**
* API module for removing one or more references of the same statement.
@@ -43,7 +45,7 @@
public function __construct( $mainModule, $moduleName, $modulePrefix =
'' ) {
//NOTE: need to declare this constructor, so old PHP versions
don't use the
- // removeReferences() function as the constructor.
+ //removeReferences() function as the constructor.
parent::__construct( $mainModule, $moduleName, $modulePrefix );
}
@@ -82,6 +84,15 @@
protected function getEntityContent() {
$params = $this->extractRequestParams();
+ // @todo generalize handling of settings in api modules
+ $settings = WikibaseRepo::getDefaultInstance()->getSettings();
+ $entityPrefixes = $settings->getSetting( 'entityPrefixes' );
+ $claimGuidValidator = new ClaimGuidValidator( $entityPrefixes );
+
+ if ( !( $claimGuidValidator->validateFormat(
$params['statement'] ) ) ) {
+ $this->dieUsage( 'Invalid claim guid',
'removereferences-invalid-guid' );
+ }
+
$entityId = EntityId::newFromPrefixedId(
Entity::getIdFromClaimGuid( $params['statement'] ) );
$entityTitle =
EntityContentFactory::singleton()->getTitleForId( $entityId );
diff --git a/repo/includes/api/SetClaimValue.php
b/repo/includes/api/SetClaimValue.php
index 3033b60..d8aba33 100644
--- a/repo/includes/api/SetClaimValue.php
+++ b/repo/includes/api/SetClaimValue.php
@@ -12,6 +12,8 @@
use Wikibase\SnakObject;
use Wikibase\Claim;
use Wikibase\Claims;
+use Wikibase\Lib\ClaimGuidValidator;
+use Wikibase\Repo\WikibaseRepo;
/**
* API module for setting the DataValue contained by the main snak of a claim.
@@ -79,6 +81,15 @@
*/
protected function getEntityContent() {
$params = $this->extractRequestParams();
+
+ // @todo generalize handling of settings in api modules
+ $settings = WikibaseRepo::getDefaultInstance()->getSettings();
+ $entityPrefixes = $settings->getSetting( 'entityPrefixes' );
+ $claimGuidValidator = new ClaimGuidValidator( $entityPrefixes );
+
+ if ( !( $claimGuidValidator->validate( $params['claim'] ) ) ) {
+ $this->dieUsage( 'Invalid claim guid',
'setclaimvalue-invalid-guid' );
+ }
$entityId = EntityId::newFromPrefixedId(
Entity::getIdFromClaimGuid( $params['claim'] ) );
$entityTitle =
EntityContentFactory::singleton()->getTitleForId( $entityId );
@@ -253,7 +264,7 @@
/**
- * @see \Wikibase\Api\IAutocomment::getTextForComment()
+ * @see \Wikibase\Api\IAutocomment::getTextForComment()
*/
public function getTextForComment( array $params, $plural = 1 ) {
return Autocomment::formatAutoComment(
@@ -265,7 +276,7 @@
}
/**
- * @see \Wikibase\Api\IAutocomment::getTextForSummary()
+ * @see \Wikibase\Api\IAutocomment::getTextForSummary()
*/
public function getTextForSummary( array $params ) {
return Autocomment::formatAutoSummary(
diff --git a/repo/includes/api/SetQualifier.php
b/repo/includes/api/SetQualifier.php
index a19e09a..32a6970 100644
--- a/repo/includes/api/SetQualifier.php
+++ b/repo/includes/api/SetQualifier.php
@@ -17,7 +17,7 @@
use Wikibase\PropertyValueSnak;
use Wikibase\LibRegistry;
use Wikibase\Settings;
-
+use Wikibase\Lib\ClaimGuidValidator;
/**
* API module for creating a qualifier or setting the value of an existing one.
@@ -118,6 +118,15 @@
protected function getEntityContent() {
$params = $this->extractRequestParams();
+ // @todo generalize handling of settings in api modules
+ $settings = WikibaseRepo::getDefaultInstance()->getSettings();
+ $entityPrefixes = $settings->getSetting( 'entityPrefixes' );
+ $claimGuidValidator = new ClaimGuidValidator( $entityPrefixes );
+
+ if ( !( $claimGuidValidator->validate( $params['claim'] ) ) ) {
+ $this->dieUsage( 'Invalid claim guid',
'setqualifier-invalid-guid' );
+ }
+
$entityId = EntityId::newFromPrefixedId(
Entity::getIdFromClaimGuid( $params['claim'] ) );
$entityTitle =
EntityContentFactory::singleton()->getTitleForId( $entityId );
diff --git a/repo/includes/api/SetReference.php
b/repo/includes/api/SetReference.php
index 3bfb47b..f6b0bef 100644
--- a/repo/includes/api/SetReference.php
+++ b/repo/includes/api/SetReference.php
@@ -14,6 +14,8 @@
use Wikibase\SnakList;
use Wikibase\Claims;
use Wikibase\Settings;
+use Wikibase\Lib\ClaimGuidValidator;
+use Wikibase\Repo\WikibaseRepo;
/**
* API module for creating a reference or setting the value of an existing one.
@@ -81,6 +83,15 @@
protected function getEntityContent() {
$params = $this->extractRequestParams();
+ // @todo generalize handling of settings in api modules
+ $settings = WikibaseRepo::getDefaultInstance()->getSettings();
+ $entityPrefixes = $settings->getSetting( 'entityPrefixes' );
+ $claimGuidValidator = new ClaimGuidValidator( $entityPrefixes );
+
+ if ( !( $claimGuidValidator->validate( $params['statement'] ) )
) {
+ $this->dieUsage( 'Invalid guid',
'setreference-invalid-guid' );
+ }
+
$entityId = EntityId::newFromPrefixedId(
Entity::getIdFromClaimGuid( $params['statement'] ) );
if ( $entityId === null ) {
diff --git a/repo/includes/api/SetStatementRank.php
b/repo/includes/api/SetStatementRank.php
index dc61b11..75e330e 100644
--- a/repo/includes/api/SetStatementRank.php
+++ b/repo/includes/api/SetStatementRank.php
@@ -11,8 +11,9 @@
use Wikibase\EntityContentFactory;
use Wikibase\Statement;
use Wikibase\Settings;
-
+use Wikibase\Lib\ClaimGuidValidator;
use Wikibase\Lib\Serializers\ClaimSerializer;
+use Wikibase\Repo\WikibaseRepo;
/**
* API module for setting the rank of a statement
@@ -49,7 +50,7 @@
public function __construct( $mainModule, $moduleName, $modulePrefix =
'' ) {
//NOTE: need to declare this constructor, so old PHP versions
don't use the
- // setStatementRank() function as the constructor.
+ //setStatementRank() function as the constructor.
parent::__construct( $mainModule, $moduleName, $modulePrefix );
}
@@ -85,6 +86,15 @@
protected function getEntityContent() {
$params = $this->extractRequestParams();
+ // @todo generalize handling of settings in api modules
+ $settings = WikibaseRepo::getDefaultInstance()->getSettings();
+ $entityPrefixes = $settings->getSetting( 'entityPrefixes' );
+ $claimGuidValidator = new ClaimGuidValidator( $entityPrefixes );
+
+ if ( !( $claimGuidValidator->validate( $params['statement'] ) )
) {
+ $this->dieUsage( 'Invalid claim guid',
'setstatementrank-invalid-guid' );
+ }
+
$entityId = EntityId::newFromPrefixedId(
Entity::getIdFromClaimGuid( $params['statement'] ) );
$entityTitle =
EntityContentFactory::singleton()->getTitleForId( $entityId );
diff --git a/repo/tests/phpunit/includes/api/GetClaimsTest.php
b/repo/tests/phpunit/includes/api/GetClaimsTest.php
index 602daff..0888c1f 100644
--- a/repo/tests/phpunit/includes/api/GetClaimsTest.php
+++ b/repo/tests/phpunit/includes/api/GetClaimsTest.php
@@ -40,6 +40,7 @@
*
* @licence GNU GPL v2+
* @author Jeroen De Dauw < jeroended...@gmail.com >
+ * @author Katie Filbert < aude.w...@gmail.com >
*/
class GetClaimsTest extends \ApiTestCase {
@@ -164,4 +165,31 @@
}
}
+ /**
+ * @dataProvider invalidClaimProvider
+ */
+ public function testGetInvalidClaims( $claimGuid ) {
+ $caughtException = false;
+
+ $params = array(
+ 'action' => 'wbgetclaims',
+ 'claim' => $claimGuid
+ );
+
+ try {
+ $this->doApiRequest( $params );
+ } catch ( \UsageException $e ) {
+ $this->assertEquals( $e->getCodeString(),
'getclaims-invalid-guid', 'Invalid claim guid raised correct error' );
+ $caughtException = true;
+ }
+
+ $this->assertTrue( $caughtException, 'Exception was caught' );
+ }
+
+ public function invalidClaimProvider() {
+ return array(
+ array( 'xyz' ),
+ array( 'x$y$z' )
+ );
+ }
}
diff --git a/repo/tests/phpunit/includes/api/RemoveClaimsTest.php
b/repo/tests/phpunit/includes/api/RemoveClaimsTest.php
index 105d4c6..77c9f56 100644
--- a/repo/tests/phpunit/includes/api/RemoveClaimsTest.php
+++ b/repo/tests/phpunit/includes/api/RemoveClaimsTest.php
@@ -38,6 +38,7 @@
*
* @licence GNU GPL v2+
* @author Jeroen De Dauw < jeroended...@gmail.com >
+ * @author Katie Filbert < aude.w...@gmail.com >
*/
class RemoveClaimsTest extends \ApiTestCase {
@@ -145,4 +146,32 @@
$this->assertArrayEquals( $claimGuids, $claims );
}
+ /**
+ * @dataProvider invalidClaimProvider
+ */
+ public function testRemoveInvalidClaims( $claimGuid ) {
+ $caughtException = false;
+
+ $params = array(
+ 'action' => 'wbremoveclaims',
+ 'claim' => $claimGuid
+ );
+
+ try {
+ $this->doApiRequest( $params );
+ } catch ( \UsageException $e ) {
+ $this->assertEquals( $e->getCodeString(),
'removeclaims-invalid-guid', 'Invalid claim guid raised correct error' );
+ $caughtException = true;
+ }
+
+ $this->assertTrue( $caughtException, 'Exception was caught' );
+ }
+
+ public function invalidClaimProvider() {
+ return array(
+ array( 'xyz' ),
+ array( 'x$y$z' )
+ );
+ }
+
}
diff --git a/repo/tests/phpunit/includes/api/RemoveQualifiersTest.php
b/repo/tests/phpunit/includes/api/RemoveQualifiersTest.php
index 782ebdf..1d8ec6a 100644
--- a/repo/tests/phpunit/includes/api/RemoveQualifiersTest.php
+++ b/repo/tests/phpunit/includes/api/RemoveQualifiersTest.php
@@ -38,6 +38,7 @@
*
* @licence GNU GPL v2+
* @author Jeroen De Dauw < jeroended...@gmail.com >
+ * @author Katie Filbert < aude.w...@gmail.com >
*/
class RemoveQualifiersTest extends \ApiTestCase {
@@ -156,4 +157,37 @@
}
}
+ /**
+ * @dataProvider invalidGuidProvider
+ */
+ public function testInvalidClaimGuid( $claimGuid, $hash ) {
+ $caughtException = false;
+
+ $params = array(
+ 'action' => 'wbremovequalifiers',
+ 'claim' => $claimGuid,
+ 'qualifiers' => $hash,
+ 'token' => $GLOBALS['wgUser']->getEditToken()
+ );
+
+ try {
+ $this->doApiRequest( $params );
+ } catch ( \UsageException $e ) {
+ $this->assertEquals( $e->getCodeString(),
'removequalifiers-invalid-guid', 'Invalid claim guid raised correct error' );
+ $caughtException = true;
+ }
+
+ $this->assertTrue( $caughtException );
+ }
+
+ public function invalidGuidProvider() {
+ $qualifierSnak = new \Wikibase\PropertyValueSnak( 722, new
\DataValues\StringValue( 'abc') );
+ $hash = $qualifierSnak->getHash();
+
+ return array(
+ array( 'xyz', $hash ),
+ array( 'x$y$z', $hash )
+ );
+ }
+
}
diff --git a/repo/tests/phpunit/includes/api/RemoveReferencesTest.php
b/repo/tests/phpunit/includes/api/RemoveReferencesTest.php
index 08d4222..60bafb8 100644
--- a/repo/tests/phpunit/includes/api/RemoveReferencesTest.php
+++ b/repo/tests/phpunit/includes/api/RemoveReferencesTest.php
@@ -39,6 +39,7 @@
*
* @licence GNU GPL v2+
* @author Jeroen De Dauw < jeroended...@gmail.com >
+ * @author Katie Filbert < aude.w...@gmail.com >
*/
class RemoveReferencesTest extends \ApiTestCase {
@@ -157,4 +158,37 @@
}
}
+ /**
+ * @dataProvider invalidGuidProvider
+ */
+ public function testInvalidStatementGuid( $statementGuid, $hash ) {
+ $caughtException = false;
+
+ $params = array(
+ 'action' => 'wbremovereferences',
+ 'statement' => $statementGuid,
+ 'references' => $hash,
+ 'token' => $GLOBALS['wgUser']->getEditToken()
+ );
+
+ try {
+ $this->doApiRequest( $params );
+ } catch ( \UsageException $e ) {
+ $this->assertEquals( $e->getCodeString(),
'removereferences-invalid-guid', 'Invalid statement guid raised correct error'
);
+ $caughtException = true;
+ }
+
+ $this->assertTrue( $caughtException );
+ }
+
+ public function invalidGuidProvider() {
+ $snak = new \Wikibase\PropertyValueSnak( 722, new
\DataValues\StringValue( 'abc') );
+ $hash = $snak->getHash();
+
+ return array(
+ array( 'xyz', $hash ),
+ array( 'x$y$z', $hash )
+ );
+ }
+
}
diff --git a/repo/tests/phpunit/includes/api/SetClaimValueTest.php
b/repo/tests/phpunit/includes/api/SetClaimValueTest.php
index 0ed51d8..d9fb0ea 100644
--- a/repo/tests/phpunit/includes/api/SetClaimValueTest.php
+++ b/repo/tests/phpunit/includes/api/SetClaimValueTest.php
@@ -39,6 +39,7 @@
*
* @licence GNU GPL v2+
* @author Jeroen De Dauw < jeroended...@gmail.com >
+ * @author Katie Filbert < aude.w...@gmail.com >
*/
class SetClaimValueTest extends \ApiTestCase {
@@ -131,4 +132,35 @@
$this->assertTrue( $claims->getClaimWithGuid( $claimGuid
)->getMainSnak()->getDataValue()->equals( $dataValue ) );
}
+ /**
+ * @dataProvider invalidClaimProvider
+ */
+ public function testInvalidClaimGuid( $claimGuid ) {
+ $caughtException = false;
+
+ $params = array(
+ 'action' => 'wbsetclaimvalue',
+ 'claim' => $claimGuid,
+ 'snaktype' => 'value',
+ 'value' => 'abc',
+ 'token' => $GLOBALS['wgUser']->getEditToken()
+ );
+
+ try {
+ $this->doApiRequest( $params );
+ } catch ( \UsageException $e ) {
+ $this->assertEquals( $e->getCodeString(),
'setclaimvalue-invalid-guid', 'Invalid claim guid raised correct error' );
+ $caughtException = true;
+ }
+
+ $this->assertTrue( $caughtException, 'Exception was caught' );
+ }
+
+ public function invalidClaimProvider() {
+ return array(
+ array( 'xyz' ),
+ array( 'x$y$z' )
+ );
+ }
+
}
diff --git a/repo/tests/phpunit/includes/api/SetQualifierTest.php
b/repo/tests/phpunit/includes/api/SetQualifierTest.php
index 8e5cc55..012e620 100644
--- a/repo/tests/phpunit/includes/api/SetQualifierTest.php
+++ b/repo/tests/phpunit/includes/api/SetQualifierTest.php
@@ -42,6 +42,7 @@
*
* @licence GNU GPL v2+
* @author Jeroen De Dauw < jeroended...@gmail.com >
+ * @author Katie Filbert < aude.w...@gmail.com >
*/
class SetQualifierTest extends ModifyItemBase {
@@ -181,4 +182,37 @@
// TODO: test update requests
+
+ /**
+ * @dataProvider invalidClaimProvider
+ */
+ public function testInvalidClaimGuid( $claimGuid ) {
+ $caughtException = false;
+
+ $params = array(
+ 'action' => 'wbsetqualifier',
+ 'claim' => $claimGuid,
+ 'property' => 7,
+ 'snaktype' => 'value',
+ 'value' => 'abc',
+ 'token' => $GLOBALS['wgUser']->getEditToken()
+ );
+
+ try {
+ $this->doApiRequest( $params );
+ } catch ( \UsageException $e ) {
+ $this->assertEquals( $e->getCodeString(),
'setqualifier-invalid-guid', 'Invalid claim guid raised correct error' );
+ $caughtException = true;
+ }
+
+ $this->assertTrue( $caughtException, 'Exception was caught' );
+ }
+
+ public function invalidClaimProvider() {
+ return array(
+ array( 'xyz' ),
+ array( 'x$y$z' )
+ );
+ }
+
}
diff --git a/repo/tests/phpunit/includes/api/SetReferenceTest.php
b/repo/tests/phpunit/includes/api/SetReferenceTest.php
index f41578f..1bf812a 100644
--- a/repo/tests/phpunit/includes/api/SetReferenceTest.php
+++ b/repo/tests/phpunit/includes/api/SetReferenceTest.php
@@ -37,6 +37,7 @@
*
* @licence GNU GPL v2+
* @author Jeroen De Dauw < jeroended...@gmail.com >
+ * @author Katie Filbert < aude.w...@gmail.com >
*/
class SetReferenceTest extends \ApiTestCase {
@@ -129,4 +130,41 @@
}
}
+ /**
+ * @dataProvider invalidClaimProvider
+ */
+ public function testInvalidClaimGuid( $claimGuid, $snakHash, $refHash )
{
+ $caughtException = false;
+
+ $params = array(
+ 'action' => 'wbsetreference',
+ 'statement' => $claimGuid,
+ 'snaks' => $snakHash,
+ 'reference' => $refHash,
+ 'token' => $GLOBALS['wgUser']->getEditToken()
+ );
+
+ try {
+ $this->doApiRequest( $params );
+ } catch ( \UsageException $e ) {
+ $this->assertEquals( $e->getCodeString(),
'setreference-invalid-guid', 'Invalid claim guid raised correct error' );
+ $caughtException = true;
+ }
+
+ $this->assertTrue( $caughtException, 'Exception was caught' );
+ }
+
+ public function invalidClaimProvider() {
+ $snak = new \Wikibase\PropertyValueSnak( 722, new
\DataValues\StringValue( 'abc') );
+ $snakHash = $snak->getHash();
+
+ $reference = new \Wikibase\PropertyValueSnak( 723, new
\DataValues\StringValue( 'def' ) );
+ $refHash = $reference->getHash();
+
+ return array(
+ array( 'xyz', $snakHash, $refHash ),
+ array( 'x$y$z', $snakHash, $refHash )
+ );
+ }
+
}
diff --git a/repo/tests/phpunit/includes/api/SetStatementRankTest.php
b/repo/tests/phpunit/includes/api/SetStatementRankTest.php
index 6b91b54..eff1cfe 100644
--- a/repo/tests/phpunit/includes/api/SetStatementRankTest.php
+++ b/repo/tests/phpunit/includes/api/SetStatementRankTest.php
@@ -40,6 +40,7 @@
*
* @licence GNU GPL v2+
* @author Jeroen De Dauw < jeroended...@gmail.com >
+ * @author Katie Filbert < aude.w...@gmail.com >
*/
class SetStatementRankTest extends \ApiTestCase {
@@ -207,4 +208,36 @@
}
}
+ /**
+ * @dataProvider invalidClaimProvider
+ */
+ public function testInvalidClaimGuid( $claimGuid ) {
+ $caughtException = false;
+
+ $ranks = ClaimSerializer::getRanks();
+
+ $params = array(
+ 'action' => 'wbsetstatementrank',
+ 'statement' => $claimGuid,
+ 'rank' => $ranks[0],
+ 'token' => $GLOBALS['wgUser']->getEditToken()
+ );
+
+ try {
+ $this->doApiRequest( $params );
+ } catch ( \UsageException $e ) {
+ $this->assertEquals( $e->getCodeString(),
'setstatementrank-invalid-guid', 'Invalid claim guid raised correct error' );
+ $caughtException = true;
+ }
+
+ $this->assertTrue( $caughtException, 'Exception was caught' );
+ }
+
+ public function invalidClaimProvider() {
+ return array(
+ array( 'xyz' ),
+ array( 'x$y$z' )
+ );
+ }
+
}
--
To view, visit https://gerrit.wikimedia.org/r/63787
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Id388b510a18ddd3ccd899b78c97c77650df4dd2b
Gerrit-PatchSet: 16
Gerrit-Project: mediawiki/extensions/Wikibase
Gerrit-Branch: master
Gerrit-Owner: Aude <aude.w...@gmail.com>
Gerrit-Reviewer: Aude <aude.w...@gmail.com>
Gerrit-Reviewer: Daniel Kinzler <daniel.kinz...@wikimedia.de>
Gerrit-Reviewer: Jeroen De Dauw <jeroended...@gmail.com>
Gerrit-Reviewer: Tobias Gritschacher <tobias.gritschac...@wikimedia.de>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
