AC-479: Input validation for File Upload in Customer Address

rizwankhgl · rizwankhgl · commit 88ea45eb0335 · 2021-11-17T21:40:07.000+05:30
* jenkin test failure fixes
diff --git a/lib/internal/Magento/Framework/File/Uploader.php b/lib/internal/Magento/Framework/File/Uploader.php
@@ -209,7 +209,6 @@ class Uploader
      * @param DriverPool|null $driverPool
      * @param TargetDirectory|null $targetDirectory
      * @param Filesystem|null $filesystem
-     * @param LoggerInterface|null $logger
      * @throws \DomainException
      */
     public function __construct(
@@ -218,8 +217,7 @@ public function __construct(
         DirectoryList $directoryList = null,
         DriverPool $driverPool = null,
         TargetDirectory $targetDirectory = null,
-        Filesystem $filesystem = null,
-        LoggerInterface $logger = null
+        Filesystem $filesystem = null
     ) {
         $this->directoryList = $directoryList ?: ObjectManager::getInstance()->get(DirectoryList::class);
         $this->targetDirectory = $targetDirectory ?: ObjectManager::getInstance()->get(TargetDirectory::class);
@@ -234,7 +232,6 @@ public function __construct(
         }
         $this->fileMime = $fileMime ?: ObjectManager::getInstance()->get(Mime::class);
         $this->driverPool = $driverPool ?: ObjectManager::getInstance()->get(DriverPool::class);
-        $this->logger = $logger ?: ObjectManager::getInstance()->get(LoggerInterface::class);
     }
 
     /**
@@ -326,7 +323,7 @@ private function validateDestination(string $destinationFolder): void
         }
         if ($this->_allowCreateFolders) {
             $this->createDestinationFolder($destinationFolder);
-        } elseif (!$this->targetDirectory
+        } elseif (!$this->getTargetDirectory()
             ->getDirectoryWrite(DirectoryList::ROOT)
             ->isWritable($destinationFolder)
         ) {
@@ -359,24 +356,66 @@ protected function _moveFile($tmpPath, $destPath)
         $rootCode = DirectoryList::PUB;
 
         try {
-            if (strpos($destPath, $this->directoryList->getPath($rootCode)) !== 0) {
+            if (strpos($destPath, $this->getDirectoryList()->getPath($rootCode)) !== 0) {
                 $rootCode = DirectoryList::ROOT;
             }
 
-            $destPath = str_replace($this->directoryList->getPath($rootCode), '', $destPath);
-            $directory = $this->targetDirectory->getDirectoryWrite($rootCode);
+            $destPath = str_replace($this->getDirectoryList()->getPath($rootCode), '', $destPath);
+            $directory = $this->getTargetDirectory()->getDirectoryWrite($rootCode);
 
             return $this->getFileDriver()->rename(
                 $tmpPath,
                 $directory->getAbsolutePath($destPath),
                 $directory->getDriver()
             );
         } catch (FileSystemException $exception) {
-            $this->logger->critical($exception->getMessage());
+            $this->getLogger()->critical($exception->getMessage());
             return false;
         }
     }
 
+    /**
+     * Get logger instance.
+     *
+     * @deprecated
+     * @return LoggerInterface
+     */
+    private function getLogger(): LoggerInterface
+    {
+        if (!$this->logger) {
+            $this->logger = ObjectManager::getInstance()->get(LoggerInterface::class);
+        }
+        return $this->logger;
+    }
+
+    /**
+     * Retrieves target directory.
+     *
+     * @return TargetDirectory
+     */
+    private function getTargetDirectory(): TargetDirectory
+    {
+        if (!isset($this->targetDirectory)) {
+            $this->targetDirectory = ObjectManager::getInstance()->get(TargetDirectory::class);
+        }
+
+        return $this->targetDirectory;
+    }
+
+    /**
+     * Retrieves directory list.
+     *
+     * @return DirectoryList
+     */
+    private function getDirectoryList(): DirectoryList
+    {
+        if (!isset($this->directoryList)) {
+            $this->directoryList = ObjectManager::getInstance()->get(DirectoryList::class);
+        }
+
+        return $this->directoryList;
+    }
+
     /**
      * Validate file before save
      *
@@ -740,7 +779,7 @@ private function createDestinationFolder(string $destinationFolder)
             $destinationFolder = substr($destinationFolder, 0, -1);
         }
 
-        $rootDirectory = $this->targetDirectory->getDirectoryWrite(DirectoryList::ROOT);
+        $rootDirectory = $this->getTargetDirectory()->getDirectoryWrite(DirectoryList::ROOT);
 
         if (!$rootDirectory->isDirectory($destinationFolder)) {
             $result = $rootDirectory->getDriver()->createDirectory($destinationFolder);
@@ -809,8 +848,8 @@ public static function getDispersionPath($fileName)
                 $dispersionPath = '/' . ('.' == $fileName[$char] ? '_' : $fileName[$char]);
             } else {
                 $dispersionPath = self::_addDirSeparator(
-                    $dispersionPath
-                ) . ('.' == $fileName[$char] ? '_' : $fileName[$char]);
+                        $dispersionPath
+                    ) . ('.' == $fileName[$char] ? '_' : $fileName[$char]);
             }
             $char++;
         }
