Skip to content

Commit 962f5ff

Browse files
author
Dmytro Voskoboinikov
committed
Merge branch 'MAGETWO-88642' into 2.3-bugfixes-290618
2 parents 7bad048 + ed1852a commit 962f5ff

File tree

2 files changed

+45
-6
lines changed

2 files changed

+45
-6
lines changed

lib/internal/Magento/Framework/Api/SortOrder.php

Lines changed: 35 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -25,13 +25,17 @@ class SortOrder extends AbstractSimpleObject
2525
* Initialize object and validate sort direction
2626
*
2727
* @param array $data
28+
* @throws InputException
2829
*/
2930
public function __construct(array $data = [])
3031
{
3132
parent::__construct($data);
3233
if (null !== $this->getDirection()) {
3334
$this->validateDirection($this->getDirection());
3435
}
36+
if ($this->getField() !== null) {
37+
$this->validateField($this->getField());
38+
}
3539
}
3640

3741
/**
@@ -48,10 +52,14 @@ public function getField()
4852
* Set sorting field.
4953
*
5054
* @param string $field
55+
* @throws InputException
56+
*
5157
* @return $this
5258
*/
5359
public function setField($field)
5460
{
61+
$this->validateField($field);
62+
5563
return $this->setData(SortOrder::FIELD, $field);
5664
}
5765

@@ -69,6 +77,8 @@ public function getDirection()
6977
* Set sorting direction.
7078
*
7179
* @param string $direction
80+
* @throws InputException
81+
*
7282
* @return $this
7383
*/
7484
public function setDirection($direction)
@@ -81,10 +91,10 @@ public function setDirection($direction)
8191
* Validate direction argument ASC or DESC
8292
*
8393
* @param mixed $direction
84-
* @return null
94+
* @return void
8595
* @throws InputException
8696
*/
87-
private function validateDirection($direction)
97+
private function validateDirection($direction): void
8898
{
8999
$this->validateDirectionIsString($direction);
90100
$this->validateDirectionIsAscOrDesc($direction);
@@ -93,9 +103,9 @@ private function validateDirection($direction)
93103
/**
94104
* @param string $direction
95105
* @throws InputException
96-
* @return null
106+
* @return void
97107
*/
98-
private function validateDirectionIsString($direction)
108+
private function validateDirectionIsString($direction): void
99109
{
100110
if (!is_string($direction)) {
101111
throw new InputException(new Phrase(
@@ -108,9 +118,9 @@ private function validateDirectionIsString($direction)
108118
/**
109119
* @param string $direction
110120
* @throws InputException
111-
* @return null
121+
* @return void
112122
*/
113-
private function validateDirectionIsAscOrDesc($direction)
123+
private function validateDirectionIsAscOrDesc($direction): void
114124
{
115125
$normalizedDirection = $this->normalizeDirectionInput($direction);
116126
if (!in_array($normalizedDirection, [SortOrder::SORT_ASC, SortOrder::SORT_DESC], true)) {
@@ -129,4 +139,23 @@ private function normalizeDirectionInput($direction)
129139
{
130140
return strtoupper($direction);
131141
}
142+
143+
/**
144+
* Check if given value can be used as sorting field.
145+
*
146+
* @param string $field
147+
* @return void
148+
* @throws InputException
149+
*/
150+
private function validateField(string $field): void
151+
{
152+
if (preg_match('/[^a-z0-9\_]/i', $field)) {
153+
throw new InputException(
154+
new Phrase(
155+
'Sort order field %1 contains restricted symbols',
156+
[$field]
157+
)
158+
);
159+
}
160+
}
132161
}

lib/internal/Magento/Framework/Api/Test/Unit/SortOrderTest.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,4 +92,14 @@ public function testItValidatesADirectionAssignedDuringInstantiation()
9292
SortOrder::DIRECTION => 'not-asc-or-desc'
9393
]);
9494
}
95+
96+
/**
97+
* @expectedException \Magento\Framework\Exception\InputException
98+
*/
99+
public function testValidateField()
100+
{
101+
$this->sortOrder = new SortOrder([
102+
SortOrder::FIELD => 'invalid field (value);'
103+
]);
104+
}
95105
}

0 commit comments

Comments
 (0)