Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

improve validation

Browse Source
This commit is contained in:
David Bomba 2024-09-16 15:59:39 +10:00
parent 3f0f5663a9
commit ff695cdad0
4 changed files with 57 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Http/Requests/Company/UpdateCompanyRequest.php
View File

@ -78,6 +78,13 @@ class UpdateCompanyRequest extends Request
} }
$rules['expense_mailbox'] = ['sometimes','email', 'nullable', new ValidExpenseMailbox(), Rule::unique('companies')->ignore($this->company->id)]; $rules['expense_mailbox'] = ['sometimes','email', 'nullable', new ValidExpenseMailbox(), Rule::unique('companies')->ignore($this->company->id)];
$rules['expense_mailbox_active'] = ['sometimes','boolean'];
$rules['inbound_mailbox_allow_company_users'] = ['sometimes','boolean'];
$rules['inbound_mailbox_allow_vendors'] = ['sometimes','boolean'];
$rules['inbound_mailbox_allow_clients'] = ['sometimes','boolean'];
$rules['inbound_mailbox_allow_unknown'] = ['sometimes','boolean'];
$rules['inbound_mailbox_whitelist'] = ['sometimes', 'string', 'nullable', 'regex:/^[\w\-\.\+]+@([\w-]+\.)+[\w-]{2,4}(,[\w\-\.\+]+@([\w-]+\.)+[\w-]{2,4})*$/'];
$rules['inbound_mailbox_blacklist'] = ['sometimes', 'string', 'nullable', 'regex:/^[\w\-\.\+]+@([\w-]+\.)+[\w-]{2,4}(,[\w\-\.\+]+@([\w-]+\.)+[\w-]{2,4})*$/'];
return $rules; return $rules;
} }

11
app/Http/ValidationRules/Company/ValidExpenseMailbox.php
View File

@ -22,8 +22,7 @@ use Symfony\Component\Validator\Constraints\EmailValidator;
class ValidExpenseMailbox implements Rule class ValidExpenseMailbox implements Rule
{ {
private $validated_schema = false; private array $endings = [];
private array $endings;
public function __construct() public function __construct()
{ {
@ -36,9 +35,6 @@ class ValidExpenseMailbox implements Rule
return true; return true;
} }
// Validate Schema
$validated = false;
foreach ($this->endings as $ending) { foreach ($this->endings as $ending) {
if (str_ends_with($value, $ending)) { if (str_ends_with($value, $ending)) {
return true; return true;
@ -54,9 +50,6 @@ class ValidExpenseMailbox implements Rule
*/ */
public function message() public function message()
{ {
if (!$this->validated_schema) return ctrans('texts.expense_mailbox_invalid');
return ctrans('texts.expense_mailbox_invalid');
return ctrans('texts.expense_mailbox_taken');
} }
} }

3
config/ninja.php
View File

@ -232,7 +232,8 @@ return [
'webhook_id' => env('PAYPAL_WEBHOOK_ID', null), 'webhook_id' => env('PAYPAL_WEBHOOK_ID', null),
], ],
'inbound_mailbox' => [ 'inbound_mailbox' => [
'expense_mailbox_endings' => env('EXPENSE_MAILBOX_ENDINGS', '@expense.invoicing.co'), 'expense_mailbox_endings' => env('EXPENSE_MAILBOX_ENDINGS', false),
// 'expense_mailbox_endings' => env('EXPENSE_MAILBOX_ENDINGS', '@expense.invoicing.co'),
'inbound_webhook_token' => env('INBOUND_WEBHOOK_TOKEN', null), 'inbound_webhook_token' => env('INBOUND_WEBHOOK_TOKEN', null),
'global_inbound_blacklist' => env('GLOBAL_INBOUND_BLACKLIST', ''), 'global_inbound_blacklist' => env('GLOBAL_INBOUND_BLACKLIST', ''),
'global_inbound_whitelist' => env('GLOBAL_INBOUND_WHITELIST', ''), 'global_inbound_whitelist' => env('GLOBAL_INBOUND_WHITELIST', ''),

45
tests/Feature/CompanyTest.php
View File

@ -50,6 +50,49 @@ class CompanyTest extends TestCase
$this->makeTestData(); $this->makeTestData();
} }
public function testCompanyExpenseMailbox()
{
// Test valid email address
$company_update = [
'expense_mailbox' => 'valid@example.com',
];
$response = $this->withHeaders([
'X-API-SECRET' => config('ninja.api_secret'),
'X-API-TOKEN' => $this->token,
])->putJson('/api/v1/companies/'.$this->encodePrimaryKey($this->company->id), $company_update);
$response->assertStatus(200);
$this->assertEquals('valid@example.com', $response->json('data.expense_mailbox'));
// Test invalid email address
$company_update = [
'expense_mailbox' => 'invalid-email',
];
$response = $this->withHeaders([
'X-API-SECRET' => config('ninja.api_secret'),
'X-API-TOKEN' => $this->token,
])->putJson('/api/v1/companies/'.$this->encodePrimaryKey($this->company->id), $company_update);
$response->assertStatus(422);
$response->assertJsonValidationErrors(['expense_mailbox']);
// Test empty email address
$company_update = [
'expense_mailbox' => '',
];
$response = $this->withHeaders([
'X-API-SECRET' => config('ninja.api_secret'),
'X-API-TOKEN' => $this->token,
])->putJson('/api/v1/companies/'.$this->encodePrimaryKey($this->company->id), $company_update);
$response->assertStatus(200);
$this->assertEmpty($response->json('data.expense_mailbox'));
}
public function testEnsureStrReplace() public function testEnsureStrReplace()
{ {
$x = '**********'; $x = '**********';
@ -216,4 +259,6 @@ class CompanyTest extends TestCase
])->delete('/api/v1/companies/'.$this->encodePrimaryKey($company->id)) ])->delete('/api/v1/companies/'.$this->encodePrimaryKey($company->id))
->assertStatus(200); ->assertStatus(200);
} }
} }