Merge pull request #10 from Clearfacts/CLEARFACTS-8478

[CLEARFACTS-8478] support int in param cleaning
Clearfacts · Apr 4, 2023 · 67f3dbc · 67f3dbc
2 parents 135bd6f + 378b02a
commit 67f3dbc
Show file tree

Hide file tree

Showing 5 changed files with 81 additions and 22 deletions.
diff --git a/composer.json b/composer.json
@@ -13,7 +13,7 @@
         { "type": "vcs", "url": "https://github.com/Clearfacts/cf-codestyle" }
     ],
     "require": {
-        "php" : "^7 || ^8",
+        "php" : "^7.4 || ^8",
         "ext-json" : "*",
         "monolog/monolog": "^1 || ^2 || ^3",
         "symfony/http-foundation": "^3 || ^4 || ^5 || ^6",
@@ -41,7 +41,7 @@
     },
     "autoload-dev": {
         "psr-4": {
-            "Tests\\DataLog\\" : "tests/"
+            "Tests\\Datalog\\" : "tests/"
         }
     }
 }
diff --git a/phpunit.xml.dist b/phpunit.xml.dist
@@ -10,7 +10,6 @@
     convertWarningsToExceptions = "true"
     processIsolation            = "false"
     stopOnFailure               = "false"
-    syntaxCheck                 = "false"
     bootstrap                   = "vendor/autoload.php">
 
     <testsuites>

diff --git a/src/Processor/SessionRequestProcessor.php b/src/Processor/SessionRequestProcessor.php
@@ -4,28 +4,28 @@
 
 namespace Datalog\Processor;
 
-use Symfony\Component\HttpFoundation\Session\Session;
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
 
 class SessionRequestProcessor
 {
-    private $session;
+    private SessionInterface $session;
     private $sessionId;
     private $requestId;
     private $_server;
     private $_get;
     private $_post;
 
-    public function __construct(Session $session)
+    public function __construct(SessionInterface $session)
     {
         $this->session = $session;
     }
 
-    public function processRecord(array $record)
+    public function processRecord(array $record): array
     {
         if (null === $this->requestId) {
             $this->requestId = substr(uniqid(), -8);
 
-            if ('cli' === php_sapi_name()) {
+            if ('cli' === PHP_SAPI) {
                 $this->sessionId = getmypid();
             } else {
                 try {
@@ -51,7 +51,7 @@ public function processRecord(array $record)
         $record['request_id'] = $this->requestId;
         $record['session_id'] = $this->sessionId;
 
-        if (!'cli' === php_sapi_name()) {
+        if ('cli' !== PHP_SAPI) {
             $record['http.url'] = $this->_server['http.url'];
             $record['http.method'] = $this->_server['http.method'];
             $record['http.useragent'] = $this->_server['http.useragent'];
@@ -62,19 +62,16 @@ public function processRecord(array $record)
         return $record;
     }
 
-    protected function clean($array)
+    protected function clean($array): array
     {
-        $toReturn = [];
-        foreach (array_keys($array) as $key) {
-            if (false !== strpos($key, 'password')) {
-                // Do not add
-            } elseif (false !== strpos($key, 'csrf_token')) {
-                // Do not add
-            } else {
-                $toReturn[$key] = $array[$key];
-            }
-        }
-
-        return $toReturn;
+        return array_filter(
+            $array,
+            static fn ($key) =>
+                !(is_string($key)
+                && (
+                    false !== strpos($key, 'password') || false !== strpos($key, 'csrf_token')
+                )),
+            ARRAY_FILTER_USE_KEY,
+        );
     }
 }
diff --git a/tests/Processor/SessionRequestProcessorTest.php b/tests/Processor/SessionRequestProcessorTest.php
@@ -0,0 +1,46 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Datalog\Processor;
+
+use Datalog\Processor\SessionRequestProcessor;
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
+use Tests\Datalog\TestCase;
+
+class SessionRequestProcessorTest extends TestCase
+{
+    private SessionRequestProcessor $processor;
+
+    public function setUp(): void
+    {
+        $this->processor = new SessionRequestProcessor(
+            $this->createMock(SessionInterface::class)
+        );
+    }
+
+    public function testCleansParamKeys(): void
+    {
+        $params = [
+            'foo' => 'bar',
+            'test password test' => 'password',
+            1 => 'one',
+            'tester csrf_token tester' => 'csrf_token',
+            'baz' => [
+                'qux' => 'quux',
+            ],
+            'password' => 'password',
+            'password test' => 'password',
+        ];
+
+        $cleanedParams = self::callPrivateMethod($this->processor, 'clean', $params);
+
+        $this->assertSame([
+            'foo' => 'bar',
+            1 => 'one',
+            'baz' => [
+                'qux' => 'quux',
+            ],
+        ], $cleanedParams);
+    }
+}
diff --git a/tests/TestCase.php b/tests/TestCase.php
@@ -0,0 +1,17 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\Datalog;
+
+class TestCase extends \PHPUnit\Framework\TestCase
+{
+    public static function callPrivateMethod(&$object, $methodName, ...$params)
+    {
+        $reflectionObject = new \ReflectionObject($object);
+        $method = $reflectionObject->getMethod($methodName);
+        $method->setAccessible(true);
+
+        return $method->invokeArgs($object, $params);
+    }
+}