Merge pull request #172 from PrestaShop/restrictCampaign

Endpoint `/import/report/playwright` : Restrict the campaign

Author: Progi1984

src/Controller/ImportController.php

@@ -52,7 +52,7 @@ public function __construct(
     #[Route('/hook/reports/import', methods: ['GET'])]
     public function importReportMocha(Request $request): JsonResponse
     {
-        $response = $this->checkAuth($request, ReportMochaImporter::FILTER_CAMPAIGNS);
+        $response = $this->checkAuth($request, ReportMochaImporter::FILTER_CAMPAIGNS, true);
         if ($response instanceof JsonResponse) {
             return $response;
         }
@@ -75,7 +75,7 @@ public function importReportMocha(Request $request): JsonResponse
     #[Route('/import/report/playwright', methods: ['GET'])]
     public function importReportPlaywright(Request $request): JsonResponse
     {
-        $response = $this->checkAuth($request, ReportPlaywrightImporter::FILTER_CAMPAIGNS);
+        $response = $this->checkAuth($request, ReportPlaywrightImporter::FILTER_CAMPAIGNS, false);
         if ($response instanceof JsonResponse) {
             return $response;
         }
@@ -98,7 +98,7 @@ public function importReportPlaywright(Request $request): JsonResponse
     /**
      * @param array<string> $allowedCampaigns
      */
-    private function checkAuth(Request $request, array $allowedCampaigns): ?JsonResponse
+    private function checkAuth(Request $request, array $allowedCampaigns, bool $forceCampaign): ?JsonResponse
     {
         $token = $request->query->get('token');
         $this->filename = $request->query->get('filename');
@@ -155,7 +155,19 @@ private function checkAuth(Request $request, array $allowedCampaigns): ?JsonResp
         $this->platform = in_array($this->platform, ReportMochaImporter::FILTER_PLATFORMS) ? $this->platform : ReportMochaImporter::FILTER_PLATFORMS[0];
 
         $this->campaign = $request->query->has('campaign') ? $request->query->get('campaign') : null;
-        $this->campaign = in_array($this->campaign, $allowedCampaigns) ? $this->campaign : $allowedCampaigns[0];
+        if (!in_array($this->campaign, $allowedCampaigns)) {
+            if ($forceCampaign) {
+                $this->campaign = $allowedCampaigns[0];
+            } else {
+                return new JsonResponse([
+                    'message' => sprintf(
+                        'The campaign "%s" is not allowed (%s).',
+                        $this->campaign,
+                        implode(', ', $allowedCampaigns),
+                    ),
+                ], Response::HTTP_FORBIDDEN);
+            }
+        }
 
         $this->startDate = \DateTime::createFromFormat(\DateTime::RFC3339_EXTENDED, $this->jsonContent->stats->start ?? $this->jsonContent->stats->startTime);
 

src/Service/ReportPlaywrightImporter.php

@@ -11,7 +11,10 @@
 
 class ReportPlaywrightImporter extends AbstractReportImporter
 {
-    public const FILTER_CAMPAIGNS = ['blockwishlist'];
+    public const FILTER_CAMPAIGNS = [
+        'blockwishlist',
+        'ps_cashondelivery',
+    ];
 
     private EntityManagerInterface $entityManager;
 

tests/Controller/ImportControllerTest.php

@@ -285,6 +285,22 @@ public function testReportPlaywrightWithNotExistingFilename(): void
         $this->assertEquals('Unable to retrieve content from GCP URL', $content['message']);
     }
 
+    public function testReportPlaywrightWithNoValidCampaign(): void
+    {
+        $client = static::createClient();
+        $client->request('GET', '/import/report/playwright?filename=blockwishlist_' . self::DATE_RESOURCE . '-develop.json&token=AZERTY&campaign=ps_notAllowedCampaign&platform=chromium');
+        $response = $client->getResponse();
+
+        $this->assertEquals(403, $response->getStatusCode());
+        $this->assertTrue($response->headers->has('content-type'));
+        $this->assertEquals('application/json', $response->headers->get('content-type'));
+
+        $content = $response->getContent();
+        $content = json_decode($content, true);
+        $this->assertArrayHasKey('message', $content);
+        $this->assertEquals('The campaign "ps_notAllowedCampaign" is not allowed (blockwishlist, ps_cashondelivery).', $content['message']);
+    }
+
     public function testReportPlaywrightOk(): void
     {
         $client = static::createClient();

tests/Controller/ReportControllerTest.php

@@ -4,6 +4,7 @@
 
 use App\Service\ReportMochaImporter;
 use App\Service\ReportPlaywrightImporter;
+use PHPUnit\Framework\Attributes\DataProvider;
 use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
 
 class ReportControllerTest extends WebTestCase
@@ -40,10 +41,9 @@ public function testCorsReports(): void
     }
 
     /**
-     * @dataProvider dataProviderReportFilters
-     *
      * @param array<string, string> $query
      */
+    #[DataProvider('dataProviderReportFilters')]
     public function testReportsFilters(array $query, int $count): void
     {
         $client = static::createClient();
@@ -150,10 +150,9 @@ public function testCorsReportID(): void
     }
 
     /**
-     * @dataProvider dataProviderReportID
-     *
      * @param array<string> $campaigns
      */
+    #[DataProvider('dataProviderReportID')]
     public function testReportID(int $reportId, array $campaigns): void
     {
         $client = static::createClient();

tests/bootstrap.php

@@ -1,6 +1,7 @@
 <?php
 
 use Symfony\Component\Dotenv\Dotenv;
+use Symfony\Component\ErrorHandler\ErrorHandler;
 
 require dirname(__DIR__) . '/vendor/autoload.php';
 
@@ -13,3 +14,8 @@
 if ($_SERVER['APP_DEBUG']) {
     umask(0000);
 }
+
+/*
+ * @todo : https://github.com/symfony/symfony/issues/53812
+ */
+ErrorHandler::register(null, false);