Merge branch '4.4'

Author: barw4

phpunit-integration-rest.xml

@@ -1,10 +1,7 @@
 <phpunit
-  backupGlobals="false"
-  backupStaticAttributes="false"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/8.5/phpunit.xsd"
   bootstrap="vendor/autoload.php"
-  convertErrorsToExceptions="true"
-  convertNoticesToExceptions="true"
-  convertWarningsToExceptions="true"
   beStrictAboutTestsThatDoNotTestAnything="false"
   colors="true"
   >
@@ -18,9 +15,4 @@
       <directory>tests/bundle/Functional</directory>
     </testsuite>
   </testsuites>
-  <filter>
-    <whitelist>
-      <directory>src</directory>
-    </whitelist>
-  </filter>
 </phpunit>

phpunit.xml

@@ -1,10 +1,7 @@
 <phpunit
-  backupGlobals="false"
-  backupStaticAttributes="false"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/8.5/phpunit.xsd"
   bootstrap="vendor/autoload.php"
-  convertErrorsToExceptions="true"
-  convertNoticesToExceptions="true"
-  convertWarningsToExceptions="true"
   beStrictAboutTestsThatDoNotTestAnything="false"
   colors="true"
   >
@@ -22,9 +19,4 @@
       <directory>tests/lib/Server</directory>
     </testsuite>
   </testsuites>
-  <filter>
-    <whitelist>
-      <directory>src</directory>
-    </whitelist>
-  </filter>
 </phpunit>

src/bundle/Resources/config/input_parsers.yml

@@ -663,7 +663,7 @@ services:
     Ibexa\Rest\Server\Input\Parser\Aggregation\Range\FloatRangeParser:
         parent: Ibexa\Rest\Server\Common\Parser
         tags:
-            - { name: ibexa.rest.input.parser, mediaType: application/vnd.ibexa.api.internal.aggregation..range.FloatRange }
+            - { name: ibexa.rest.input.parser, mediaType: application/vnd.ibexa.api.internal.aggregation.range.FloatRange }
 
     Ibexa\Rest\Server\Input\Parser\Aggregation\Range\IntRangeParser:
         parent: Ibexa\Rest\Server\Common\Parser

src/lib/Server/Controller/SessionController.php

@@ -78,10 +78,6 @@ public function createSessionAction(Request $request)
 
         try {
             $session = $request->getSession();
-            if ($session->isStarted() && $this->hasStoredCsrfToken()) {
-                $this->checkCsrfToken($request);
-            }
-
             $token = $this->getAuthenticator()->authenticate($request);
             $csrfToken = $this->getCsrfToken();
 
@@ -217,13 +213,8 @@ private function checkCsrfToken(Request $request)
             return;
         }
 
-        $exception = new UnauthorizedException(
-            'Missing or invalid CSRF token',
-            $request->getMethod() . ' ' . $request->getPathInfo()
-        );
-
         if (!$request->headers->has('X-CSRF-Token')) {
-            throw $exception;
+            throw $this->createInvalidCsrfTokenException($request);
         }
 
         $csrfToken = new CsrfToken(
@@ -232,7 +223,7 @@ private function checkCsrfToken(Request $request)
         );
 
         if (!$this->csrfTokenManager->isTokenValid($csrfToken)) {
-            throw $exception;
+            throw $this->createInvalidCsrfTokenException($request);
         }
     }
 
@@ -263,6 +254,14 @@ private function getAuthenticator(): ?AuthenticatorInterface
 
         return $this->authenticator;
     }
+
+    private function createInvalidCsrfTokenException(Request $request): UnauthorizedException
+    {
+        return new UnauthorizedException(
+            'Missing or invalid CSRF token',
+            $request->getMethod() . ' ' . $request->getPathInfo()
+        );
+    }
 }
 
 class_alias(SessionController::class, 'EzSystems\EzPlatformRest\Server\Controller\SessionController');

src/lib/Server/Controller/Views.php

@@ -37,6 +37,7 @@ public function __construct(SearchService $searchService)
      */
     public function createView(Request $request)
     {
+        /** @var \Ibexa\Rest\Server\Values\RestViewInput $viewInput */
         $viewInput = $this->inputDispatcher->parse(
             new Message(
                 ['Content-Type' => $request->headers->get('Content-Type')],
@@ -45,9 +46,9 @@ public function createView(Request $request)
         );
 
         if ($viewInput->query instanceof LocationQuery) {
-            $method = 'findLocations';
+            $method = [$this->searchService, 'findLocations'];
         } else {
-            $method = 'findContent';
+            $method = [$this->searchService, 'findContent'];
         }
 
         $languageFilter = [
@@ -62,7 +63,7 @@ public function createView(Request $request)
         return new Values\RestExecutedView(
             [
                 'identifier' => $viewInput->identifier,
-                'searchResults' => $this->searchService->$method(
+                'searchResults' => $method(
                     $viewInput->query,
                     $languageFilter
                 ),

src/lib/Server/Output/ValueObjectVisitor/Location.php

@@ -7,12 +7,12 @@
 namespace Ibexa\Rest\Server\Output\ValueObjectVisitor;
 
 use Ibexa\Contracts\Core\Repository\ContentService;
+use Ibexa\Contracts\Core\Repository\Exceptions\UnauthorizedException;
 use Ibexa\Contracts\Core\Repository\LocationService;
-use Ibexa\Contracts\Core\Repository\Values\Content\Location as LocationValue;
+use Ibexa\Contracts\Core\Repository\Values\Content;
 use Ibexa\Contracts\Rest\Output\Generator;
 use Ibexa\Contracts\Rest\Output\ValueObjectVisitor;
 use Ibexa\Contracts\Rest\Output\Visitor;
-use Ibexa\Core\Base\Exceptions\UnauthorizedException;
 use Ibexa\Rest\Server\Values\RestContent as RestContentValue;
 
 /**
@@ -26,8 +26,10 @@ class Location extends ValueObjectVisitor
     /** @var \Ibexa\Contracts\Core\Repository\ContentService */
     private $contentService;
 
-    public function __construct(LocationService $locationService, ContentService $contentService)
-    {
+    public function __construct(
+        LocationService $locationService,
+        ContentService $contentService
+    ) {
         $this->locationService = $locationService;
         $this->contentService = $contentService;
     }
@@ -48,8 +50,15 @@ public function visit(Visitor $visitor, Generator $generator, $location)
         $generator->endObjectElement('Location');
     }
 
-    protected function visitLocationAttributes(Visitor $visitor, Generator $generator, LocationValue $location)
-    {
+    /**
+     * @throws \Ibexa\Contracts\Core\Repository\Exceptions\NotFoundException
+     * @throws \Ibexa\Contracts\Core\Repository\Exceptions\UnauthorizedException
+     */
+    protected function visitLocationAttributes(
+        Visitor $visitor,
+        Generator $generator,
+        Content\Location $location
+    ) {
         $generator->startAttribute(
             'href',
             $this->router->generate(
@@ -153,15 +162,8 @@ protected function visitLocationAttributes(Visitor $visitor, Generator $generato
         $generator->endAttribute('href');
 
         $content = $location->getContent();
-        $contentInfo = $location->contentInfo;
-
-        try {
-            $mainLocation = $contentInfo->mainLocationId === $location->id
-                ? $location
-                : $this->locationService->loadLocation($contentInfo->mainLocationId);
-        } catch (UnauthorizedException $e) {
-            $mainLocation = null;
-        }
+        $contentInfo = $location->getContentInfo();
+        $mainLocation = $this->resolveMainLocation($contentInfo, $location);
 
         $visitor->visitValueObject(
             new RestContentValue(
@@ -175,6 +177,29 @@ protected function visitLocationAttributes(Visitor $visitor, Generator $generato
 
         $generator->endObjectElement('ContentInfo');
     }
+
+    /**
+     * @throws \Ibexa\Contracts\Core\Repository\Exceptions\NotFoundException
+     */
+    private function resolveMainLocation(
+        Content\ContentInfo $contentInfo,
+        Content\Location $location
+    ): ?Content\Location {
+        $mainLocationId = $contentInfo->getMainLocationId();
+        if ($mainLocationId === null) {
+            return null;
+        }
+
+        if ($mainLocationId === $location->id) {
+            return $location;
+        }
+
+        try {
+            return $this->locationService->loadLocation($mainLocationId);
+        } catch (UnauthorizedException $e) {
+            return null;
+        }
+    }
 }
 
 class_alias(Location::class, 'EzSystems\EzPlatformRest\Server\Output\ValueObjectVisitor\Location');