Do not load a repository that has a parentId pointing to a non-existing repo. Log an error instead.

cdujeu · cdujeu · commit 8529faecaca7 · 2015-09-22T10:12:40.000+02:00
Do not store reference to this-&gt;parentTemplateObject, it can end up storing a null reference in the $_SESSION array.
diff --git a/core/src/core/classes/class.ConfService.php b/core/src/core/classes/class.ConfService.php
@@ -833,6 +833,10 @@ protected function initRepositoriesListInst($scope = "user", $includeShared = tr
                     $repoObject->setId($repoId);
                     $drvList[$repoId] = $repoObject;
                 }
+                if($repoObject->hasParent() && !ConfService::findRepositoryByIdOrAlias($repoObject->getParentId())){
+                    AJXP_Logger::error(__CLASS__, __FUNCTION__, "Disabling repository ".$repoObject->getSlug()." as parent cannot be correctly loaded.");
+                    unset($drvList[$repoId]);
+                }
             }
             foreach($drvList as $key => $value){
                 $objList[$key] = $value;
diff --git a/core/src/core/classes/class.Repository.php b/core/src/core/classes/class.Repository.php
@@ -324,12 +324,15 @@ public function addOption($oName, $oValue)
      */
     public function getOption($oName, $safe=false, $resolveUser = null)
     {
-        if (!$safe && $this->inferOptionsFromParent) {
-            if (!isset($this->parentTemplateObject) || !is_a($this->parentTemplateObject, "Repository")) {
-                $this->parentTemplateObject = ConfService::getRepositoryById($this->parentId);
+        if(isSet($this->inferOptionsFromParent) && isSet($this->parentId)){
+            $parentTemplateObject = ConfService::getRepositoryById($this->parentId);
+            if(empty($parentTemplateObject) || !is_a($parentTemplateObject, "Repository")) {
+                throw new Exception("Option should be loaded from parent repository, but it was not found");
             }
-            if (isSet($this->parentTemplateObject)) {
-                $value = $this->parentTemplateObject->getOption($oName, $safe);
+        }
+        if (!$safe && $this->inferOptionsFromParent) {
+            if (isSet($parentTemplateObject)) {
+                $value = $parentTemplateObject->getOption($oName, $safe);
                 if (is_string($value) && strstr($value, "AJXP_ALLOW_SUB_PATH") !== false) {
                     $val = rtrim(str_replace("AJXP_ALLOW_SUB_PATH", "", $value), "/")."/".$this->options[$oName];
                     return AJXP_Utils::securePath($val);
@@ -342,11 +345,11 @@ public function getOption($oName, $safe=false, $resolveUser = null)
             return $value;
         }
         if ($this->inferOptionsFromParent) {
-            if (!isset($this->parentTemplateObject)) {
-                $this->parentTemplateObject = ConfService::getRepositoryById($this->parentId);
+            if (!isset($parentTemplateObject)) {
+                $parentTemplateObject = ConfService::getRepositoryById($this->parentId);
             }
-            if (isSet($this->parentTemplateObject)) {
-                return $this->parentTemplateObject->getOption($oName, $safe);
+            if (isSet($parentTemplateObject)) {
+                return $parentTemplateObject->getOption($oName, $safe);
             }
         }
         return "";

Original file line number	Diff line number	Diff line change
`@@ -833,6 +833,10 @@ protected function initRepositoriesListInst($scope = "user", $includeShared = tr`
`833`	`833`	`$repoObject->setId($repoId);`
`834`	`834`	`$drvList[$repoId] = $repoObject;`
`835`	`835`	`}`
	`836`	`+ if($repoObject->hasParent() && !ConfService::findRepositoryByIdOrAlias($repoObject->getParentId())){`
	`837`	`+ AJXP_Logger::error(__CLASS__, __FUNCTION__, "Disabling repository ".$repoObject->getSlug()." as parent cannot be correctly loaded.");`
	`838`	`+ unset($drvList[$repoId]);`
	`839`	`+ }`
`836`	`840`	`}`
`837`	`841`	`foreach($drvList as $key => $value){`
`838`	`842`	`$objList[$key] = $value;`