fix #3249 カスタムコンテンツ：フィールド バリデーション不具合 (#3309)

Co-authored-by: Đỗ Văn Hùng <[email protected]>
Co-authored-by: ryuring <[email protected]>

plugins/baser-core/src/Model/Validation/BcValidation.php

@@ -614,4 +614,29 @@ public static function hexColorPlus($value): bool
         return preg_match('/\A([0-9a-f]{3}|[0-9a-f]{4}|[0-9a-f]{6}|[0-9a-f]{8})\z/i', $value);
     }
 
+    /**
+     * Jsonをバリデーション
+     * 半角小文字英数字とアンダースコアを許容
+     * @param $string
+     * @param $key
+     * @return bool
+     * @checked
+     * @noTodo
+     * @unitTest
+     */
+    public static function checkAlphaNumericWithJson($string, $key)
+    {
+        $value = json_decode($string, true);
+        $keys = explode('.', $key);
+
+        foreach ($keys as $k) {
+            $value = $value[$k];
+        }
+
+        if (empty($value) || preg_match("/^[a-z0-9_]+$/", $value)) {
+            return true;
+        } else {
+            return false;
+        }
+    }
 }

plugins/baser-core/tests/TestCase/Model/Validation/BcValidationTest.php

@@ -617,6 +617,32 @@ public function test_notBlankOnlyString()
         $result = $this->BcValidation->notBlankOnlyString($str);
         $this->assertTrue($result);
     }
+    /**
+     * test checkAlphaNumericWithJson
+     */
+    public function test_checkAlphaNumericWithJson()
+    {
+        //戻り＝falseケース：全角文字
+        $key = 'BcCustomContent.email_confirm';
+        $str = '{"BcCustomContent":{"email_confirm":"ああ","max_file_size":"","file_ext":""}}';
+        $result = $this->BcValidation->checkAlphaNumericWithJson($str, $key);
+        $this->assertFalse($result);
+
+        //戻り＝falseケース：半角スペース
+        $str = '{"BcCustomContent":{"email_confirm":" ","max_file_size":"","file_ext":""}}';
+        $result = $this->BcValidation->checkAlphaNumericWithJson($str, $key);
+        $this->assertFalse($result);
+
+        //戻り＝falseケース：半角・全角
+        $str = '{"BcCustomContent":{"email_confirm":"ああaaa","max_file_size":"","file_ext":""}}';
+        $result = $this->BcValidation->checkAlphaNumericWithJson($str, $key);
+        $this->assertFalse($result);
+
+        //戻り＝trueケース
+        $str = '{"BcCustomContent":{"email_confirm":"aaaa_bbb","max_file_size":"","file_ext":""}}';
+        $result = $this->BcValidation->checkAlphaNumericWithJson($str, $key);
+        $this->assertTrue($result);
+    }
 
     /**
      * test hexColorPlus

plugins/bc-admin-third/templates/plugin/BcCustomContent/Admin/element/CustomFields/form.php

@@ -136,13 +136,14 @@
           <?php echo $this->BcAdminForm->label('meta.BcCustomContent.email_confirm', __d('baser_core', 'Eメール比較先フィールド名')) ?>&nbsp;
           <?php echo $this->BcAdminForm->control('meta.BcCustomContent.email_confirm', [
             'type' => 'text',
-            'size' => 20,
+            'size' => 20
           ]) ?>
           <i class="bca-icon--question-circle bca-help"></i>
           <div class="bca-helptext">
             Eメール比較チェックの対象となる、フィールド名を入力します。<br>
             利用しているテーブルに紐づく関連フィールドのフィールド名となりますので注意が必要です。
           </div>
+             <?php echo $this->BcAdminForm->error('meta.BcCustomContent.email_confirm') ?>
         </span>
 
         <span style="display: block">

plugins/bc-custom-content/src/Model/Table/CustomFieldsTable.php

@@ -52,6 +52,7 @@ public function initialize(array $config): void
      * @return Validator
      * @checked
      * @noTodo
+     * @unitTest
      */
     public function validationDefault(Validator $validator): Validator
     {
@@ -89,6 +90,14 @@ public function validationDefault(Validator $validator): Validator
                     'message' => __d('baser_core', '選択リストに同じ項目を複数登録できません。')
                 ]
             ]);
+        $validator
+            ->add('meta', [
+                'checkAlphaNumericWithJson' => [
+                    'rule' => ['checkAlphaNumericWithJson', 'BcCustomContent.email_confirm'],
+                    'provider' => 'bc',
+                    'message' => __d('baser_core', 'Eメール比較先フィールド名は半角小文字英数字とアンダースコアのみで入力してください。')
+                ]
+            ]);
         return $validator;
     }
 
@@ -107,6 +116,27 @@ public function beforeMarshal(EventInterface $event, ArrayObject $content, Array
         $this->encodeEntity($content);
     }
 
+    /**
+     * afterMarshal
+     *
+     * @param EventInterface $event
+     * @param EntityInterface $entity
+     * @param ArrayObject $data
+     * @param ArrayObject $options
+     * @return void
+     *
+     * @checked
+     * @noTodo
+     * @unitTest
+     */
+    public function afterMarshal(EventInterface $event, EntityInterface $entity, ArrayObject $data, ArrayObject $options)
+    {
+        $metaErrors = $entity->getError('meta');
+        if (isset($metaErrors['checkAlphaNumericWithJson'])) {
+            $entity->setError('meta.BcCustomContent.email_confirm',  ['checkAlphaNumericWithJson' => $metaErrors['checkAlphaNumericWithJson']]);
+        }
+    }
+
     /**
      * Find all
      *

plugins/bc-custom-content/tests/TestCase/Controller/Admin/Api/CustomFieldsControllerTest.php

@@ -147,6 +147,7 @@ public function test_edit()
         $this->loadFixtureScenario(CustomFieldsScenario::class);
         $data = CustomFieldFactory::get(1);
         $data['title'] = 'test edit title';
+        $data['meta'] = ['BcCustomContent' => ['email_confirm' => 'aa']];
         //APIを呼ぶ
         $this->post('/baser/api/admin/bc-custom-content/custom_fields/edit/1.json?token=' . $this->accessToken, $data->toArray());
         //ステータスを確認

plugins/bc-custom-content/tests/TestCase/Controller/Admin/CustomFieldsControllerTest.php

@@ -180,6 +180,7 @@ public function testEdit()
         //Postデータを生成
         $data = CustomFieldFactory::get(1);
         $data['title'] = 'test edit title';
+        $data['meta'] = ['BcCustomContent' => ['email_confirm' => 'aa']];
         //対象URLをコル
         $this->post('/baser/admin/bc-custom-content/custom_fields/edit/1', $data->toArray());
         $this->assertResponseCode(302);
@@ -191,7 +192,7 @@ public function testEdit()
         $this->assertEquals(1, $query->count());
 
         //タイトルを指定しない場合、
-        $this->post('/baser/admin/bc-custom-content/custom_fields/edit/1', ['title' => '']);
+        $this->post('/baser/admin/bc-custom-content/custom_fields/edit/1', ['title' => '', ]);
         $this->assertResponseCode(200);
         //エラーを確認
         $vars = $this->_controller->viewBuilder()->getVars();
@@ -219,6 +220,7 @@ public function testBeforeEditEvent()
         //Postデータを生成
         $data = CustomFieldFactory::get(1);
         $data['title'] = 'test edit title';
+        $data['meta'] = ['BcCustomContent' => ['email_confirm' => 'aa']];
         //対象URLをコル
         $this->post('/baser/admin/bc-custom-content/custom_fields/edit/1', $data->toArray());
         //イベントに入るかどうか確認
@@ -246,6 +248,7 @@ public function testAfterEditEvent()
         //Postデータを生成
         $data = CustomFieldFactory::get(1);
         $data['title'] = 'test edit title';
+        $data['meta'] = ['BcCustomContent' => ['email_confirm' => 'aa']];
         //対象URLをコル
         $this->post('/baser/admin/bc-custom-content/custom_fields/edit/1', $data->toArray());
         //イベントに入るかどうか確認

plugins/bc-custom-content/tests/TestCase/Model/Table/CustomFieldsTableTest.php

@@ -12,27 +12,105 @@
 namespace BcCustomContent\Test\TestCase\Model\Table;
 
 use BaserCore\TestSuite\BcTestCase;
+use BcCustomContent\Model\Table\CustomFieldsTable;
 
 /**
  * CustomFieldsTableTest
  */
 class CustomFieldsTableTest extends BcTestCase
 {
 
+    /**
+     * @var CustomFieldsTable
+     */
+    public $CustomFieldsTable;
+
     /**
      * Set up
      */
     public function setUp(): void
     {
         parent::setUp();
+        $this->CustomFieldsTable = $this->getTableLocator()->get('BcCustomContent.CustomFields');
     }
 
     /**
      * Tear down
      */
     public function tearDown(): void
     {
+        unset($this->CustomFieldsTable);
         parent::tearDown();
     }
 
+    public function test_validationDefault()
+    {
+        $validator = $this->CustomFieldsTable->getValidator('default');
+        //入力フィールドのデータが超えた場合、
+        $errors = $validator->validate([
+            'name' => str_repeat('a', 256),
+            'title' => str_repeat('a', 256)
+        ]);
+        //戻り値を確認
+        $this->assertEquals('フィールド名は255文字以内で入力してください。', current($errors['name']));
+        $this->assertEquals('項目見出しは255文字以内で入力してください。', current($errors['title']));
+
+        //入力フィールドのデータがNULL場合、
+        $errors = $validator->validate([
+            'name' => '',
+            'title' => '',
+            'type' => '',
+        ]);
+        //戻り値を確認
+        $this->assertEquals('フィールド名を入力してください。', current($errors['name']));
+        $this->assertEquals('項目見出しを入力してください。', current($errors['title']));
+        $this->assertEquals('タイプを入力してください。', current($errors['type']));
+
+        //フィールド名は半角小文字英数字とアンダースコアのみ利用可能
+        $errors = $validator->validate([
+            'name' => 'test sss',
+        ]);
+        //戻り値を確認
+        $this->assertEquals('フィールド名は半角小文字英数字とアンダースコアのみで入力してください。', current($errors['name']));
+        $errors = $validator->validate([
+            'name' => 'ひらがな',
+        ]);
+        //戻り値を確認
+        $this->assertEquals('フィールド名は半角小文字英数字とアンダースコアのみで入力してください。', current($errors['name']));
+
+        //trueを返す
+        $errors = $validator->validate([
+            'name' => 'test_test',
+        ]);
+        //戻り値を確認
+        $this->assertArrayNotHasKey('name', $errors);
+
+        //Eメール比較先フィールド名のバリデーション
+        //trueを返す
+        $errors = $validator->validate([
+            'meta' => '{"BcCustomContent":{"email_confirm":"aaaa_bbb","max_file_size":"","file_ext":""}}'
+        ]);
+        //戻り値を確認
+        $this->assertArrayNotHasKey('meta', $errors);
+
+        //全角文字
+        $errors = $validator->validate([
+            'meta' => '{"BcCustomContent":{"email_confirm":"ああ","max_file_size":"","file_ext":""}}'
+        ]);
+        //戻り値を確認
+        $this->assertEquals('Eメール比較先フィールド名は半角小文字英数字とアンダースコアのみで入力してください。', current($errors['meta']));
+    }
+
+    /**
+     * test afterMarshal
+     */
+    public function test_afterMarshal()
+    {
+        $customFields = $this->CustomFieldsTable->newEntity(['meta' => ['BcCustomContent' => ['email_confirm' => '全角文字']]]);
+        $result = $this->CustomFieldsTable->dispatchEvent('Model.afterMarshal', ['entity' => $customFields, 'data' => new \ArrayObject(), 'options' => new \ArrayObject()]);
+        $customFields = $result->getData('entity');
+        //エラー情報を正しい状態に戻すことを確認
+        $errors = $customFields->getErrors();
+        $this->assertEquals('Eメール比較先フィールド名は半角小文字英数字とアンダースコアのみで入力してください。', $errors['meta.BcCustomContent.email_confirm']['checkAlphaNumericWithJson']);
+    }
 }

plugins/bc-custom-content/tests/TestCase/Service/CustomFieldsServiceTest.php

@@ -150,13 +150,15 @@ public function test_update()
         $this->loadFixtureScenario(CustomFieldsScenario::class);
         $customField = $this->CustomFieldsService->get(1);
         $customField->title = 'test edit title';
+        $customField->meta = ['BcCustomContent' => ['email_confirm' => 'aa']];
         //正常系をテスト
         $rs = $this->CustomFieldsService->update($customField, $customField->toArray());
         //戻る値を確認
         $this->assertEquals($rs->title, 'test edit title');
 
         //異常系をテスト
         $customField->title = null;
+        $customField->meta = ['BcCustomContent' => ['email_confirm' => 'aa']];
         $this->expectException(PersistenceFailedException::class);
         $this->expectExceptionMessage('Entity save failure. Found the following errors (title._empty: "項目見出しを入力してください。")');
         $this->CustomFieldsService->update($customField, $customField->toArray());