Merge pull request #3346 from magento-honey-badgers/2.3.0-qwerty-bugs

[honey] MAGETWO-95645: PHP Files Can Be Uploaded via File (attachment) Customer Attributes

Author: cpartica

app/code/Magento/CatalogGraphQl/Model/Resolver/Products/Query/Search.php

@@ -12,7 +12,6 @@
 use Magento\CatalogGraphQl\Model\Resolver\Products\SearchCriteria\Helper\Filter as FilterHelper;
 use Magento\CatalogGraphQl\Model\Resolver\Products\SearchResult;
 use Magento\CatalogGraphQl\Model\Resolver\Products\SearchResultFactory;
-use Magento\Framework\EntityManager\EntityManager;
 use Magento\Search\Api\SearchInterface;
 
 /**
@@ -45,31 +44,42 @@ class Search
      */
     private $metadataPool;
 
+    /**
+     * @var \Magento\Search\Model\Search\PageSizeProvider
+     */
+    private $pageSizeProvider;
+
     /**
      * @param SearchInterface $search
      * @param FilterHelper $filterHelper
      * @param Filter $filterQuery
      * @param SearchResultFactory $searchResultFactory
+     * @param \Magento\Framework\EntityManager\MetadataPool $metadataPool
+     * @param \Magento\Search\Model\Search\PageSizeProvider $pageSize
      */
     public function __construct(
         SearchInterface $search,
         FilterHelper $filterHelper,
         Filter $filterQuery,
         SearchResultFactory $searchResultFactory,
-        \Magento\Framework\EntityManager\MetadataPool $metadataPool
+        \Magento\Framework\EntityManager\MetadataPool $metadataPool,
+        \Magento\Search\Model\Search\PageSizeProvider $pageSize
     ) {
         $this->search = $search;
         $this->filterHelper = $filterHelper;
         $this->filterQuery = $filterQuery;
         $this->searchResultFactory = $searchResultFactory;
         $this->metadataPool = $metadataPool;
+        $this->pageSizeProvider = $pageSize;
     }
 
     /**
      * Return results of full text catalog search of given term, and will return filtered results if filter is specified
      *
      * @param SearchCriteriaInterface $searchCriteria
+     * @param ResolveInfo $info
      * @return SearchResult
+     * @throws \Exception
      */
     public function getResult(SearchCriteriaInterface $searchCriteria, ResolveInfo $info) : SearchResult
     {
@@ -79,7 +89,8 @@ public function getResult(SearchCriteriaInterface $searchCriteria, ResolveInfo $
         $realPageSize = $searchCriteria->getPageSize();
         $realCurrentPage = $searchCriteria->getCurrentPage();
         // Current page must be set to 0 and page size to max for search to grab all ID's as temporary workaround
-        $searchCriteria->setPageSize(PHP_INT_MAX);
+        $pageSize = $this->pageSizeProvider->getMaxPageSize();
+        $searchCriteria->setPageSize($pageSize);
         $searchCriteria->setCurrentPage(0);
         $itemsResults = $this->search->search($searchCriteria);
 

app/code/Magento/Eav/Model/Attribute/Data/File.php

@@ -120,8 +120,7 @@ public function extractValue(RequestInterface $request)
     }
 
     /**
-     * Validate file by attribute validate rules
-     * Return array of errors
+     * Validate file by attribute validate rules and return array of errors
      *
      * @param array $value
      * @return string[]
@@ -147,7 +146,7 @@ protected function _validateByRules($value)
             return $this->_fileValidator->getMessages();
         }
 
-        if (!is_uploaded_file($value['tmp_name'])) {
+        if (!empty($value['tmp_name']) && !is_uploaded_file($value['tmp_name'])) {
             return [__('"%1" is not a valid file.', $label)];
         }
 
@@ -174,12 +173,22 @@ public function validateValue($value)
         if ($this->getIsAjaxRequest()) {
             return true;
         }
+        $fileData = $value;
+
+        if (is_string($value) && !empty($value)) {
+            $dir = $this->_directory->getAbsolutePath($this->getAttribute()->getEntityType()->getEntityTypeCode());
+            $fileData = [
+                'size' => filesize($dir . $value),
+                'name' => $value,
+                'tmp_name' => $dir . $value
+            ];
+        }
 
         $errors = [];
         $attribute = $this->getAttribute();
 
         $toDelete = !empty($value['delete']) ? true : false;
-        $toUpload = !empty($value['tmp_name']) ? true : false;
+        $toUpload = !empty($value['tmp_name']) || is_string($value) && !empty($value) ? true : false;
 
         if (!$toUpload && !$toDelete && $this->getEntity()->getData($attribute->getAttributeCode())) {
             return true;
@@ -195,11 +204,13 @@ public function validateValue($value)
         }
 
         if ($toUpload) {
-            $errors = array_merge($errors, $this->_validateByRules($value));
+            $errors = array_merge($errors, $this->_validateByRules($fileData));
         }
 
         if (count($errors) == 0) {
             return true;
+        } elseif (is_string($value) && !empty($value)) {
+            $this->_directory->delete($dir . $value);
         }
 
         return $errors;

app/code/Magento/Elasticsearch/etc/di.xml

@@ -413,4 +413,12 @@
             <argument name="fieldTypeResolver" xsi:type="object">\Magento\Elasticsearch\Elasticsearch5\Model\Adapter\FieldMapper\Product\FieldProvider\FieldType\Resolver\CompositeResolver</argument>
         </arguments>
     </type>
+    <type name="Magento\Search\Model\Search\PageSizeProvider">
+        <arguments>
+            <argument name="pageSizeBySearchEngine" xsi:type="array">
+                <item name="elasticsearch" xsi:type="number">2147483647</item>
+                <item name="elasticsearch5" xsi:type="number">2147483647</item>
+            </argument>
+        </arguments>
+    </type>
 </config>

app/code/Magento/Search/Model/Search/PageSizeProvider.php

@@ -0,0 +1,54 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Search\Model\Search;
+
+/**
+ * Returns max  page size by search engine name
+ * @api
+ */
+class PageSizeProvider
+{
+    /**
+     * @var \Magento\Search\Model\EngineResolver
+     */
+    private $engineResolver;
+
+    /**
+     * @var array
+     */
+    private $pageSizeBySearchEngine;
+
+    /**
+     * @param \Magento\Search\Model\EngineResolver $engineResolver
+     * @param array $pageSizeBySearchEngine
+     */
+    public function __construct(
+        \Magento\Search\Model\EngineResolver $engineResolver,
+        array $pageSizeBySearchEngine = []
+    ) {
+        $this->engineResolver = $engineResolver;
+        $this->pageSizeBySearchEngine = $pageSizeBySearchEngine;
+    }
+
+    /**
+     * Returns max_page_size depends on engine
+     *
+     * @return integer
+     */
+    public function getMaxPageSize() : int
+    {
+        $searchEngine = $this->engineResolver->getCurrentSearchEngine();
+
+        $pageSize = PHP_INT_MAX;
+        if (isset($this->pageSizeBySearchEngine[$searchEngine])) {
+            $pageSize = $this->pageSizeBySearchEngine[$searchEngine];
+        }
+
+        return (int)$pageSize;
+    }
+}

app/code/Magento/Search/Test/Unit/Model/Search/PageSizeProviderTest.php

@@ -0,0 +1,61 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Search\Test\Unit\Model\Search;
+
+use Magento\Search\Model\Search\PageSizeProvider;
+
+class PageSizeProviderTest extends \PHPUnit\Framework\TestCase
+{
+    /**
+     * @var PageSizeProvider
+     */
+    private $model;
+
+    /**
+     * @var \Magento\Search\Model\EngineResolver|\PHPUnit_Framework_MockObject_MockObject
+     */
+    private $pageSizeBySearchEngineMock;
+
+    public function setUp()
+    {
+        $this->pageSizeBySearchEngineMock = $this->getMockBuilder(\Magento\Search\Model\EngineResolver::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+
+        $this->model = new PageSizeProvider(
+
+            $this->pageSizeBySearchEngineMock,
+            ['search' => 10,
+                'catalogSearch3' => 11
+            ]
+        );
+    }
+
+    /**
+     * @param string $searchEngine
+     * @param int $size
+     * @dataProvider getPageSizeDataProvider
+     */
+    public function testGetPageSize($searchEngine, $size)
+    {
+        $this->pageSizeBySearchEngineMock
+            ->expects($this->once())
+            ->method('getCurrentSearchEngine')
+            ->willReturn($searchEngine);
+        $this->assertEquals($size, $this->model->getMaxPageSize());
+    }
+
+    public function getPageSizeDataProvider()
+    {
+        return [
+            ['search', 10],
+            ['catalogSearch3', 11],
+            ['newSearch', PHP_INT_MAX]
+        ];
+    }
+}

dev/tests/js/jasmine/tests/lib/mage/validation.test.js

@@ -1142,4 +1142,24 @@ define([
             )).toEqual(true);
         });
     });
+
+    describe('Testing validate-forbidden-extensions', function () {
+        it('validate-forbidden-extensions', function () {
+            var el1 = $('<input type="text" value="" ' +
+                'class="validate-extensions" data-validation-params="php,phtml">').get(0);
+
+            expect($.validator.methods['validate-forbidden-extensions']
+                .call($.validator.prototype, 'php', el1, null)).toEqual(false);
+            expect($.validator.methods['validate-forbidden-extensions']
+                .call($.validator.prototype, 'php,phtml', el1, null)).toEqual(false);
+            expect($.validator.methods['validate-forbidden-extensions']
+                .call($.validator.prototype, 'html', el1, null)).toEqual(true);
+            expect($.validator.methods['validate-forbidden-extensions']
+                .call($.validator.prototype, 'html,png', el1, null)).toEqual(true);
+            expect($.validator.methods['validate-forbidden-extensions']
+                .call($.validator.prototype, 'php,html', el1, null)).toEqual(false);
+            expect($.validator.methods['validate-forbidden-extensions']
+                .call($.validator.prototype, 'html,php', el1, null)).toEqual(false);
+        });
+    });
 });

lib/internal/Magento/Framework/Data/Form/Element/Text.php

@@ -4,15 +4,13 @@
  * See COPYING.txt for license details.
  */
 
-/**
- * Form text element
- *
- * @author      Magento Core Team <[email protected]>
- */
 namespace Magento\Framework\Data\Form\Element;
 
 use Magento\Framework\Escaper;
 
+/**
+ * Form text element
+ */
 class Text extends AbstractElement
 {
     /**
@@ -65,6 +63,7 @@ public function getHtmlAttributes()
             'placeholder',
             'data-form-part',
             'data-role',
+            'data-validation-params',
             'data-action'
         ];
     }

lib/web/mage/validation.js

@@ -881,6 +881,27 @@
             },
             $.mage.__('Please enter a valid number in this field.')
         ],
+        'validate-forbidden-extensions': [
+            function (v, elem) {
+                var forbiddenExtensions = $(elem).attr('data-validation-params'),
+                    forbiddenExtensionsArray = forbiddenExtensions.split(','),
+                    extensionsArray = v.split(','),
+                    result = true;
+
+                this.validateExtensionsMessage = $.mage.__('Forbidden extensions has been used. Avoid usage of ') +
+                    forbiddenExtensions;
+
+                $.each(extensionsArray, function (key, extension) {
+                    if (forbiddenExtensionsArray.indexOf(extension) !== -1) {
+                        result = false;
+                    }
+                });
+
+                return result;
+            }, function () {
+                return this.validateExtensionsMessage;
+            }
+        ],
         'validate-digits-range': [
             function (v, elm, param) {
                 var numValue, dataAttrRange, classNameRange, result, range, m, classes, ii;