search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[3.1.0] Feature-parity achieved for validator! Implement alias checking.
[htmlpurifier.git] / library / HTMLPurifier / ConfigSchema / Validator.php
blobbb88b1ffe894ddb02cdd872215c1c5a2e46d9586
1 <?php
2
3 /**
4 * Performs validations on HTMLPurifier_ConfigSchema_Interchange
5 *
6 * @note If you see '// handled by InterchangeBuilder', that means a
7 * design decision in that class would prevent this validation from
8 * ever being necessary. We have them anyway, however, for
9 * redundancy.
10 */
11 class HTMLPurifier_ConfigSchema_Validator
12 {
13
14 /**
15 * Easy to access global objects.
16 */
17 protected $interchange, $aliases;
18
19 /**
20 * Context-stack to provide easy to read error messages.
21 */
22 protected $context = array();
23
24 /**
25 * HTMLPurifier_VarParser to test default's type.
26 */
27 protected $parser;
28
29 public function __construct() {
30 $this->parser = new HTMLPurifier_VarParser();
31 }
32
33 /**
34 * Validates a fully-formed interchange object. Throws an
35 * HTMLPurifier_ConfigSchema_Exception if there's a problem.
36 */
37 public function validate($interchange) {
38 $this->interchange = $interchange;
39 $this->aliases = array();
40 // PHP is a bit lax with integer <=> string conversions in
41 // arrays, so we don't use the identical !== comparison
42 foreach ($interchange->namespaces as $i => $namespace) {
43 if ($i != $namespace->namespace) $this->error(false, "Integrity violation: key '$i' does not match internal id '{$namespace->namespace}'");
44 $this->validateNamespace($namespace);
45 }
46 foreach ($interchange->directives as $i => $directive) {
47 $id = $directive->id->toString();
48 if ($i != $id) $this->error(false, "Integrity violation: key '$i' does not match internal id '$id'");
49 $this->validateDirective($directive);
50 }
51 }
52
53 /**
54 * Validates a HTMLPurifier_ConfigSchema_Interchange_Namespace object.
55 */
56 public function validateNamespace($n) {
57 $this->context[] = "namespace '{$n->namespace}'";
58 $this->with($n, 'namespace')
59 ->assertNotEmpty()
60 ->assertAlnum(); // implicit assertIsString handled by InterchangeBuilder
61 $this->with($n, 'description')
62 ->assertNotEmpty()
63 ->assertIsString(); // handled by InterchangeBuilder
64 array_pop($this->context);
65 }
66
67 /**
68 * Validates a HTMLPurifier_ConfigSchema_Interchange_Id object.
69 */
70 public function validateId($id) {
71 $id_string = $id->toString();
72 $this->context[] = "id '$id_string'";
73 if (!$id instanceof HTMLPurifier_ConfigSchema_Interchange_Id) {
74 // handled by InterchangeBuilder
75 $this->error(false, 'is not an instance of HTMLPurifier_ConfigSchema_Interchange_Id');
76 }
77 if (!isset($this->interchange->namespaces[$id->namespace])) {
78 $this->error('namespace', 'does not exist'); // assumes that the namespace was validated already
79 }
80 $this->with($id, 'directive')
81 ->assertNotEmpty()
82 ->assertAlnum(); // implicit assertIsString handled by InterchangeBuilder
83 array_pop($this->context);
84 }
85
86 /**
87 * Validates a HTMLPurifier_ConfigSchema_Interchange_Directive object.
88 */
89 public function validateDirective($d) {
90 $id = $d->id->toString();
91 $this->context[] = "directive '$id'";
92 $this->validateId($d->id);
93
94 $this->with($d, 'description')
95 ->assertNotEmpty();
96
97 // BEGIN - handled by InterchangeBuilder
98 $this->with($d, 'type')
99 ->assertNotEmpty();
100 $this->with($d, 'typeAllowsNull')
101 ->assertIsBool();
102 try {
103 // This also tests validity of $d->type
104 $this->parser->parse($d->default, $d->type, $d->typeAllowsNull);
105 } catch (HTMLPurifier_VarParserException $e) {
106 $this->error('default', 'had error: ' . $e->getMessage());
107 }
108 // END - handled by InterchangeBuilder
109
110 if (!is_null($d->allowed) || !empty($d->valueAliases)) {
111 // allowed and valueAliases require that we be dealing with
112 // strings, so check for that early.
113 if (!isset(HTMLPurifier_VarParser::$stringTypes[$d->type])) {
114 $this->error('type', 'must be a string type when used with allowed or value aliases');
115 }
116 }
117
118 $this->validateDirectiveAllowed($d);
119 $this->validateDirectiveValueAliases($d);
120 $this->validateDirectiveAliases($d);
121
122 array_pop($this->context);
123 }
124
125 /**
126 * Extra validation if $allowed member variable of
127 * HTMLPurifier_ConfigSchema_Interchange_Directive is defined.
128 */
129 public function validateDirectiveAllowed($d) {
130 if (is_null($d->allowed)) return;
131 $this->with($d, 'allowed')
132 ->assertNotEmpty()
133 ->assertIsLookup(); // handled by InterchangeBuilder
134 if (!isset($d->allowed[$d->default])) {
135 $this->error('default', 'must be an allowed value');
136 }
137 $this->context[] = 'allowed';
138 foreach ($d->allowed as $val => $x) {
139 if (!is_string($val)) $this->error("value $val", 'must be a string');
140 }
141 array_pop($this->context);
142 }
143
144 /**
145 * Extra validation if $valueAliases member variable of
146 * HTMLPurifier_ConfigSchema_Interchange_Directive is defined.
147 */
148 public function validateDirectiveValueAliases($d) {
149 if (is_null($d->valueAliases)) return;
150 $this->with($d, 'valueAliases')
151 ->assertIsArray(); // handled by InterchangeBuilder
152 $this->context[] = 'valueAliases';
153 foreach ($d->valueAliases as $alias => $real) {
154 if (!is_string($alias)) $this->error("alias $alias", 'must be a string');
155 if (!is_string($real)) $this->error("alias target $real from alias '$alias'", 'must be a string');
156 if ($alias === $real) {
157 $this->error("alias '$alias'", "must not be an alias to itself");
158 }
159 }
160 if (!is_null($d->allowed)) {
161 foreach ($d->valueAliases as $alias => $real) {
162 if (isset($d->allowed[$alias])) {
163 $this->error("alias '$alias'", 'must not be an allowed value');
164 } elseif (!isset($d->allowed[$real])) {
165 $this->error("alias '$alias'", 'must be an alias to an allowed value');
166 }
167 }
168 }
169 array_pop($this->context);
170 }
171
172 /**
173 * Extra validation if $aliases member variable of
174 * HTMLPurifier_ConfigSchema_Interchange_Directive is defined.
175 */
176 public function validateDirectiveAliases($d) {
177 $this->with($d, 'aliases')
178 ->assertIsArray(); // handled by InterchangeBuilder
179 $this->context[] = 'aliases';
180 foreach ($d->aliases as $alias) {
181 $this->validateId($alias);
182 $s = $alias->toString();
183 if (isset($this->interchange->directives[$s])) {
184 $this->error("alias '$s'", 'collides with another directive');
185 }
186 if (isset($this->aliases[$s])) {
187 $other_directive = $this->aliases[$s];
188 $this->error("alias '$s'", "collides with alias for directive '$other_directive'");
189 }
190 $this->aliases[$s] = $d->id->toString();
191 }
192 array_pop($this->context);
193 }
194
195 // protected helper functions
196
197 /**
198 * Convenience function for generating HTMLPurifier_ConfigSchema_ValidatorAtom
199 * for validating simple member variables of objects.
200 */
201 protected function with($obj, $member) {
202 return new HTMLPurifier_ConfigSchema_ValidatorAtom($this->getFormattedContext(), $obj, $member);
203 }
204
205 /**
206 * Emits an error, providing helpful context.
207 */
208 protected function error($target, $msg) {
209 if ($target !== false) $prefix = ucfirst($target) . ' in ' . $this->getFormattedContext();
210 else $prefix = ucfirst($this->getFormattedContext());
211 throw new HTMLPurifier_ConfigSchema_Exception(trim($prefix . ' ' . $msg));
212 }
213
214 /**
215 * Returns a formatted context string.
216 */
217 protected function getFormattedContext() {
218 return implode(' in ', array_reverse($this->context));
219 }
220
221 }
Standards-compliant HTML filter written in PHP