Merge pull request #2 from EcoOnline/ESR/EPC-11157-uuid-500

EPC-11157: validate `Guid` values (and return a proper HTTP 400)
flat3 · Aug 7, 2024 · 940dc98 · 940dc98
2 parents 43b73e5 + f64d6de
commit 940dc98
Show file tree

Hide file tree

Showing 5 changed files with 33 additions and 2 deletions.
diff --git a/src/Primitive.php b/src/Primitive.php
@@ -57,6 +57,11 @@ public function __construct($value = null)
      * @return Primitive
      */
     abstract public function set($value);
+
+    public function allows($value): bool
+    {
+        return true;
+    }
 
     /**
      * Get the internal representation of the value

diff --git a/src/PrimitiveType.php b/src/PrimitiveType.php
@@ -99,4 +99,9 @@ public function getOpenAPISchema(): array
     {
         return $this->instance()->getOpenAPISchema();
     }
-}
+
+    public function allowsValue($value): bool
+    {
+        return $this->instance()->allows($value);
+    }
+}
diff --git a/src/Property.php b/src/Property.php
@@ -370,7 +370,11 @@ public function isSearchable(): bool
      */
     public function assertAllowsValue($value)
     {
-        if (!$this->isNullable() && $value === null) {
+        if ($value === null) {
+            if ($this->isNullable()) {
+                return;
+            }
+
             throw new BadRequestException(
                 'property_not_nullable',
                 sprintf("The property '%s' cannot be set to null", $this->getName())
@@ -383,6 +387,13 @@ public function assertAllowsValue($value)
                 sprintf("The value property '%s' exceeds the maximum length", $this->getName())
             );
         }
+
+        if (!$this->type->allowsValue($value)) {
+            throw new BadRequestException(
+                'property_value_invalid',
+                sprintf("The value property '%s' is not valid", $this->getName()),
+            );
+        }
     }
 
     /**

diff --git a/src/Type.php b/src/Type.php
@@ -229,4 +229,9 @@ public function is(string $class): bool
     {
         return is_a($this->factory, $class, true);
     }
+
+    public function allowsValue($value): bool
+    {
+        return true;
+    }
 }
diff --git a/src/Type/Guid.php b/src/Type/Guid.php
@@ -81,4 +81,9 @@ public function getOpenAPISchema(?Property $property = null): array
             'pattern' => '^'.Lexer::guid.'$',
         ]);
     }
+
+    public function allows($value): bool
+    {
+        return Lexer::patternCheck(Lexer::guid, (string) $value);
+    }
 }