dev #73233 : better validation

24d35f88 · efalcy · ec6ec5af · 24d35f88
Commit 24d35f88 authored 7 years ago by efalcy
--- a/library/Class/SearchForm/Validator.php
+++ b/library/Class/SearchForm/Validator.php
@@ -62,33 +62,77 @@ class Class_SearchForm_ValidatorMethodCalls extends NodeVisitorAbstract {
  use Trait_Translator;

  protected
-    $_trusted_nodes = [Node\Expr\New_::class,
-                       Node\Expr\Array_::class,
-                       Node\Expr\ArrayItem::class,
-                       Node\Expr\ClassConstFetch::class,
-                       Node\Expr\Assign::class,
-                       Node\Expr\Variable::class,
+    $_trusted_nodes =
+    [
+     Node\Stmt::class,
+     Node\Scalar::class,
+     Node\Name::class,
+     Node\Arg::class,
+
+     Node\Expr\ArrayDimFetch::class,
+     Node\Expr\ArrayItem::class,
+     Node\Expr\Array_::class,
+     Node\Expr\AssignOp::class,
+     Node\Expr\Assign::class,
+     Node\Expr\BinaryOp::class,
+     Node\Expr\BitwiseNot::class,
+     Node\Expr\BooleanNot::class,
+     Node\Expr\Cast::class,
+     Node\Expr\ClassConstFetch::class,
+     Node\Expr\ConstFetch::class,
+     Node\Expr\Empty_::class,
+     Node\Expr\Instanceof_::class,
+     Node\Expr\Isset_::class,
+     Node\Expr\New_::class,
+     Node\Expr\PostDec::class,
+     Node\Expr\PostInc::class,
+     Node\Expr\PreDec::class,
+     Node\Expr\PreInc::class,
+     Node\Expr\PropertyFetch::class,
+     Node\Expr\StaticPropertyFetch::class,
+     Node\Expr\Ternary::class,
+     Node\Expr\UnaryMinus::class,
+     Node\Expr\UnaryPlus::class,
+     Node\Expr\Variable::class,
    ],

-    $_checkable_nodes = [Node\Expr\MethodCall::class,
-                         Node\Expr\StaticCall::class,
+    $_checkable_nodes =
+    [
+     Node\Expr\MethodCall::class,
+     Node\Expr\StaticCall::class,
+     Node\Expr\FuncCall::class,
    ],

-    $_trusted_methods = ['addElement',
-                         'addDisplayGroup',
-                         'addUniqDisplayGroup',
-                         '_']
+    $_trusted_methods =
+    [
+     // form
+     'addElement',
+     'addDisplayGroup',
+     'addUniqDisplayGroup',
+     '_',
+     // storm
+     'find',
+     'findAll',
+     'findAllBy',
+     'findFirstBy',
+     'countBy',
+     'collect',
+     'select',
+     'reject',
+     'detect',
+     'isEmpty',
+     'first',
+     'includes',
+     'getArrayCopy',
+     'getListeTris',
+     'getMultiOptions',
+     // php
+     'count']
    ;


  public function enterNode(Node $node) {
-    if ($node instanceof Node\Stmt
-        || $node instanceof Node\Scalar
-        || $node instanceof Node\Name
-        || $node instanceof Node\Arg)
-      return;
-
-    if (in_array(get_class($node), $this->_trusted_nodes))
+    if ($this->_isTrustedNode($node))
      return;

    if (!in_array(get_class($node), $this->_checkable_nodes))
@@ -101,4 +145,13 @@ class Class_SearchForm_ValidatorMethodCalls extends NodeVisitorAbstract {
                                          $node->name,
                                          $node->getLine()));
  }
+
+
+  protected function _isTrustedNode($node) {
+    foreach($this->_trusted_nodes as $node_class)
+      if (is_a($node, $node_class))
+        return true;
+
+    return false;
+  }
 }
\ No newline at end of file