From dc7c13479c8a802c12ba0c20fb71cd0cd454ec83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20B=C3=B6hmer?= Date: Wed, 6 Mar 2024 19:46:11 +0100 Subject: [PATCH] Add proper length constraint validations to all string mapped ORM fields, so they show a nice validation error, instead of a 500 error Fixes issue #544 --- src/Entity/Attachments/Attachment.php | 1 + src/Entity/Base/AbstractCompany.php | 6 ++++++ src/Entity/Base/AbstractNamedDBElement.php | 1 + src/Entity/EDA/EDACategoryInfo.php | 3 +++ src/Entity/EDA/EDAFootprintInfo.php | 2 ++ src/Entity/EDA/EDAPartInfo.php | 5 +++++ src/Entity/Parameters/AbstractParameter.php | 3 +++ src/Entity/Parts/MeasurementUnit.php | 1 + src/Entity/Parts/PartAssociation.php | 2 ++ src/Entity/Parts/PartLot.php | 2 ++ src/Entity/Parts/PartTraits/AdvancedPropertyTrait.php | 2 ++ src/Entity/Parts/PartTraits/ManufacturerTrait.php | 2 ++ src/Entity/PriceInformations/Orderdetail.php | 2 ++ src/Entity/UserSystem/ApiToken.php | 2 ++ src/Entity/UserSystem/U2FKey.php | 2 ++ src/Entity/UserSystem/User.php | 5 +++++ src/Entity/UserSystem/WebauthnKey.php | 2 ++ 17 files changed, 43 insertions(+) diff --git a/src/Entity/Attachments/Attachment.php b/src/Entity/Attachments/Attachment.php index ae66da19..c940bba8 100644 --- a/src/Entity/Attachments/Attachment.php +++ b/src/Entity/Attachments/Attachment.php @@ -148,6 +148,7 @@ abstract class Attachment extends AbstractNamedDBElement */ #[ORM\Column(type: Types::STRING, nullable: true)] #[Groups(['full', 'attachment:read'])] + #[Assert\Length(max: 255)] protected ?string $original_filename = null; /** diff --git a/src/Entity/Base/AbstractCompany.php b/src/Entity/Base/AbstractCompany.php index 3b6e6ccd..0d5b3579 100644 --- a/src/Entity/Base/AbstractCompany.php +++ b/src/Entity/Base/AbstractCompany.php @@ -50,6 +50,7 @@ abstract class AbstractCompany extends AbstractPartsContainingDBElement */ #[Groups(['full', 'company:read', 'company:write'])] #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $address = ''; /** @@ -57,6 +58,7 @@ abstract class AbstractCompany extends AbstractPartsContainingDBElement */ #[Groups(['full', 'company:read', 'company:write'])] #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $phone_number = ''; /** @@ -64,6 +66,7 @@ abstract class AbstractCompany extends AbstractPartsContainingDBElement */ #[Groups(['full', 'company:read', 'company:write'])] #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $fax_number = ''; /** @@ -72,6 +75,7 @@ abstract class AbstractCompany extends AbstractPartsContainingDBElement #[Assert\Email] #[Groups(['full', 'company:read', 'company:write'])] #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $email_address = ''; /** @@ -80,6 +84,7 @@ abstract class AbstractCompany extends AbstractPartsContainingDBElement #[Assert\Url] #[Groups(['full', 'company:read', 'company:write'])] #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $website = ''; #[Groups(['company:read', 'company:write'])] @@ -89,6 +94,7 @@ abstract class AbstractCompany extends AbstractPartsContainingDBElement * @var string The link to the website of an article. Use %PARTNUMBER% as placeholder for the part number. */ #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $auto_product_url = ''; /******************************************************************************** diff --git a/src/Entity/Base/AbstractNamedDBElement.php b/src/Entity/Base/AbstractNamedDBElement.php index d109b71a..f7939589 100644 --- a/src/Entity/Base/AbstractNamedDBElement.php +++ b/src/Entity/Base/AbstractNamedDBElement.php @@ -45,6 +45,7 @@ abstract class AbstractNamedDBElement extends AbstractDBElement implements Named #[Assert\NotBlank] #[Groups(['simple', 'extended', 'full', 'import', 'api:basic:read', 'api:basic:write'])] #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $name = ''; /****************************************************************************** diff --git a/src/Entity/EDA/EDACategoryInfo.php b/src/Entity/EDA/EDACategoryInfo.php index 61d99988..47ce5e28 100644 --- a/src/Entity/EDA/EDACategoryInfo.php +++ b/src/Entity/EDA/EDACategoryInfo.php @@ -27,6 +27,7 @@ use Doctrine\DBAL\Types\Types; use Doctrine\ORM\Mapping\Column; use Doctrine\ORM\Mapping\Embeddable; use Symfony\Component\Serializer\Annotation\Groups; +use Symfony\Component\Validator\Constraints\Length; #[Embeddable] class EDACategoryInfo @@ -36,6 +37,7 @@ class EDACategoryInfo */ #[Column(type: Types::STRING, nullable: true)] #[Groups(['full', 'category:read', 'category:write'])] + #[Length(max: 255)] private ?string $reference_prefix = null; /** @var bool|null Visibility of this part to EDA software in trinary logic. True=Visible, False=Invisible, Null=Auto */ @@ -61,6 +63,7 @@ class EDACategoryInfo /** @var string|null The KiCAD schematic symbol, which should be used (the path to the library) */ #[Column(type: Types::STRING, nullable: true)] #[Groups(['full', 'category:read', 'category:write'])] + #[Length(max: 255)] private ?string $kicad_symbol = null; public function getReferencePrefix(): ?string diff --git a/src/Entity/EDA/EDAFootprintInfo.php b/src/Entity/EDA/EDAFootprintInfo.php index e8c5719f..b9b7a0e6 100644 --- a/src/Entity/EDA/EDAFootprintInfo.php +++ b/src/Entity/EDA/EDAFootprintInfo.php @@ -27,6 +27,7 @@ use Doctrine\DBAL\Types\Types; use Doctrine\ORM\Mapping\Column; use Doctrine\ORM\Mapping\Embeddable; use Symfony\Component\Serializer\Annotation\Groups; +use Symfony\Component\Validator\Constraints\Length; #[Embeddable] class EDAFootprintInfo @@ -34,6 +35,7 @@ class EDAFootprintInfo /** @var string|null The KiCAD footprint, which should be used (the path to the library) */ #[Column(type: Types::STRING, nullable: true)] #[Groups(['full', 'footprint:read', 'footprint:write'])] + #[Length(max: 255)] private ?string $kicad_footprint = null; public function getKicadFootprint(): ?string diff --git a/src/Entity/EDA/EDAPartInfo.php b/src/Entity/EDA/EDAPartInfo.php index 5742921a..258ef891 100644 --- a/src/Entity/EDA/EDAPartInfo.php +++ b/src/Entity/EDA/EDAPartInfo.php @@ -27,6 +27,7 @@ use Doctrine\DBAL\Types\Types; use Doctrine\ORM\Mapping\Column; use Doctrine\ORM\Mapping\Embeddable; use Symfony\Component\Serializer\Annotation\Groups; +use Symfony\Component\Validator\Constraints\Length; #[Embeddable] class EDAPartInfo @@ -36,11 +37,13 @@ class EDAPartInfo */ #[Column(type: Types::STRING, nullable: true)] #[Groups(['full', 'eda_info:read', 'eda_info:write'])] + #[Length(max: 255)] private ?string $reference_prefix = null; /** @var string|null The value, which should be shown together with the part (e.g. 470 for a 470 Ohm resistor) */ #[Column(type: Types::STRING, nullable: true)] #[Groups(['full', 'eda_info:read', 'eda_info:write'])] + #[Length(max: 255)] private ?string $value = null; /** @var bool|null Visibility of this part to EDA software in trinary logic. True=Visible, False=Invisible, Null=Auto */ @@ -66,11 +69,13 @@ class EDAPartInfo /** @var string|null The KiCAD schematic symbol, which should be used (the path to the library) */ #[Column(type: Types::STRING, nullable: true)] #[Groups(['full', 'eda_info:read', 'eda_info:write'])] + #[Length(max: 255)] private ?string $kicad_symbol = null; /** @var string|null The KiCAD footprint, which should be used (the path to the library) */ #[Column(type: Types::STRING, nullable: true)] #[Groups(['full', 'eda_info:read', 'eda_info:write'])] + #[Length(max: 255)] private ?string $kicad_footprint = null; public function __construct() diff --git a/src/Entity/Parameters/AbstractParameter.php b/src/Entity/Parameters/AbstractParameter.php index 4c18c495..9dbc41c6 100644 --- a/src/Entity/Parameters/AbstractParameter.php +++ b/src/Entity/Parameters/AbstractParameter.php @@ -151,6 +151,7 @@ abstract class AbstractParameter extends AbstractNamedDBElement */ #[Groups(['full', 'parameter:read', 'parameter:write'])] #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 50)] protected string $unit = ''; /** @@ -158,6 +159,7 @@ abstract class AbstractParameter extends AbstractNamedDBElement */ #[Groups(['full', 'parameter:read', 'parameter:write'])] #[ORM\Column(type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $value_text = ''; /** @@ -165,6 +167,7 @@ abstract class AbstractParameter extends AbstractNamedDBElement */ #[Groups(['full', 'parameter:read', 'parameter:write'])] #[ORM\Column(name: 'param_group', type: Types::STRING)] + #[Assert\Length(max: 255)] protected string $group = ''; /** diff --git a/src/Entity/Parts/MeasurementUnit.php b/src/Entity/Parts/MeasurementUnit.php index 38c59600..3ff1427b 100644 --- a/src/Entity/Parts/MeasurementUnit.php +++ b/src/Entity/Parts/MeasurementUnit.php @@ -50,6 +50,7 @@ use Doctrine\ORM\Mapping as ORM; use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; use Symfony\Component\Serializer\Annotation\Groups; use Symfony\Component\Validator\Constraints as Assert; +use Symfony\Component\Validator\Constraints\Length; /** * This unit represents the unit in which the amount of parts in stock are measured. diff --git a/src/Entity/Parts/PartAssociation.php b/src/Entity/Parts/PartAssociation.php index 1d6e8f50..843a63ee 100644 --- a/src/Entity/Parts/PartAssociation.php +++ b/src/Entity/Parts/PartAssociation.php @@ -44,6 +44,7 @@ use App\Entity\Base\TimestampTrait; use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; use Symfony\Component\Serializer\Annotation\Groups; use Symfony\Component\Validator\Constraints as Assert; +use Symfony\Component\Validator\Constraints\Length; /** * This entity describes a part association, which is a semantic connection between two parts. @@ -86,6 +87,7 @@ class PartAssociation extends AbstractDBElement implements TimeStampableInterfac #[Assert\Expression("this.getType().value !== 0 or this.getOtherType() !== null", message: 'validator.part_association.must_set_an_value_if_type_is_other')] #[Groups(['part_assoc:read', 'part_assoc:write'])] + #[Length(max: 255)] protected ?string $other_type = null; /** diff --git a/src/Entity/Parts/PartLot.php b/src/Entity/Parts/PartLot.php index 9bf5178f..2c07f349 100644 --- a/src/Entity/Parts/PartLot.php +++ b/src/Entity/Parts/PartLot.php @@ -51,6 +51,7 @@ use Exception; use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; use Symfony\Component\Serializer\Annotation\Groups; use Symfony\Component\Validator\Constraints as Assert; +use Symfony\Component\Validator\Constraints\Length; use Symfony\Component\Validator\Context\ExecutionContextInterface; /** @@ -165,6 +166,7 @@ class PartLot extends AbstractDBElement implements TimeStampableInterface, Named */ #[ORM\Column(type: Types::STRING, nullable: true)] #[Groups(['part_lot:read', 'part_lot:write'])] + #[Length(max: 255)] protected ?string $vendor_barcode = null; public function __clone() diff --git a/src/Entity/Parts/PartTraits/AdvancedPropertyTrait.php b/src/Entity/Parts/PartTraits/AdvancedPropertyTrait.php index c9d1201a..230ba7b7 100644 --- a/src/Entity/Parts/PartTraits/AdvancedPropertyTrait.php +++ b/src/Entity/Parts/PartTraits/AdvancedPropertyTrait.php @@ -28,6 +28,7 @@ use App\Entity\Parts\Part; use Doctrine\ORM\Mapping as ORM; use Symfony\Component\Serializer\Annotation\Groups; use Symfony\Component\Validator\Constraints as Assert; +use Symfony\Component\Validator\Constraints\Length; /** * Advanced properties of a part, not related to a more specific group. @@ -62,6 +63,7 @@ trait AdvancedPropertyTrait #[Assert\Length(max: 100)] #[Groups(['extended', 'full', 'import', 'part:read', 'part:write'])] #[ORM\Column(type: Types::STRING, length: 100, unique: true, nullable: true)] + #[Length(max: 100)] protected ?string $ipn = null; /** diff --git a/src/Entity/Parts/PartTraits/ManufacturerTrait.php b/src/Entity/Parts/PartTraits/ManufacturerTrait.php index 7d2a9a9d..5d7f8749 100644 --- a/src/Entity/Parts/PartTraits/ManufacturerTrait.php +++ b/src/Entity/Parts/PartTraits/ManufacturerTrait.php @@ -30,6 +30,7 @@ use App\Validator\Constraints\Selectable; use Doctrine\ORM\Mapping as ORM; use Symfony\Component\Serializer\Annotation\Groups; use Symfony\Component\Validator\Constraints as Assert; +use Symfony\Component\Validator\Constraints\Length; /** * In this trait all manufacturer related properties of a part are collected (like MPN, manufacturer URL). @@ -58,6 +59,7 @@ trait ManufacturerTrait */ #[Groups(['extended', 'full', 'import', 'part:read', 'part:write'])] #[ORM\Column(type: Types::STRING)] + #[Length(max: 255)] protected string $manufacturer_product_number = ''; /** diff --git a/src/Entity/PriceInformations/Orderdetail.php b/src/Entity/PriceInformations/Orderdetail.php index 5257c999..6e0ad251 100644 --- a/src/Entity/PriceInformations/Orderdetail.php +++ b/src/Entity/PriceInformations/Orderdetail.php @@ -52,6 +52,7 @@ use Doctrine\ORM\Mapping as ORM; use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; use Symfony\Component\Serializer\Annotation\Groups; use Symfony\Component\Validator\Constraints as Assert; +use Symfony\Component\Validator\Constraints\Length; /** * Class Orderdetail. @@ -106,6 +107,7 @@ class Orderdetail extends AbstractDBElement implements TimeStampableInterface, N */ #[Groups(['extended', 'full', 'import', 'orderdetail:read', 'orderdetail:write'])] #[ORM\Column(type: Types::STRING)] + #[Length(max: 255)] protected string $supplierpartnr = ''; /** diff --git a/src/Entity/UserSystem/ApiToken.php b/src/Entity/UserSystem/ApiToken.php index b1c75b6c..dacb8223 100644 --- a/src/Entity/UserSystem/ApiToken.php +++ b/src/Entity/UserSystem/ApiToken.php @@ -36,6 +36,7 @@ use Doctrine\DBAL\Types\Types; use Doctrine\ORM\Mapping as ORM; use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; use Symfony\Component\Serializer\Annotation\Groups; +use Symfony\Component\Validator\Constraints\Length; use Symfony\Component\Validator\Constraints\NotBlank; #[ORM\Entity(repositoryClass: ApiTokenRepository::class)] @@ -64,6 +65,7 @@ class ApiToken implements TimeStampableInterface protected int $id; #[ORM\Column(type: Types::STRING)] + #[Length(max: 255)] #[NotBlank] #[Groups('token:read')] protected string $name = ''; diff --git a/src/Entity/UserSystem/U2FKey.php b/src/Entity/UserSystem/U2FKey.php index 4cd83fd6..d1d864bc 100644 --- a/src/Entity/UserSystem/U2FKey.php +++ b/src/Entity/UserSystem/U2FKey.php @@ -27,6 +27,7 @@ use Doctrine\DBAL\Types\Types; use App\Entity\Base\TimestampTrait; use Doctrine\ORM\Mapping as ORM; use Jbtronics\TFAWebauthn\Model\LegacyU2FKeyInterface; +use Symfony\Component\Validator\Constraints\Length; #[ORM\Entity] #[ORM\HasLifecycleCallbacks] @@ -44,6 +45,7 @@ class U2FKey implements LegacyU2FKeyInterface, TimeStampableInterface * @var string **/ #[ORM\Column(type: Types::STRING, length: 128)] + #[Length(max: 128)] public string $keyHandle = ''; /** diff --git a/src/Entity/UserSystem/User.php b/src/Entity/UserSystem/User.php index 38d67c7e..6f2a8f25 100644 --- a/src/Entity/UserSystem/User.php +++ b/src/Entity/UserSystem/User.php @@ -50,6 +50,7 @@ use Jbtronics\TFAWebauthn\Model\LegacyU2FKeyInterface; use Nbgrp\OneloginSamlBundle\Security\User\SamlUserInterface; use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface; use Symfony\Component\Serializer\Annotation\Groups; +use Symfony\Component\Validator\Constraints\Length; use Webauthn\PublicKeyCredentialUserEntity; use function count; use DateTime; @@ -204,6 +205,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe #[Assert\Email] #[Groups(['simple', 'extended', 'full', 'import', 'user:read'])] #[ORM\Column(type: Types::STRING, length: 255, nullable: true)] + #[Length(max: 255)] protected ?string $email = ''; /** @@ -218,6 +220,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe */ #[Groups(['simple', 'extended', 'full', 'import', 'user:read'])] #[ORM\Column(type: Types::STRING, length: 255, nullable: true)] + #[Length(max: 255)] protected ?string $department = ''; /** @@ -225,6 +228,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe */ #[Groups(['simple', 'extended', 'full', 'import', 'user:read'])] #[ORM\Column(type: Types::STRING, length: 255, nullable: true)] + #[Length(max: 255)] protected ?string $last_name = ''; /** @@ -232,6 +236,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe */ #[Groups(['simple', 'extended', 'full', 'import', 'user:read'])] #[ORM\Column(type: Types::STRING, length: 255, nullable: true)] + #[Length(max: 255)] protected ?string $first_name = ''; /** diff --git a/src/Entity/UserSystem/WebauthnKey.php b/src/Entity/UserSystem/WebauthnKey.php index 8c8fa951..458c5ca4 100644 --- a/src/Entity/UserSystem/WebauthnKey.php +++ b/src/Entity/UserSystem/WebauthnKey.php @@ -26,6 +26,7 @@ use App\Entity\Contracts\TimeStampableInterface; use Doctrine\DBAL\Types\Types; use App\Entity\Base\TimestampTrait; use Doctrine\ORM\Mapping as ORM; +use Symfony\Component\Validator\Constraints\Length; use Symfony\Component\Validator\Constraints\NotBlank; use Webauthn\PublicKeyCredentialSource as BasePublicKeyCredentialSource; @@ -43,6 +44,7 @@ class WebauthnKey extends BasePublicKeyCredentialSource implements TimeStampable #[ORM\Column(type: Types::STRING)] #[NotBlank] + #[Length(max: 255)] protected string $name = ''; #[ORM\ManyToOne(targetEntity: User::class, inversedBy: 'webauthn_keys')]