From 5717767ec8535bf39f00562f07856f337d6cf266 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Sun, 15 Mar 2020 16:03:55 +0700 Subject: [PATCH 01/12] fix #2704: ensure route registered via $routes->cli() not accessible via web browser even autoroute is true --- system/Router/Router.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/system/Router/Router.php b/system/Router/Router.php index f56af09c91f6..e98d0a2f2350 100644 --- a/system/Router/Router.php +++ b/system/Router/Router.php @@ -546,6 +546,25 @@ public function autoRoute(string $uri) $file = APPPATH . 'Controllers/' . $this->directory . $this->controllerName() . '.php'; if (is_file($file)) { + $controller = '\\' . $this->collection->getDefaultNamespace(); + $controller .= $this->directory ? str_replace('/', '\\', $this->directory) : ''; + $controller .= $this->controllerName(); + $methodName = $this->methodName(); + + if ($this->collection->getHTTPVerb() !== 'cli') + { + foreach ($this->collection->getRoutes('cli') as $route) + { + if (is_string($route)) + { + if ($route === $controller . '::' . $methodName) + { + return; + } + } + } + } + include_once $file; } From 73077d8d72f3d133ab9034707d42fc075ebadd20 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Sun, 15 Mar 2020 16:24:18 +0700 Subject: [PATCH 02/12] using strpos to handle segment parameter, eg: /hello/(:any) with cli --- system/Router/Router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/Router/Router.php b/system/Router/Router.php index e98d0a2f2350..48c331c2acf6 100644 --- a/system/Router/Router.php +++ b/system/Router/Router.php @@ -557,7 +557,7 @@ public function autoRoute(string $uri) { if (is_string($route)) { - if ($route === $controller . '::' . $methodName) + if (strpos($route, $controller . '::' . $methodName) !== false) { return; } From e90620f061a3d86ba8b420933558d4944c8337c1 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Sun, 15 Mar 2020 16:25:06 +0700 Subject: [PATCH 03/12] using strpos to handle segment parameter, eg: /hello/(:any) with cli --- system/Router/Router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/Router/Router.php b/system/Router/Router.php index 48c331c2acf6..6bb5101c5d81 100644 --- a/system/Router/Router.php +++ b/system/Router/Router.php @@ -557,7 +557,7 @@ public function autoRoute(string $uri) { if (is_string($route)) { - if (strpos($route, $controller . '::' . $methodName) !== false) + if (strpos($route, $controller . '::' . $methodName) === 0) { return; } From fe5e0ca91a1b93efcd5b999faae021bfdad6f372 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Sun, 15 Mar 2020 17:57:26 +0700 Subject: [PATCH 04/12] using PageNotfoundException for call cli route from web --- system/Router/Router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/Router/Router.php b/system/Router/Router.php index 6bb5101c5d81..4a0d13d918ea 100644 --- a/system/Router/Router.php +++ b/system/Router/Router.php @@ -559,7 +559,7 @@ public function autoRoute(string $uri) { if (strpos($route, $controller . '::' . $methodName) === 0) { - return; + throw new PageNotFoundException("Can't find a route for '{$uri}'."); } } } From 200f981eaacd42df3e38793ab1da6a011b52c982 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 19 Mar 2020 17:35:43 +0700 Subject: [PATCH 05/12] add unit test for open cli routes from http --- system/Router/Router.php | 2 +- tests/_support/Controllers/Commands/Hello.php | 12 ++++++++++++ tests/system/Test/FeatureTestCaseTest.php | 18 ++++++++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 tests/_support/Controllers/Commands/Hello.php diff --git a/system/Router/Router.php b/system/Router/Router.php index 4a0d13d918ea..a6e4455fe44c 100644 --- a/system/Router/Router.php +++ b/system/Router/Router.php @@ -559,7 +559,7 @@ public function autoRoute(string $uri) { if (strpos($route, $controller . '::' . $methodName) === 0) { - throw new PageNotFoundException("Can't find a route for '{$uri}'."); + throw new PageNotFoundException(); } } } diff --git a/tests/_support/Controllers/Commands/Hello.php b/tests/_support/Controllers/Commands/Hello.php new file mode 100644 index 000000000000..ae0a833c3708 --- /dev/null +++ b/tests/_support/Controllers/Commands/Hello.php @@ -0,0 +1,12 @@ +get('0'); } + + public function testOpenCliRoutesFromHttp() + { + $this->expectException(PageNotFoundException::class); + + $this->withRoutes([ + [ + 'cli', + 'hello', + '\App\Controllers\Commands\Hello::index', + ], + ]); + while (\ob_get_level() > 0) + { + \ob_end_flush(); + } + $this->get('commands/hello'); + } } From e0807e3a1cbe957ae07c2f7f6a5f7fa2a5e27620 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 19 Mar 2020 18:09:55 +0700 Subject: [PATCH 06/12] tweak test open cli routes from http implemented --- system/Router/Router.php | 20 +++++++++---------- tests/_support/Controllers/Commands/Hello.php | 12 ----------- tests/_support/Controllers/Hello.php | 11 ++++++++++ tests/system/Test/FeatureTestCaseTest.php | 16 +++++++-------- 4 files changed, 28 insertions(+), 31 deletions(-) delete mode 100644 tests/_support/Controllers/Commands/Hello.php create mode 100644 tests/_support/Controllers/Hello.php diff --git a/system/Router/Router.php b/system/Router/Router.php index a6e4455fe44c..84632df4aee3 100644 --- a/system/Router/Router.php +++ b/system/Router/Router.php @@ -542,29 +542,29 @@ public function autoRoute(string $uri) $this->params = $segments; } - // Load the file so that it's available for CodeIgniter. - $file = APPPATH . 'Controllers/' . $this->directory . $this->controllerName() . '.php'; - if (is_file($file)) + if ($this->collection->getHTTPVerb() !== 'cli') { $controller = '\\' . $this->collection->getDefaultNamespace(); $controller .= $this->directory ? str_replace('/', '\\', $this->directory) : ''; $controller .= $this->controllerName(); $methodName = $this->methodName(); - if ($this->collection->getHTTPVerb() !== 'cli') + foreach ($this->collection->getRoutes('cli') as $route) { - foreach ($this->collection->getRoutes('cli') as $route) + if (is_string($route)) { - if (is_string($route)) + if (strpos($route, $controller . '::' . $methodName) === 0) { - if (strpos($route, $controller . '::' . $methodName) === 0) - { - throw new PageNotFoundException(); - } + throw new PageNotFoundException(); } } } + } + // Load the file so that it's available for CodeIgniter. + $file = APPPATH . 'Controllers/' . $this->directory . $this->controllerName() . '.php'; + if (is_file($file)) + { include_once $file; } diff --git a/tests/_support/Controllers/Commands/Hello.php b/tests/_support/Controllers/Commands/Hello.php deleted file mode 100644 index ae0a833c3708..000000000000 --- a/tests/_support/Controllers/Commands/Hello.php +++ /dev/null @@ -1,12 +0,0 @@ -get('0'); } - public function testOpenCliRoutesFromHttp() + public function testOpenCliRoutesFromHttpGot404() { $this->expectException(PageNotFoundException::class); - $this->withRoutes([ - [ - 'cli', - 'hello', - '\App\Controllers\Commands\Hello::index', - ], - ]); + require_once SUPPORTPATH . 'Controllers/Hello.php'; + + $routes = \Config\Services::routes(); + $routes->cli('hello', 'Hello::index'); + while (\ob_get_level() > 0) { \ob_end_flush(); } - $this->get('commands/hello'); + $this->get('Hello'); } } From 04e0ad4da419f27518c28ecf6be07dedd86c0e1a Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 19 Mar 2020 18:18:38 +0700 Subject: [PATCH 07/12] using withRoutes() syntax in feature test case --- tests/system/Test/FeatureTestCaseTest.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/tests/system/Test/FeatureTestCaseTest.php b/tests/system/Test/FeatureTestCaseTest.php index 769249bacb9f..19a4c2d4e6d5 100644 --- a/tests/system/Test/FeatureTestCaseTest.php +++ b/tests/system/Test/FeatureTestCaseTest.php @@ -211,8 +211,13 @@ public function testOpenCliRoutesFromHttpGot404() require_once SUPPORTPATH . 'Controllers/Hello.php'; - $routes = \Config\Services::routes(); - $routes->cli('hello', 'Hello::index'); + $this->withRoutes([ + [ + 'cli', + 'hello', + 'Hello::index', + ], + ]); while (\ob_get_level() > 0) { From 19fc1401e30e7a08b1b146e7eb6df2ba0329c14f Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 19 Mar 2020 19:30:29 +0700 Subject: [PATCH 08/12] add test case for parameterized cli routes open from http got 404 --- tests/system/Test/FeatureTestCaseTest.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/system/Test/FeatureTestCaseTest.php b/tests/system/Test/FeatureTestCaseTest.php index 19a4c2d4e6d5..80a596fc415d 100644 --- a/tests/system/Test/FeatureTestCaseTest.php +++ b/tests/system/Test/FeatureTestCaseTest.php @@ -225,4 +225,25 @@ public function testOpenCliRoutesFromHttpGot404() } $this->get('Hello'); } + + public function testOpenParameterizedCliRoutesFromHttpGot404() + { + $this->expectException(PageNotFoundException::class); + + require_once SUPPORTPATH . 'Controllers/Hello.php'; + + $this->withRoutes([ + [ + 'cli', + 'hello/(:any)', + 'Hello::index/$1', + ], + ]); + + while (\ob_get_level() > 0) + { + \ob_end_flush(); + } + $this->get('Hello/index/samsonasik'); + } } From e36edd77f70574d39060b89787b819cf353e249f Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 19 Mar 2020 19:39:11 +0700 Subject: [PATCH 09/12] using dataProvider in test open cli routes from http got 404 for parameterized and non parameterized --- tests/system/Test/FeatureTestCaseTest.php | 36 +++++++++++------------ 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/tests/system/Test/FeatureTestCaseTest.php b/tests/system/Test/FeatureTestCaseTest.php index 80a596fc415d..a2e4a6321325 100644 --- a/tests/system/Test/FeatureTestCaseTest.php +++ b/tests/system/Test/FeatureTestCaseTest.php @@ -205,28 +205,26 @@ public function testCallZeroAsPathGot404() $this->get('0'); } - public function testOpenCliRoutesFromHttpGot404() + public function provideRoutesData() { - $this->expectException(PageNotFoundException::class); - - require_once SUPPORTPATH . 'Controllers/Hello.php'; - - $this->withRoutes([ - [ - 'cli', + return [ + 'non parameterized cli' => [ 'hello', 'Hello::index', + 'Hello', ], - ]); - - while (\ob_get_level() > 0) - { - \ob_end_flush(); - } - $this->get('Hello'); + 'parameterized cli' => [ + 'hello/(:any)', + 'Hello::index/$1', + 'Hello/index/samsonasik', + ], + ]; } - public function testOpenParameterizedCliRoutesFromHttpGot404() + /** + * @dataProvider provideRoutesData + */ + public function testOpenCliRoutesFromHttpGot404($from, $to, $httpGet) { $this->expectException(PageNotFoundException::class); @@ -235,8 +233,8 @@ public function testOpenParameterizedCliRoutesFromHttpGot404() $this->withRoutes([ [ 'cli', - 'hello/(:any)', - 'Hello::index/$1', + $from, + $to, ], ]); @@ -244,6 +242,6 @@ public function testOpenParameterizedCliRoutesFromHttpGot404() { \ob_end_flush(); } - $this->get('Hello/index/samsonasik'); + $this->get($httpGet); } } From 92058e501751b8d76c2f350db499463363fa579e Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 19 Mar 2020 20:09:28 +0700 Subject: [PATCH 10/12] add condition for default method index when routing defined in cli as controller name only --- system/Router/Router.php | 5 +++++ tests/system/Test/FeatureTestCaseTest.php | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/system/Router/Router.php b/system/Router/Router.php index 84632df4aee3..f2eae486a64d 100644 --- a/system/Router/Router.php +++ b/system/Router/Router.php @@ -557,6 +557,11 @@ public function autoRoute(string $uri) { throw new PageNotFoundException(); } + + if ($route === $controller) + { + throw new PageNotFoundException(); + } } } } diff --git a/tests/system/Test/FeatureTestCaseTest.php b/tests/system/Test/FeatureTestCaseTest.php index a2e4a6321325..01f4bf9da8ed 100644 --- a/tests/system/Test/FeatureTestCaseTest.php +++ b/tests/system/Test/FeatureTestCaseTest.php @@ -218,6 +218,11 @@ public function provideRoutesData() 'Hello::index/$1', 'Hello/index/samsonasik', ], + 'default method index' => [ + 'hello', + 'Hello', + 'Hello', + ], ]; } From 36a9a10a7190dc96ccdfb59d2749e0ff68f94323 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 19 Mar 2020 20:26:24 +0700 Subject: [PATCH 11/12] add condition for multi case, eg: capitalized controller in URI --- system/Router/Router.php | 4 +++- tests/system/Test/FeatureTestCaseTest.php | 11 ++++++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/system/Router/Router.php b/system/Router/Router.php index f2eae486a64d..a72915acda72 100644 --- a/system/Router/Router.php +++ b/system/Router/Router.php @@ -547,12 +547,14 @@ public function autoRoute(string $uri) $controller = '\\' . $this->collection->getDefaultNamespace(); $controller .= $this->directory ? str_replace('/', '\\', $this->directory) : ''; $controller .= $this->controllerName(); - $methodName = $this->methodName(); + $controller = strtolower($controller); + $methodName = strtolower($this->methodName()); foreach ($this->collection->getRoutes('cli') as $route) { if (is_string($route)) { + $route = strtolower($route); if (strpos($route, $controller . '::' . $methodName) === 0) { throw new PageNotFoundException(); diff --git a/tests/system/Test/FeatureTestCaseTest.php b/tests/system/Test/FeatureTestCaseTest.php index 01f4bf9da8ed..04e3b92a74e1 100644 --- a/tests/system/Test/FeatureTestCaseTest.php +++ b/tests/system/Test/FeatureTestCaseTest.php @@ -208,21 +208,26 @@ public function testCallZeroAsPathGot404() public function provideRoutesData() { return [ - 'non parameterized cli' => [ + 'non parameterized cli' => [ 'hello', 'Hello::index', 'Hello', ], - 'parameterized cli' => [ + 'parameterized cli' => [ 'hello/(:any)', 'Hello::index/$1', 'Hello/index/samsonasik', ], - 'default method index' => [ + 'default method index' => [ 'hello', 'Hello', 'Hello', ], + 'Capitalized controller' => [ + 'hello', + 'Hello', + 'HELLO', + ], ]; } From d5af6b30f5abb52e601b7c4cddcad5d45a516590 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 19 Mar 2020 20:29:47 +0700 Subject: [PATCH 12/12] add condition for multi case, eg: capitalized controller and/or method in URI --- tests/system/Test/FeatureTestCaseTest.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/system/Test/FeatureTestCaseTest.php b/tests/system/Test/FeatureTestCaseTest.php index 04e3b92a74e1..b89422760085 100644 --- a/tests/system/Test/FeatureTestCaseTest.php +++ b/tests/system/Test/FeatureTestCaseTest.php @@ -208,25 +208,25 @@ public function testCallZeroAsPathGot404() public function provideRoutesData() { return [ - 'non parameterized cli' => [ + 'non parameterized cli' => [ 'hello', 'Hello::index', 'Hello', ], - 'parameterized cli' => [ + 'parameterized cli' => [ 'hello/(:any)', 'Hello::index/$1', 'Hello/index/samsonasik', ], - 'default method index' => [ + 'default method index' => [ 'hello', 'Hello', 'Hello', ], - 'Capitalized controller' => [ + 'capitalized controller and/or method' => [ 'hello', 'Hello', - 'HELLO', + 'HELLO/INDEX', ], ]; }