From c0e9eb300ee33163af59c8798b497435e94b6e7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Poirier=20Th=C3=A9or=C3=AAt?= Date: Wed, 15 Jun 2022 07:34:56 -0400 Subject: [PATCH] temporary remove subclass query parameter in GetShortObjectDescriptionAction --- .../GetShortObjectDescriptionAction.php | 18 +++++++++-- .../GetShortObjectDescriptionActionTest.php | 31 +++++++++++++++++++ 2 files changed, 46 insertions(+), 3 deletions(-) diff --git a/src/Action/GetShortObjectDescriptionAction.php b/src/Action/GetShortObjectDescriptionAction.php index 53b8648a0e..2a76920a1f 100644 --- a/src/Action/GetShortObjectDescriptionAction.php +++ b/src/Action/GetShortObjectDescriptionAction.php @@ -50,9 +50,21 @@ public function __invoke(Request $request): Response throw new BadRequestParamHttpException('objectId', ['string', 'int'], $objectId); } - $object = $admin->getObject($objectId); - if (null === $object) { - throw new NotFoundHttpException(sprintf('Could not find subject for id "%s"', $objectId)); + // If the subclass parameter is present it can cause conflict with other admin. + // The admin do not need subclass parameter to load an existing object. + $subclass = $request->query->get('subclass'); + $request->query->remove('subclass'); + + try { + $object = $admin->getObject($objectId); + if (null === $object) { + throw new NotFoundHttpException(sprintf('Could not find subject for id "%s"', $objectId)); + } + } finally { + // Restore the subclass if present to reduce impact of the parameter removal above. + if (null !== $subclass) { + $request->query->set('subclass', $subclass); + } } if ('json' === $request->get('_format')) { diff --git a/tests/Action/GetShortObjectDescriptionActionTest.php b/tests/Action/GetShortObjectDescriptionActionTest.php index 3170c71dfc..c6ff9fb994 100644 --- a/tests/Action/GetShortObjectDescriptionActionTest.php +++ b/tests/Action/GetShortObjectDescriptionActionTest.php @@ -167,4 +167,35 @@ public function testGetShortObjectDescriptionActionObjectAsJson(): void static::assertSame('{"result":{"id":"42","label":"bar"}}', $response->getContent()); } + + public function testGetShortObjectDescriptionActionSubclassQueryParameterTemporaryRemoved(): void + { + $request = new Request([ + '_sonata_admin' => 'sonata.post.admin', + 'objectId' => 42, + 'uniqid' => 'asdasd123', + 'subclass' => $subclass = uniqid('subclass'), + '_format' => 'json', + ]); + $object = new \stdClass(); + + $this->adminFetcher->method('get')->willReturn($this->admin); + + $this->admin->method('id')->with($object)->willReturn('42'); + $this->admin->method('getObject')->with(42)->willReturnCallback(static function () use ($object, $request) { + static::assertFalse($request->query->has('subclass'), 'subclass query parameter should be removed at this stage'); + + return $object; + }); + + $this->admin->method('toString')->with($object)->willReturn('bar'); + + ($this->action)($request); + + static::assertSame( + $subclass, + $request->query->get('subclass'), + 'subclass query parameter should be restored at this stage' + ); + } }