diff --git a/src/Symfony/Bridge/Twig/CHANGELOG.md b/src/Symfony/Bridge/Twig/CHANGELOG.md index 9695fe09f0549..d9fe3b55f2a47 100644 --- a/src/Symfony/Bridge/Twig/CHANGELOG.md +++ b/src/Symfony/Bridge/Twig/CHANGELOG.md @@ -6,6 +6,7 @@ CHANGELOG * Add `is_granted_for_user()` Twig function * Add `field_id()` Twig form helper function + * Add a `Twig` constraint that validates Twig templates 7.2 --- diff --git a/src/Symfony/Bridge/Twig/Tests/Validator/Constraints/TwigTest.php b/src/Symfony/Bridge/Twig/Tests/Validator/Constraints/TwigTest.php new file mode 100644 index 0000000000000..cac1b316cbeda --- /dev/null +++ b/src/Symfony/Bridge/Twig/Tests/Validator/Constraints/TwigTest.php @@ -0,0 +1,56 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Bridge\Twig\Tests\Validator\Constraints; + +use PHPUnit\Framework\TestCase; +use Symfony\Bridge\Twig\Validator\Constraints\Twig; +use Symfony\Component\Validator\Mapping\ClassMetadata; +use Symfony\Component\Validator\Mapping\Loader\AttributeLoader; + +/** + * @author Mokhtar Tlili + */ +class TwigTest extends TestCase +{ + public function testAttributes() + { + $metadata = new ClassMetadata(TwigDummy::class); + $loader = new AttributeLoader(); + self::assertTrue($loader->loadClassMetadata($metadata)); + + [$bConstraint] = $metadata->properties['b']->getConstraints(); + self::assertSame('myMessage', $bConstraint->message); + self::assertSame(['Default', 'TwigDummy'], $bConstraint->groups); + + [$cConstraint] = $metadata->properties['c']->getConstraints(); + self::assertSame(['my_group'], $cConstraint->groups); + self::assertSame('some attached data', $cConstraint->payload); + + [$dConstraint] = $metadata->properties['d']->getConstraints(); + self::assertFalse($dConstraint->skipDeprecations); + } +} + +class TwigDummy +{ + #[Twig] + private $a; + + #[Twig(message: 'myMessage')] + private $b; + + #[Twig(groups: ['my_group'], payload: 'some attached data')] + private $c; + + #[Twig(skipDeprecations: false)] + private $d; +} diff --git a/src/Symfony/Bridge/Twig/Tests/Validator/Constraints/TwigValidatorTest.php b/src/Symfony/Bridge/Twig/Tests/Validator/Constraints/TwigValidatorTest.php new file mode 100644 index 0000000000000..f5c4253eb18e0 --- /dev/null +++ b/src/Symfony/Bridge/Twig/Tests/Validator/Constraints/TwigValidatorTest.php @@ -0,0 +1,126 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Bridge\Twig\Tests\Validator\Constraints; + +use Symfony\Bridge\Twig\Validator\Constraints\Twig; +use Symfony\Bridge\Twig\Validator\Constraints\TwigValidator; +use Symfony\Component\Validator\Test\ConstraintValidatorTestCase; +use Twig\DeprecatedCallableInfo; +use Twig\Environment; +use Twig\Loader\ArrayLoader; +use Twig\TwigFilter; + +/** + * @author Mokhtar Tlili + */ +class TwigValidatorTest extends ConstraintValidatorTestCase +{ + protected function createValidator(): TwigValidator + { + $environment = new Environment(new ArrayLoader()); + $environment->addFilter(new TwigFilter('humanize_filter', fn ($v) => $v)); + if (class_exists(DeprecatedCallableInfo::class)) { + $options = ['deprecation_info' => new DeprecatedCallableInfo('foo/bar', '1.1')]; + } else { + $options = ['deprecated' => true]; + } + + $environment->addFilter(new TwigFilter('deprecated_filter', fn ($v) => $v, $options)); + + return new TwigValidator($environment); + } + + /** + * @dataProvider getValidValues + */ + public function testTwigIsValid($value) + { + $this->validator->validate($value, new Twig()); + + $this->assertNoViolation(); + } + + /** + * @dataProvider getInvalidValues + */ + public function testInvalidValues($value, $message, $line) + { + $constraint = new Twig('myMessageTest'); + + $this->validator->validate($value, $constraint); + + $this->buildViolation('myMessageTest') + ->setParameter('{{ error }}', $message) + ->setParameter('{{ line }}', $line) + ->setCode(Twig::INVALID_TWIG_ERROR) + ->assertRaised(); + } + + /** + * When deprecations are skipped by the validator, the testsuite reporter will catch them so we need to mark the test as legacy. + * + * @group legacy + */ + public function testTwigWithSkipDeprecation() + { + $constraint = new Twig(skipDeprecations: true); + + $this->validator->validate('{{ name|deprecated_filter }}', $constraint); + + $this->assertNoViolation(); + } + + public function testTwigWithoutSkipDeprecation() + { + $constraint = new Twig(skipDeprecations: false); + + $this->validator->validate('{{ name|deprecated_filter }}', $constraint); + + $line = 1; + $error = 'Twig Filter "deprecated_filter" is deprecated in at line 1 at line 1.'; + if (class_exists(DeprecatedCallableInfo::class)) { + $line = 0; + $error = 'Since foo/bar 1.1: Twig Filter "deprecated_filter" is deprecated.'; + } + $this->buildViolation($constraint->message) + ->setParameter('{{ error }}', $error) + ->setParameter('{{ line }}', $line) + ->setCode(Twig::INVALID_TWIG_ERROR) + ->assertRaised(); + } + + public static function getValidValues() + { + return [ + ['Hello {{ name }}'], + ['{% if condition %}Yes{% else %}No{% endif %}'], + ['{# Comment #}'], + ['Hello {{ "world"|upper }}'], + ['{% for i in 1..3 %}Item {{ i }}{% endfor %}'], + ['{{ name|humanize_filter }}'], + ]; + } + + public static function getInvalidValues() + { + return [ + // Invalid syntax example (missing end tag) + ['{% if condition %}Oops', 'Unexpected end of template at line 1.', 1], + // Another syntax error example (unclosed variable) + ['Hello {{ name', 'Unexpected token "end of template" ("end of print statement" expected) at line 1.', 1], + // Unknown filter error + ['Hello {{ name|unknown_filter }}', 'Unknown "unknown_filter" filter at line 1.', 1], + // Invalid variable syntax + ['Hello {{ .name }}', 'Unexpected token "punctuation" of value "." at line 1.', 1], + ]; + } +} diff --git a/src/Symfony/Bridge/Twig/Validator/Constraints/Twig.php b/src/Symfony/Bridge/Twig/Validator/Constraints/Twig.php new file mode 100644 index 0000000000000..7cf050e87a32e --- /dev/null +++ b/src/Symfony/Bridge/Twig/Validator/Constraints/Twig.php @@ -0,0 +1,38 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Bridge\Twig\Validator\Constraints; + +use Symfony\Component\Validator\Attribute\HasNamedArguments; +use Symfony\Component\Validator\Constraint; + +/** + * @author Mokhtar Tlili + */ +#[\Attribute(\Attribute::TARGET_PROPERTY | \Attribute::TARGET_METHOD | \Attribute::IS_REPEATABLE)] +class Twig extends Constraint +{ + public const INVALID_TWIG_ERROR = 'e7fc55d5-e586-4cc1-924e-d27ee7fcd1b5'; + + protected const ERROR_NAMES = [ + self::INVALID_TWIG_ERROR => 'INVALID_TWIG_ERROR', + ]; + + #[HasNamedArguments] + public function __construct( + public string $message = 'This value is not a valid Twig template.', + public bool $skipDeprecations = true, + ?array $groups = null, + mixed $payload = null, + ) { + parent::__construct(null, $groups, $payload); + } +} diff --git a/src/Symfony/Bridge/Twig/Validator/Constraints/TwigValidator.php b/src/Symfony/Bridge/Twig/Validator/Constraints/TwigValidator.php new file mode 100644 index 0000000000000..de92a36272963 --- /dev/null +++ b/src/Symfony/Bridge/Twig/Validator/Constraints/TwigValidator.php @@ -0,0 +1,81 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Bridge\Twig\Validator\Constraints; + +use Symfony\Component\Validator\Constraint; +use Symfony\Component\Validator\ConstraintValidator; +use Symfony\Component\Validator\Exception\UnexpectedTypeException; +use Symfony\Component\Validator\Exception\UnexpectedValueException; +use Twig\Environment; +use Twig\Error\Error; +use Twig\Loader\ArrayLoader; +use Twig\Source; + +/** + * @author Mokhtar Tlili + */ +class TwigValidator extends ConstraintValidator +{ + public function __construct(private Environment $twig) + { + } + + public function validate(mixed $value, Constraint $constraint): void + { + if (!$constraint instanceof Twig) { + throw new UnexpectedTypeException($constraint, Twig::class); + } + + if (null === $value || '' === $value) { + return; + } + + if (!\is_scalar($value) && !$value instanceof \Stringable) { + throw new UnexpectedValueException($value, 'string'); + } + + $value = (string) $value; + + if (!$constraint->skipDeprecations) { + $prevErrorHandler = set_error_handler(static function ($level, $message, $file, $line) use (&$prevErrorHandler) { + if (\E_USER_DEPRECATED !== $level) { + return $prevErrorHandler ? $prevErrorHandler($level, $message, $file, $line) : false; + } + + $templateLine = 0; + if (preg_match('/ at line (\d+)[ .]/', $message, $matches)) { + $templateLine = $matches[1]; + } + + throw new Error($message, $templateLine); + }); + } + + $realLoader = $this->twig->getLoader(); + try { + $temporaryLoader = new ArrayLoader([$value]); + $this->twig->setLoader($temporaryLoader); + $this->twig->parse($this->twig->tokenize(new Source($value, ''))); + } catch (Error $e) { + $this->context->buildViolation($constraint->message) + ->setParameter('{{ error }}', $e->getMessage()) + ->setParameter('{{ line }}', $e->getTemplateLine()) + ->setCode(Twig::INVALID_TWIG_ERROR) + ->addViolation(); + } finally { + $this->twig->setLoader($realLoader); + if (!$constraint->skipDeprecations) { + restore_error_handler(); + } + } + } +} diff --git a/src/Symfony/Bridge/Twig/composer.json b/src/Symfony/Bridge/Twig/composer.json index 19ab66ae27f16..f6b5b402eb406 100644 --- a/src/Symfony/Bridge/Twig/composer.json +++ b/src/Symfony/Bridge/Twig/composer.json @@ -40,6 +40,7 @@ "symfony/property-info": "^6.4|^7.0", "symfony/routing": "^6.4|^7.0", "symfony/translation": "^6.4|^7.0", + "symfony/validator": "^6.4|^7.0", "symfony/yaml": "^6.4|^7.0", "symfony/security-acl": "^2.8|^3.0", "symfony/security-core": "^6.4|^7.0", diff --git a/src/Symfony/Bundle/TwigBundle/CHANGELOG.md b/src/Symfony/Bundle/TwigBundle/CHANGELOG.md index c95e9f04a0a0d..32a1c9aef64e5 100644 --- a/src/Symfony/Bundle/TwigBundle/CHANGELOG.md +++ b/src/Symfony/Bundle/TwigBundle/CHANGELOG.md @@ -6,6 +6,7 @@ CHANGELOG * Enable `#[AsTwigFilter]`, `#[AsTwigFunction]` and `#[AsTwigTest]` attributes to configure extensions on runtime classes + * Add support for a `twig` validator 7.1 --- diff --git a/src/Symfony/Bundle/TwigBundle/DependencyInjection/TwigExtension.php b/src/Symfony/Bundle/TwigBundle/DependencyInjection/TwigExtension.php index b676e10a81ad1..db508873387b2 100644 --- a/src/Symfony/Bundle/TwigBundle/DependencyInjection/TwigExtension.php +++ b/src/Symfony/Bundle/TwigBundle/DependencyInjection/TwigExtension.php @@ -25,6 +25,7 @@ use Symfony\Component\Mailer\Mailer; use Symfony\Component\Translation\LocaleSwitcher; use Symfony\Component\Translation\Translator; +use Symfony\Component\Validator\Constraint; use Symfony\Contracts\Service\ResetInterface; use Twig\Attribute\AsTwigFilter; use Twig\Attribute\AsTwigFunction; @@ -69,6 +70,10 @@ public function load(array $configs, ContainerBuilder $container): void $container->removeDefinition('twig.translation.extractor'); } + if ($container::willBeAvailable('symfony/validator', Constraint::class, ['symfony/twig-bundle'])) { + $loader->load('validator.php'); + } + foreach ($configs as $key => $config) { if (isset($config['globals'])) { foreach ($config['globals'] as $name => $value) { diff --git a/src/Symfony/Bundle/TwigBundle/Resources/config/validator.php b/src/Symfony/Bundle/TwigBundle/Resources/config/validator.php new file mode 100644 index 0000000000000..1c0e8dd474ee6 --- /dev/null +++ b/src/Symfony/Bundle/TwigBundle/Resources/config/validator.php @@ -0,0 +1,22 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\DependencyInjection\Loader\Configurator; + +use Symfony\Bridge\Twig\Validator\Constraints\TwigValidator; + +return static function (ContainerConfigurator $container) { + $container->services() + ->set('twig.validator', TwigValidator::class) + ->args([service('twig')]) + ->tag('validator.constraint_validator') + ; +};