Merge pull request #2 from wubinworks/bugfix/geturl-incorrect-scope-and-dataobject-deserialization-infinite-loop

Fixed 2 critical bugs and extended compatibility to Magento 2.3
Fixed bugs:
 - getUrl method returns URL with incorrect scope
 - DataObject deserialization infinite loop

Author: wubinworks

Model/Escaper.php

@@ -81,7 +81,7 @@ public function __construct(
      * Escape array input
      *
      * @param array $input
-     * @param bool $strictMode For <= 2.4.3-p1. Needs to be the same with template filter
+     * @param bool $strictMode
      * @return array
      */
     public function escape(array $input, bool $strictMode = true): array

Model/Escaper/Debugger.php

@@ -15,6 +15,11 @@
  */
 class Debugger
 {
+    /**
+     * @var int
+     */
+    protected $maxDataObjectDebugDepth = 2;
+
     /**
      * Debug mixed input
      *
@@ -77,12 +82,38 @@ protected function debugObject($input)
      */
     protected function debugDataObject(DataObject $input): array
     {
-        $data = $this->debugArray($input->getData());
+        return $this->_debugDataObject($input);
+    }
+
+    /**
+     * Debug DataObject
+     *
+     * @param DataObject $dataObj
+     * @param int $currDepth
+     * @return array
+     */
+    protected function _debugDataObject(DataObject $dataObj, int $currDepth = 1): array
+    {
+        $data = $dataObj->getData();
+        $result = [];
+        foreach ($data as $key => $item) {
+            if ($item instanceof DataObject) {
+                if ($currDepth < $this->maxDataObjectDebugDepth) {
+                    $result[$key] = $this->_debugDataObject($item, $currDepth + 1);
+                } else {
+                    $result[$key] = get_class($item);
+                }
+            } else {
+                $result[$key] = $this->debug($item);
+            }
+        }
+
         $typeKey = '__TYPE__DataObject__';
-        if ($input instanceof AbstractEmailTemplate) {
+        if ($dataObj instanceof AbstractEmailTemplate) {
             $typeKey = '__TYPE__AbstractTemplate__';
         }
-        $data[$typeKey] = get_class($input);
-        return $data;
+        $data[$typeKey] = get_class($dataObj);
+
+        return $result;
     }
 }

Model/Escaper/Filter.php

@@ -10,6 +10,7 @@
 use Magento\Framework\DataObject;
 use Magento\Email\Model\AbstractTemplate as AbstractEmailTemplate;
 use Wubinworks\TemplateFilterPatch\Model\Utils\SafeStringReplace;
+use Wubinworks\TemplateFilterPatch\Model\Utils\DataObjectDeserializer;
 use Wubinworks\TemplateFilterPatch\Model\SafeDataObject;
 use Wubinworks\TemplateFilterPatch\Model\SafeDataObjectFactory;
 use Wubinworks\TemplateFilterPatch\Model\SafeEmailTemplate;
@@ -32,6 +33,11 @@ class Filter
      */
     protected $safeStringReplace;
 
+    /**
+     * @var DataObjectDeserializer
+     */
+    protected $dataObjectDeserializer;
+
     /**
      * @var bool
      */
@@ -51,17 +57,20 @@ class Filter
      * Constructor
      *
      * @param SafeStringReplace $safeStringReplace
+     * @param DataObjectDeserializer $dataObjectDeserializer
      * @param SafeDataObjectFactory $safeDataObjectFactory
      * @param SafeEmailTemplateFactory $safeEmailTemplateFactory
      * @param string[] $prohibitedTypes
      */
     public function __construct(
         SafeStringReplace $safeStringReplace,
+        DataObjectDeserializer $dataObjectDeserializer,
         SafeDataObjectFactory $safeDataObjectFactory,
         SafeEmailTemplateFactory $safeEmailTemplateFactory,
         array $prohibitedTypes = []
     ) {
         $this->safeStringReplace = $safeStringReplace;
+        $this->dataObjectDeserializer = $dataObjectDeserializer;
         $this->safeDataObjectFactory = $safeDataObjectFactory;
         $this->safeEmailTemplateFactory = $safeEmailTemplateFactory;
         $this->prohibitedTypes = $prohibitedTypes;
@@ -182,40 +191,36 @@ protected function processObject($input, string $search, string $replace)
      */
     protected function processDataObject(DataObject $input, string $search, string $replace): SafeDataObject
     {
-        $data = $this->processArray($input->getData(), $search, $replace);
+        $data = $this->dataObjectDeserializer->deserialize($input, 2);
+        $data = $this->processArray($data, $search, $replace);
         return $this->safeDataObjectFactory->create(['data' => $data]);
     }
 
     /**
-     * Create safe email template
+     * Create safe email template. A wrapper for calling `getUrl` method.
      *
-     * @param DataObject|array $input
+     * @param AbstractEmailTemplate $input
      *
      * @return SafeDataObject|AbstractEmailTemplate
      *
      * @throws \InvalidArgumentException
      */
-    protected function createSafeEmailTemplate($input): DataObject
+    protected function createSafeEmailTemplate(AbstractEmailTemplate $input): DataObject
     {
-        if ($input instanceof DataObject) {
-            $data = $input->getData();
-        } elseif (is_array($input)) {
-            $data = $input;
-        } else {
-            throw new \InvalidArgumentException('$input must be DataObject or array.');
-        }
-
-        $data = array_filter($data, function ($value) {
-            return is_scalar($value) || $value === null;
-        });
+        $data = $this->dataObjectDeserializer->deserialize($input, 1);
 
         if (class_exists(\Magento\Framework\Filter\VariableResolver\LegacyResolver::class)
             && !$this->isStrictMode()) {
-            // <= 2.4.3-p1
-            return $this->safeDataObjectFactory->create(['data' => $data]);
+            // LegacyResolver will be used. Need return DataObject instead of AbstractEmailTemplate
+            return $this->safeDataObjectFactory->create([
+                '_emailTemplate' => $input,
+                'data' => $data
+            ]);
         } else {
-            // Just for getUrl method
-            return $this->safeEmailTemplateFactory->create(['data' => $data]);
+            return $this->safeEmailTemplateFactory->create([
+                '_emailTemplate' => $input,
+                'data' => $data
+            ]);
         }
     }
 

Model/SafeDataObject.php

@@ -11,32 +11,44 @@
 use Magento\Framework\ObjectManager\NoninterceptableInterface;
 use Magento\Email\Model\AbstractTemplate as AbstractEmailTemplate;
 use Magento\Store\Model\Store;
-use Wubinworks\TemplateFilterPatch\Model\StoreUrl;
+use Magento\Store\Model\StoreManagerInterface;
+use Wubinworks\TemplateFilterPatch\Traits\GetUrlTrait;
 
 /**
  * Safe DataObject with getUrl method
  *
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+ * @SuppressWarnings(PHPMD.FinalImplementation)
  */
 // phpcs:ignore Magento2.PHP.FinalImplementation.FoundFinal
 final class SafeDataObject extends DataObject implements NoninterceptableInterface
 {
+    use GetUrlTrait;
+
+    /**
+     * @var StoreManagerInterface
+     */
+    protected $storeManager;
+
     /**
-     * @var StoreUrl
+     * @var AbstractEmailTemplate
      */
-    protected $storeUrlBuilder;
+    protected $_emailTemplate;
 
     /**
      * Constructor
      *
-     * @param StoreUrl $storeUrlBuilder
+     * @param StoreManagerInterface $storeManager
+     * @param ?AbstractEmailTemplate $_emailTemplate
      * @param array $data
      */
     public function __construct(
-        StoreUrl $storeUrlBuilder,
+        StoreManagerInterface $storeManager,
+        ?AbstractEmailTemplate $_emailTemplate = null,
         array $data = []
     ) {
-        $this->storeUrlBuilder= $storeUrlBuilder;
+        $this->storeManager = $storeManager;
+        $this->_emailTemplate= $_emailTemplate;
         $this->_data = $data;
     }
 
@@ -95,18 +107,4 @@ public function offsetUnset($offset)
     {
     }
     // phpcs:enable
-
-    /**
-     * Get URL by store
-     *
-     * @param Store|DataObject|int|string|null $store
-     * @param string $route
-     * @param array $params
-     *
-     * @return string|null
-     */
-    public function getUrl($store, $route = '', $params = []): ?string
-    {
-        return $this->storeUrlBuilder->getUrl($store, $route, $params);
-    }
 }

Model/SafeEmailTemplate.php

@@ -11,30 +11,43 @@
 use Magento\Framework\ObjectManager\NoninterceptableInterface;
 use Magento\Email\Model\AbstractTemplate as AbstractEmailTemplate;
 use Magento\Store\Model\Store;
-use Wubinworks\TemplateFilterPatch\Model\StoreUrl;
+use Magento\Store\Model\StoreManagerInterface;
+use Wubinworks\TemplateFilterPatch\Traits\GetUrlTrait;
 
 /**
  * Safe email template object
+ *
+ * @SuppressWarnings(PHPMD.FinalImplementation)
  */
 // phpcs:ignore Magento2.PHP.FinalImplementation.FoundFinal
 final class SafeEmailTemplate extends AbstractEmailTemplate implements NoninterceptableInterface
 {
+    use GetUrlTrait;
+
+    /**
+     * @var StoreManagerInterface
+     */
+    protected $storeManager;
+
     /**
-     * @var StoreUrl
+     * @var AbstractEmailTemplate
      */
-    protected $storeUrlBuilder;
+    protected $_emailTemplate;
 
     /**
      * Constructor
      *
-     * @param StoreUrl $storeUrlBuilder
+     * @param StoreManagerInterface $storeManager
+     * @param ?AbstractEmailTemplate $_emailTemplate
      * @param array $data
      */
     public function __construct(
-        StoreUrl $storeUrlBuilder,
+        StoreManagerInterface $storeManager,
+        ?AbstractEmailTemplate $_emailTemplate = null,
         array $data = []
     ) {
-        $this->storeUrlBuilder= $storeUrlBuilder;
+        $this->storeManager = $storeManager;
+        $this->_emailTemplate= $_emailTemplate;
         $this->_data = $data;
     }
 
@@ -47,18 +60,4 @@ public function getType()
     {
     }
     // phpcs:enable
-
-    /**
-     * Get URL by store
-     *
-     * @param Store|DataObject|int|string|null $store
-     * @param string $route
-     * @param array $params
-     *
-     * @return string|null
-     */
-    public function getUrl($store, $route = '', $params = []): ?string
-    {
-        return $this->storeUrlBuilder->getUrl($store, $route, $params);
-    }
 }