diff options
| author | blizzz <blizzz@arthur-schiwon.de> | 2021-01-14 11:36:42 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-14 11:36:42 +0100 |
| commit | f9ab7575e70aeb5a08cba8fca9661dd6e4704cc9 (patch) | |
| tree | 7c6cd135c3b6801108a3f518f085cb4ca4f4ef4b /tests | |
| parent | 121e2d832b198b01bf25d5f9c3a1b9acdf5cb1a8 (diff) | |
| parent | 21ca5d4514eed69e40c26ddba0e3671923594e4e (diff) | |
| download | nextcloud-server-f9ab7575e70aeb5a08cba8fca9661dd6e4704cc9.tar.gz nextcloud-server-f9ab7575e70aeb5a08cba8fca9661dd6e4704cc9.zip | |
Merge pull request #25036 from nextcloud/fix/noid/limitied-allowed-items-db-in_2
respect DB restrictions on number of arguments in statements and queries
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/lib/DB/QueryBuilder/QueryBuilderTest.php | 88 |
1 files changed, 82 insertions, 6 deletions
diff --git a/tests/lib/DB/QueryBuilder/QueryBuilderTest.php b/tests/lib/DB/QueryBuilder/QueryBuilderTest.php index fe87a201d57..aef1acc40c1 100644 --- a/tests/lib/DB/QueryBuilder/QueryBuilderTest.php +++ b/tests/lib/DB/QueryBuilder/QueryBuilderTest.php @@ -22,6 +22,8 @@ namespace Test\DB\QueryBuilder; use Doctrine\DBAL\Query\Expression\CompositeExpression; +use Doctrine\DBAL\Query\QueryException; +use Doctrine\DBAL\Result; use OC\DB\QueryBuilder\Literal; use OC\DB\QueryBuilder\Parameter; use OC\DB\QueryBuilder\QueryBuilder; @@ -1261,6 +1263,10 @@ class QueryBuilderTest extends \Test\TestCase { ->expects($this->once()) ->method('execute') ->willReturn(3); + $queryBuilder + ->expects($this->any()) + ->method('getParameters') + ->willReturn([]); $this->logger ->expects($this->never()) ->method('debug'); @@ -1277,14 +1283,14 @@ class QueryBuilderTest extends \Test\TestCase { public function testExecuteWithLoggerAndNamedArray() { $queryBuilder = $this->createMock(\Doctrine\DBAL\Query\QueryBuilder::class); $queryBuilder - ->expects($this->at(0)) + ->expects($this->any()) ->method('getParameters') ->willReturn([ 'foo' => 'bar', 'key' => 'value', ]); $queryBuilder - ->expects($this->at(1)) + ->expects($this->any()) ->method('getSQL') ->willReturn('SELECT * FROM FOO WHERE BAR = ?'); $queryBuilder @@ -1315,11 +1321,11 @@ class QueryBuilderTest extends \Test\TestCase { public function testExecuteWithLoggerAndUnnamedArray() { $queryBuilder = $this->createMock(\Doctrine\DBAL\Query\QueryBuilder::class); $queryBuilder - ->expects($this->at(0)) + ->expects($this->any()) ->method('getParameters') ->willReturn(['Bar']); $queryBuilder - ->expects($this->at(1)) + ->expects($this->any()) ->method('getSQL') ->willReturn('SELECT * FROM FOO WHERE BAR = ?'); $queryBuilder @@ -1350,11 +1356,11 @@ class QueryBuilderTest extends \Test\TestCase { public function testExecuteWithLoggerAndNoParams() { $queryBuilder = $this->createMock(\Doctrine\DBAL\Query\QueryBuilder::class); $queryBuilder - ->expects($this->at(0)) + ->expects($this->any()) ->method('getParameters') ->willReturn([]); $queryBuilder - ->expects($this->at(1)) + ->expects($this->any()) ->method('getSQL') ->willReturn('SELECT * FROM FOO WHERE BAR = ?'); $queryBuilder @@ -1380,4 +1386,74 @@ class QueryBuilderTest extends \Test\TestCase { $this->invokePrivate($this->queryBuilder, 'queryBuilder', [$queryBuilder]); $this->assertEquals(3, $this->queryBuilder->execute()); } + + public function testExecuteWithParameterTooLarge() { + $queryBuilder = $this->createMock(\Doctrine\DBAL\Query\QueryBuilder::class); + $p = array_fill(0, 1001, 'foo'); + $queryBuilder + ->expects($this->any()) + ->method('getParameters') + ->willReturn([$p]); + $queryBuilder + ->expects($this->any()) + ->method('getSQL') + ->willReturn('SELECT * FROM FOO WHERE BAR IN (?)'); + $queryBuilder + ->expects($this->once()) + ->method('execute') + ->willReturn($this->createMock(Result::class)); + $this->logger + ->expects($this->once()) + ->method('logException') + ->willReturnCallback(function ($e, $parameters) { + $this->assertInstanceOf(QueryException::class, $e); + $this->assertSame( + 'More than 1000 expressions in a list are not allowed on Oracle.', + $parameters['message'] + ); + }); + $this->config + ->expects($this->once()) + ->method('getValue') + ->with('log_query', false) + ->willReturn(false); + + $this->invokePrivate($this->queryBuilder, 'queryBuilder', [$queryBuilder]); + $this->queryBuilder->execute(); + } + + public function testExecuteWithParametersTooMany() { + $queryBuilder = $this->createMock(\Doctrine\DBAL\Query\QueryBuilder::class); + $p = array_fill(0, 999, 'foo'); + $queryBuilder + ->expects($this->any()) + ->method('getParameters') + ->willReturn(array_fill(0, 66, $p)); + $queryBuilder + ->expects($this->any()) + ->method('getSQL') + ->willReturn('SELECT * FROM FOO WHERE BAR IN (?) OR BAR IN (?)'); + $queryBuilder + ->expects($this->once()) + ->method('execute') + ->willReturn($this->createMock(Result::class)); + $this->logger + ->expects($this->once()) + ->method('logException') + ->willReturnCallback(function ($e, $parameters) { + $this->assertInstanceOf(QueryException::class, $e); + $this->assertSame( + 'The number of parameters must not exceed 65535. Restriction by PostgreSQL.', + $parameters['message'] + ); + }); + $this->config + ->expects($this->once()) + ->method('getValue') + ->with('log_query', false) + ->willReturn(false); + + $this->invokePrivate($this->queryBuilder, 'queryBuilder', [$queryBuilder]); + $this->queryBuilder->execute(); + } } |