From d0a827a68430cf716f098b0238a150c2fd9e4c83 Mon Sep 17 00:00:00 2001
From: provokateurin <kate@provokateurin.de>
Date: Sat, 31 Aug 2024 17:00:19 +0200
Subject: fix(RichObjectStrings/Validator): Validate key value types of rich
 object parameters

Signed-off-by: provokateurin <kate@provokateurin.de>
---
 lib/private/RichObjectStrings/Validator.php   |  9 +++++++++
 tests/lib/RichObjectStrings/ValidatorTest.php | 23 +++++++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/lib/private/RichObjectStrings/Validator.php b/lib/private/RichObjectStrings/Validator.php
index 41c2456ba27..197f48ed48c 100644
--- a/lib/private/RichObjectStrings/Validator.php
+++ b/lib/private/RichObjectStrings/Validator.php
@@ -78,6 +78,15 @@ class Validator implements IValidator {
 		if (!empty($missingKeys)) {
 			throw new InvalidObjectExeption('Object is invalid, missing keys:'.json_encode($missingKeys));
 		}
+
+		foreach ($parameter as $key => $value) {
+			if (!is_string($key)) {
+				throw new InvalidObjectExeption('Object is invalid, key ' . $key . ' is not a string');
+			}
+			if (!is_string($value)) {
+				throw new InvalidObjectExeption('Object is invalid, value ' . $value . ' is not a string');
+			}
+		}
 	}
 
 	/**
diff --git a/tests/lib/RichObjectStrings/ValidatorTest.php b/tests/lib/RichObjectStrings/ValidatorTest.php
index 3604dcba4f7..91fe10916d2 100644
--- a/tests/lib/RichObjectStrings/ValidatorTest.php
+++ b/tests/lib/RichObjectStrings/ValidatorTest.php
@@ -8,6 +8,7 @@ namespace Test\RichObjectStrings;
 
 use OC\RichObjectStrings\Validator;
 use OCP\RichObjectStrings\Definitions;
+use OCP\RichObjectStrings\InvalidObjectExeption;
 use Test\TestCase;
 
 class ValidatorTest extends TestCase {
@@ -33,5 +34,27 @@ class ValidatorTest extends TestCase {
 			],
 		]);
 		$this->addToAssertionCount(2);
+
+		$this->expectException(InvalidObjectExeption::class);
+
+		$this->expectExceptionMessage('Object is invalid, value 123 is not a string');
+		$v->validate('test {string1} test.', [
+			'string1' => [
+				'type' => 'user',
+				'id' => 'johndoe',
+				'name' => 'John Doe',
+				'key' => 123,
+			],
+		]);
+
+		$this->expectExceptionMessage('Object is invalid, key 456 is not a string');
+		$v->validate('test {string1} test.', [
+			'string1' => [
+				'type' => 'user',
+				'id' => 'johndoe',
+				'name' => 'John Doe',
+				456 => 'value',
+			],
+		]);
 	}
 }
-- 
cgit v1.2.3