diff --git a/lib/Newsletter/ViewInBrowser.php b/lib/Newsletter/ViewInBrowser.php index e1f77eddc6..86377bb2fe 100644 --- a/lib/Newsletter/ViewInBrowser.php +++ b/lib/Newsletter/ViewInBrowser.php @@ -19,15 +19,16 @@ class ViewInBrowser { $this->emoji = $emoji; } - public function view($data) { + public function view(array $data) { $wpUserPreview = ( - ($data->subscriber && $data->subscriber->isWPUser() && $data->preview) || - ($data->preview && $data->newsletter_hash) // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps + ($data['subscriber'] && $data['subscriber']->isWPUser() && $data['preview']) + || + ($data['preview'] && $data['newsletter_hash']) ); return $this->renderNewsletter( - $data->newsletter, - $data->subscriber, - $data->queue, + $data['newsletter'], + $data['subscriber'], + $data['queue'], $wpUserPreview ); } diff --git a/lib/Router/Endpoints/ViewInBrowser.php b/lib/Router/Endpoints/ViewInBrowser.php index 10622f9fe4..9d450fe60f 100644 --- a/lib/Router/Endpoints/ViewInBrowser.php +++ b/lib/Router/Endpoints/ViewInBrowser.php @@ -45,70 +45,73 @@ class ViewInBrowser { return $this->_displayNewsletter($viewInBrowser->view($data)); } - public function _processBrowserPreviewData($data) { - $data = (object)NewsletterUrl::transformUrlDataObject($data); - return ($this->_validateBrowserPreviewData($data)) ? - $data : - $this->_abort(); + public function _processBrowserPreviewData(array $data) { + $data = NewsletterUrl::transformUrlDataObject($data); + return $this->_validateBrowserPreviewData($data) ?: $this->_abort(); } /** - * @param \stdClass $data - * @return bool|\stdClass + * @param array $data + * @return array|false */ - public function _validateBrowserPreviewData($data) { + public function _validateBrowserPreviewData(array $data) { // either newsletter ID or hash must be defined, and newsletter must exist - if (empty($data->newsletter_id) && empty($data->newsletter_hash)) return false; // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - $data->newsletter = (!empty($data->newsletter_hash)) ? // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - Newsletter::getByHash($data->newsletter_hash) : // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - Newsletter::findOne($data->newsletter_id); // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - if (!$data->newsletter) return false; + if (empty($data['newsletter_id']) && empty($data['newsletter_hash'])) { + return false; + } + + $data['newsletter'] = (!empty($data['newsletter_hash'])) + ? Newsletter::getByHash($data['newsletter_hash']) + : Newsletter::findOne($data['newsletter_id']); + if (!$data['newsletter']) { + return false; + } // subscriber is optional; if exists, token must validate - $data->subscriber = (!empty($data->subscriber_id)) ? // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - Subscriber::findOne($data->subscriber_id) : // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - false; - if ($data->subscriber) { - if (empty($data->subscriber_token) || // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - !$this->linkTokens->verifyToken($data->subscriber, $data->subscriber_token) // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - ) return false; - } else if (!$data->subscriber && !empty($data->preview)) { + $data['subscriber'] = !empty($data['subscriber_id']) ? Subscriber::findOne($data['subscriber_id']) : false; + if ($data['subscriber']) { + if (empty($data['subscriber_token']) || !$this->linkTokens->verifyToken($data['subscriber'], $data['subscriber_token'])) { + return false; + } + } else if (!$data['subscriber'] && !empty($data['preview'])) { // if this is a preview and subscriber does not exist, // attempt to set subscriber to the current logged-in WP user - $data->subscriber = Subscriber::getCurrentWPUser(); + $data['subscriber'] = Subscriber::getCurrentWPUser(); } // if newsletter hash is not provided but newsletter ID is defined then subscriber must exist - if (empty($data->newsletter_hash) && $data->newsletter_id && !$data->subscriber) return false; // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps + if (empty($data['newsletter_hash']) && $data['newsletter_id'] && !$data['subscriber']) { + return false; + } // queue is optional; try to find it if it's not defined and this is not a welcome email - if ($data->newsletter->type !== Newsletter::TYPE_WELCOME) { - $data->queue = (!empty($data->queue_id)) ? // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - SendingQueue::findOne($data->queue_id) : // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - SendingQueue::where('newsletter_id', $data->newsletter->id) - ->findOne(); + if ($data['newsletter']->type !== Newsletter::TYPE_WELCOME) { + $data['queue'] = (!empty($data['queue_id'])) + ? SendingQueue::findOne($data['queue_id']) + : SendingQueue::where('newsletter_id', $data['newsletter']->id)->findOne(); } else { - $data->queue = false; + $data['queue'] = false; } // reset queue when automatic email is being previewed - if ($data->newsletter->type === Newsletter::TYPE_AUTOMATIC && !empty($data->preview)) { - $data->queue = false; + if ($data['newsletter']->type === Newsletter::TYPE_AUTOMATIC && !empty($data['preview'])) { + $data['queue'] = false; } // allow users with permission to manage emails to preview any newsletter - if (!empty($data->preview) && $this->accessControl->validatePermission(AccessControl::PERMISSION_MANAGE_EMAILS) - ) return $data; + if (!empty($data['preview']) && $this->accessControl->validatePermission(AccessControl::PERMISSION_MANAGE_EMAILS)) { + return $data; + } // allow others to preview newsletters only when newsletter hash is defined - if (!empty($data->preview) && empty($data->newsletter_hash) // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps - ) return false; + if (!empty($data['preview']) && empty($data['newsletter_hash'])) { + return false; + } // if queue and subscriber exist, subscriber must have received the newsletter - if ($data->queue instanceof SendingQueue && - $data->subscriber && - !$data->queue->isSubscriberProcessed($data->subscriber->id) - ) return false; + if ($data['queue'] instanceof SendingQueue && $data['subscriber'] && !$data['queue']->isSubscriberProcessed($data['subscriber']->id)) { + return false; + } return $data; } diff --git a/tests/integration/Router/Endpoints/ViewInBrowserTest.php b/tests/integration/Router/Endpoints/ViewInBrowserTest.php index f5cb3994e4..0e449b73fa 100644 --- a/tests/integration/Router/Endpoints/ViewInBrowserTest.php +++ b/tests/integration/Router/Endpoints/ViewInBrowserTest.php @@ -92,7 +92,7 @@ class ViewInBrowserTest extends \MailPoetTest { $subscriber = $this->subscriber; $subscriber->email = 'random@email.com'; $subscriber->save(); - $data = (object)array_merge( + $data = array_merge( $this->browserPreviewData, [ 'queue' => $this->queue, @@ -105,7 +105,7 @@ class ViewInBrowserTest extends \MailPoetTest { } public function testItFailsValidationWhenNewsletterIdIsProvidedButSubscriberDoesNotExist() { - $data = (object)$this->browserPreviewData; + $data = $this->browserPreviewData; $data->subscriber_id = false; // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps expect($this->viewInBrowser->_validateBrowserPreviewData($data))->false(); } @@ -115,7 +115,7 @@ class ViewInBrowserTest extends \MailPoetTest { $newsletter2 = Newsletter::create(); $newsletter2->type = 'type'; $newsletter2 = $newsletter2->save(); - $data = (object)$this->browserPreviewData; + $data = $this->browserPreviewData; $data->newsletter_hash = $newsletter2->hash; // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps $result = $this->viewInBrowser->_validateBrowserPreviewData($data); expect($result->newsletter->id)->equals($newsletter2->id); @@ -125,14 +125,14 @@ class ViewInBrowserTest extends \MailPoetTest { } public function testItFailsValidationWhenPreviewIsEnabledButNewsletterHashNotProvided() { - $data = (object)$this->browserPreviewData; + $data = $this->browserPreviewData; $data->newsletter_hash = false; // phpcs:ignore Squiz.NamingConventions.ValidVariableName.NotCamelCaps $data->preview = true; expect($this->viewInBrowser->_validateBrowserPreviewData($data))->false(); } public function testItFailsValidationWhenSubscriberIsNotOnProcessedList() { - $data = (object)$this->browserPreviewData; + $data = $this->browserPreviewData; $result = $this->viewInBrowser->_validateBrowserPreviewData($data); expect($result)->notEmpty(); $queue = $this->queue; @@ -145,7 +145,7 @@ class ViewInBrowserTest extends \MailPoetTest { public function testItDoesNotRequireWpAdministratorToBeOnProcessedListWhenPreviewIsEnabled() { $viewInBrowser = $this->viewInBrowser; - $data = (object)array_merge( + $data = array_merge( $this->browserPreviewData, [ 'queue' => $this->queue, @@ -172,7 +172,7 @@ class ViewInBrowserTest extends \MailPoetTest { public function testItSetsSubscriberToLoggedInWPUserWhenPreviewIsEnabled() { $viewInBrowser = $this->viewInBrowser; - $data = (object)array_merge( + $data = array_merge( $this->browserPreviewData, [ 'queue' => $this->queue, @@ -188,7 +188,7 @@ class ViewInBrowserTest extends \MailPoetTest { } public function testItGetsOrFindsQueueWhenItIsNotAWelcomeEmail() { - $data = (object)$this->browserPreviewData; + $data = $this->browserPreviewData; // queue will be found when not defined $data->queueId = null; $result = $this->viewInBrowser->_validateBrowserPreviewData($data);