Create WikiProfile objects when a Wiki is made (#905)

tarrow · deer-wmde · commit 5a2c67e23188 · 2025-12-15T18:41:48.000+01:00
This creates a WikiProfile object if a profile is provided
at wiki creation time.

It also add some validation for the form of this profile
over the network.

It should be noted that the _other strings are stored
unsantised user input. We need to take this into account
if we do anything with them

Bug: T389063
diff --git a/app/Helper/ProfileValidator.php b/app/Helper/ProfileValidator.php
@@ -0,0 +1,21 @@
+<?php
+namespace App\Helper;
+
+use Illuminate\Support\Facades\Validator;
+use App\Http\Controllers\WikiController;
+
+class ProfileValidator 
+{
+    public function validate( $profile ): \Illuminate\Validation\Validator {
+
+        return Validator::make($profile, [
+            'purpose' => 'in:data_hub,data_lab,tool_lab,test_drive,decide_later,other',
+            'purpose_other' => 'string|required_if:purpose,other|missing_unless:purpose,other',
+            'audience' => 'in:narrow,wide,other',
+            'audience_other' => 'string|required_if:audience,other|missing_unless:audience,other',
+            'temporality' => 'in:permanent,temporary,decide_later,other',
+            'temporality_other' => 'string|required_if:temporality,other|missing_unless:temporality,other',
+        ]);
+    }
+
+}
diff --git a/app/Http/Controllers/WikiController.php b/app/Http/Controllers/WikiController.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers;
 
+use App\Helper\ProfileValidator;
 use App\Jobs\KubernetesIngressCreate;
 use App\Jobs\MediawikiInit;
 use App\Jobs\ProvisionQueryserviceNamespaceJob;
@@ -13,10 +14,12 @@
 use App\WikiDb;
 use App\WikiDomain;
 use App\WikiManager;
+use App\WikiProfile;
 use App\WikiSetting;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Validator;
 use Illuminate\Support\Str;
 use Illuminate\Support\Facades\Config;
 use App\Helper\DomainValidator;
@@ -25,9 +28,11 @@
 class WikiController extends Controller
 {
     private $domainValidator;
+    private $profileValidator;
 
-    public function __construct( DomainValidator $domainValidator )
+    public function __construct( DomainValidator $domainValidator, ProfileValidator $profileValidator )
     {
+        $this->profileValidator = $profileValidator;
         $this->domainValidator = $domainValidator;
     }
 
@@ -42,28 +47,35 @@ public function create(Request $request): \Illuminate\Http\Response
                 abort(503, 'Search enabled, but its configuration is invalid');
             }
         }
-
         $user = $request->user();
 
         $submittedDomain = strtolower($request->input('domain'));
         $submittedDomain = DomainHelper::encode($submittedDomain);
 
-        $validator = $this->domainValidator->validate( $submittedDomain );
+        $domainValidator = $this->domainValidator->validate( $submittedDomain );
         $isSubdomain = $this->isSubDomain($submittedDomain);
 
-        $validator->validateWithBag('post');
+        $domainValidator->validateWithBag('post');
 
         // TODO extra validation that username is correct?
         $request->validate([
             'sitename' => 'required|min:3',
             'username' => 'required',
+            'profile' => 'nullable|json',
         ]);
-
+        
+        $rawProfile = false;
+        if ($request->filled('profile') ) {
+            $rawProfile = json_decode($request->input('profile'), true);
+            $profileValidator = $this->profileValidator->validate($rawProfile);
+            $profileValidator->validateWithBag('post');
+        }
+        
         $wiki = null;
         $dbAssignment = null;
 
         // TODO create with some sort of owner etc?
-        DB::transaction(function () use ($user, $request, &$wiki, &$dbAssignment, $isSubdomain, $submittedDomain) {
+        DB::transaction(function () use ($user, $request, &$wiki, &$dbAssignment, $isSubdomain, $submittedDomain, $rawProfile) {
             $dbVersion = Config::get('wbstack.wiki_db_use_version');
             $wikiDbCondition = ['wiki_id'=>null, 'version'=>$dbVersion];
 
@@ -123,6 +135,12 @@ public function create(Request $request): \Illuminate\Http\Response
               'user_id' => $user->id,
               'wiki_id' => $wiki->id,
             ]);
+            
+            // Create WikiProfile
+            if ($rawProfile) {
+                WikiProfile::create([ 'wiki_id' => $wiki->id, ...$rawProfile ] );
+            }
+            
 
             // TODO maybe always make these run in a certain order..?
             dispatch(new MediawikiInit($wiki->domain, $request->input('username'), $user->email));
diff --git a/tests/Helper/ProfileValidatorTest.php b/tests/Helper/ProfileValidatorTest.php
@@ -0,0 +1,61 @@
+<?php
+namespace Tests\Jobs;
+
+use Tests\TestCase;
+use App\Helper\ProfileValidator;
+
+class ProfileValidatorTest extends TestCase {
+   
+    /**
+     * @dataProvider validProfileProvider
+     */
+    public function testProfileValidatorWorksWithValidProfile($profile): void {
+        $validatorFactory = new ProfileValidator();
+        $validator=$validatorFactory->validate($profile);
+        $this->assertTrue($validator->passes());
+    }
+
+    /**
+     * @dataProvider invalidProfileProvider
+     */
+    public function testProfileValidatorWorksWithInvalidProfile($profile): void {
+        $validatorFactory = new ProfileValidator();
+        $validator=$validatorFactory->validate($profile);
+        $this->assertFalse($validator->passes());
+    }
+
+    private function validProfileProvider() {
+        return [
+            [ 'boring profile with no other' => [
+                'purpose' => 'data_hub',
+                'audience' => 'narrow',
+                'temporality' => 'permanent',
+            ] ],
+            [ 'with other values' => [
+                'purpose' => 'other',
+                'purpose_other' => 'for fun',
+                'audience' => 'other',
+                'audience_other' => 'my cat',
+                'temporality' => 'other',
+                'temporality_other' => 'only in the past',
+            ] ],
+        ];
+    }
+
+
+    private function invalidProfileProvider() {
+        return [
+            [ 'missing other keys' => [
+                'purpose' => 'other',
+                'audience' => 'narrow',
+                'temporality' => 'permanent',
+            ] ],
+            [ 'other keys when there should not be' => [
+                'purpose' => 'data_hub',
+                'purpose_other' => 'asdfasdf',
+                'audience' => 'narrow',
+                'temporality' => 'permanent',
+            ] ],
+        ];
+    }
+}
diff --git a/tests/Routes/Wiki/CreateTest.php b/tests/Routes/Wiki/CreateTest.php
@@ -2,6 +2,7 @@
 
 namespace Tests\Routes\Wiki\Managers;
 
+use App\WikiProfile;
 use Tests\Routes\Traits\OptionsRequestAllowed;
 use Tests\TestCase;
 use Illuminate\Foundation\Testing\DatabaseTransactions;
@@ -264,13 +265,51 @@ static public function createWikiHandlesRangeOfPostValuesProvider(): array {
         unset($noUsername['username']);
         $noprofile = self::defaultData;
         unset($noprofile['profile']);
+        $profileWithOther = self::defaultData;
+        $profileWithOther['profile'] = '{
+                        "audience": "other",
+                        "audience_other": "just my cat",
+                        "temporality": "permanent",
+                        "purpose": "data_hub"
+                      }';
+        $profileWithOtherStringMissing = self::defaultData;
+        $profileWithOtherStringMissing['profile'] = '{
+            "audience": "other",
+            "temporality": "permanent",
+            "purpose": "data_hub"
+          }';
+        $profileWithExtraneousOther =  self::defaultData;
+        $profileWithExtraneousOther['profile'] = '{
+                        "audience_other": "just my cat",
+                        "temporality": "permanent",
+                        "purpose": "data_hub"
+                      }';
         return [
             'all params present' => [self::defaultData , 200],
             'missing domain' => [$noDomain, 422],
             'missing sitename' => [$noSitename, 422],
             'missing username' => [$noUsername, 422],
-            'missing profile' => [$noprofile, 200]
+            'missing profile' => [$noprofile, 200],
+            'profile with other' => [$profileWithOther, 200],
+            'profile with other string missing' => [$profileWithOtherStringMissing, 422],
+            'profile with extraneous other' => [$profileWithExtraneousOther, 422]
         ];
     }
 
+    public function testCreateWithProfileCreatesProfiles(): void {
+        $this->createSQLandQSDBs();
+        Queue::fake();
+        $user = User::factory()->create(['verified' => true]);
+        $response = $this->actingAs($user, 'api')
+        ->json(
+            'POST',
+            $this->route,
+            self::defaultData
+        );
+        $id = $response->decodeResponseJson()['data']['id'];
+        $this->assertEquals( 1,
+            WikiProfile::where( [ 'wiki_id' => $id ] )->count()
+        );
+    }
+
 }
