From 16cc4b173739d060baae3e3e9c720478096726a1 Mon Sep 17 00:00:00 2001
From: Matthew Hilton <matthewhilton@catalyst-au.net>
Date: Tue, 3 Sep 2024 09:36:45 +1000
Subject: [PATCH] tagging: check environment config length

---
 classes/local/tag/environment_source.php | 14 +++++++++++++-
 lang/en/tool_objectfs.php                |  1 +
 tests/local/tagging_test.php             | 15 +++++++++++++++
 3 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/classes/local/tag/environment_source.php b/classes/local/tag/environment_source.php
index 127b08fc..f26a87c1 100644
--- a/classes/local/tag/environment_source.php
+++ b/classes/local/tag/environment_source.php
@@ -16,6 +16,8 @@
 
 namespace tool_objectfs\local\tag;
 
+use moodle_exception;
+
 /**
  * Provides current environment to file.
  *
@@ -47,7 +49,17 @@ public static function get_description(): string {
      */
     private static function get_env(): ?string {
         global $CFG;
-        return !empty($CFG->objectfs_environment_name) ? $CFG->objectfs_environment_name : null;
+
+        if (empty($CFG->objectfs_environment_name)) {
+            return null;
+        }
+
+        // Must never be greater than 128, unlikely, but we must enforce this.
+        if (strlen($CFG->objectfs_environment_name) > 128) {
+            throw new moodle_exception('tagsource:environment:toolong', 'tool_objectfs');
+        }
+
+        return $CFG->objectfs_environment_name;
     }
 
     /**
diff --git a/lang/en/tool_objectfs.php b/lang/en/tool_objectfs.php
index 6f43efff..77cf96fd 100644
--- a/lang/en/tool_objectfs.php
+++ b/lang/en/tool_objectfs.php
@@ -298,6 +298,7 @@
 $string['check:tagging:error'] = 'Error trying to tag object';
 
 $string['tagsource:environment'] = 'Environment defined by $CFG->objectfs_environment_name, currently: "{$a}".';
+$string['tagsource:environment:toolong'] = 'The value defined in objectfs_environment_name is too long. It must be < 128 chars';
 $string['tagsource:location'] = 'Location of file, either "orphan" or "active".';
 
 $string['task:triggerupdateobjecttags'] = 'Queue adhoc task to update object tags';
diff --git a/tests/local/tagging_test.php b/tests/local/tagging_test.php
index 1b6a2d9a..c8ff3a54 100644
--- a/tests/local/tagging_test.php
+++ b/tests/local/tagging_test.php
@@ -17,8 +17,10 @@
 namespace tool_objectfs\local;
 
 use coding_exception;
+use moodle_exception;
 use Throwable;
 use tool_objectfs\local\manager;
+use tool_objectfs\local\tag\environment_source;
 use tool_objectfs\local\tag\tag_manager;
 use tool_objectfs\local\tag\tag_source;
 use tool_objectfs\tests\testcase;
@@ -412,4 +414,17 @@ public function test_get_sync_status_string_does_not_exist() {
         $this->expectExceptionMessage('No status string is mapped for status: 5');
         tag_manager::get_sync_status_string(5);
     }
+
+    /**
+     * Tests the length of the defined tag source is checked correctly
+     */
+    public function test_environment_source_too_long() {
+        global $CFG;
+        $CFG->objectfs_environment_name = 'This is a really long string. It needs to be long because it needs to be more than 128 chars for the test to trigger an exception.';
+        $source = new environment_source();
+
+        $this->expectException(moodle_exception::class);
+        $this->expectExceptionMessage(get_string('tagsource:environment:toolong', 'tool_objectfs'));
+        $source->get_value_for_contenthash('test');
+    }
 }