diff --git a/extensions/suspend/src/Listener/SaveSuspensionToDatabase.php b/extensions/suspend/src/Listener/SaveSuspensionToDatabase.php index cb5e04c3d..88e1f12e5 100755 --- a/extensions/suspend/src/Listener/SaveSuspensionToDatabase.php +++ b/extensions/suspend/src/Listener/SaveSuspensionToDatabase.php @@ -13,12 +13,28 @@ namespace Flarum\Suspend\Listener; use Carbon\Carbon; use Flarum\Core\Access\AssertPermissionTrait; use Flarum\Event\UserWillBeSaved; +use Flarum\Suspend\SuspendValidator; use Illuminate\Contracts\Events\Dispatcher; class SaveSuspensionToDatabase { use AssertPermissionTrait; + /** + * Validator for limited suspension. + * + * @var SuspendValidator + */ + protected $validator; + + /** + * @param SuspendValidator $validator + */ + public function __construct(SuspendValidator $validator) + { + $this->validator = $validator; + } + /** * @param Dispatcher $events */ @@ -35,6 +51,8 @@ class SaveSuspensionToDatabase $attributes = array_get($event->data, 'attributes', []); if (array_key_exists('suspendUntil', $attributes)) { + $this->validator->assertValid($attributes); + $suspendUntil = $attributes['suspendUntil']; $user = $event->user; $actor = $event->actor; diff --git a/extensions/suspend/src/SuspendValidator.php b/extensions/suspend/src/SuspendValidator.php new file mode 100644 index 000000000..7ec3a4e40 --- /dev/null +++ b/extensions/suspend/src/SuspendValidator.php @@ -0,0 +1,23 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Flarum\Suspend; + +use Flarum\Core\Validator\AbstractValidator; + +class SuspendValidator extends AbstractValidator +{ + /** + * {@inheritdoc} + */ + protected $rules = [ + 'suspendUntil' => ['min:1', 'integer'], + ]; +}