Merge pull request #40 from launchdarkly/eb/ch35189-35206/stringify-attrs

coerce user attributes to strings when necessary, don't send events without valid users

Author: eli-darkly

src/LaunchDarkly/EventSerializer.php

@@ -37,7 +37,7 @@ private function filterEvent($e)
         return $ret;
     }
 
-    private function filterAttrs($attrs, &$json, $userPrivateAttrs, &$allPrivateAttrs)
+    private function filterAttrs($attrs, &$json, $userPrivateAttrs, &$allPrivateAttrs, $stringify)
     {
         foreach ($attrs as $key => $value) {
             if ($value != null) {
@@ -46,15 +46,15 @@ private function filterAttrs($attrs, &$json, $userPrivateAttrs, &$allPrivateAttr
                     array_search($key, $this->_privateAttrNames) !== false) {
                     $allPrivateAttrs[$key] = true;
                 } else {
-                    $json[$key] = $value;
+                    $json[$key] = $stringify ? strval($value) : $value;
                 }
             }
         }
     }
 
     private function serializeUser($user)
     {
-        $json = array("key" => $user->getKey());
+        $json = array("key" => strval($user->getKey()));
         $userPrivateAttrs = $user->getPrivateAttributeNames();
         $allPrivateAttrs = array();
 
@@ -66,13 +66,15 @@ private function serializeUser($user)
             'name' => $user->getName(),
             'avatar' => $user->getAvatar(),
             'firstName' => $user->getFirstName(),
-            'lastName' => $user->getLastName(),
-            'anonymous' => $user->getAnonymous()
+            'lastName' => $user->getLastName()
         );
-        $this->filterAttrs($attrs, $json, $userPrivateAttrs, $allPrivateAttrs);
+        $this->filterAttrs($attrs, $json, $userPrivateAttrs, $allPrivateAttrs, true);
+        if ($user->getAnonymous()) {
+            $json['anonymous'] = true;
+        }
         if (!empty($user->getCustom())) {
             $customs = array();
-            $this->filterAttrs($user->getCustom(), $customs, $userPrivateAttrs, $allPrivateAttrs);
+            $this->filterAttrs($user->getCustom(), $customs, $userPrivateAttrs, $allPrivateAttrs, false);
             if ($customs) { // if this is empty, we will return a json array for 'custom' instead of an object
                 $json['custom'] = $customs;
             }

src/LaunchDarkly/LDClient.php

@@ -270,6 +270,7 @@ public function track($eventName, $user, $data)
         }
         if (is_null($user) || $user->isKeyBlank()) {
             $this->_logger->warning("Track called with null user or null/empty user key!");
+            return;
         }
 
         $event = array();
@@ -293,13 +294,14 @@ public function identify($user)
         }
         if (is_null($user) || $user->isKeyBlank()) {
             $this->_logger->warning("Track called with null user or null/empty user key!");
+            return;
         }
 
         $event = array();
         $event['user'] = $user;
         $event['kind'] = "identify";
         $event['creationDate'] = Util::currentTimeUnixMillis();
-        $event['key'] = $user->getKey();
+        $event['key'] = strval($user->getKey());
         $this->_eventProcessor->enqueue($event);
     }
 

src/LaunchDarkly/VariationOrRollout.php

@@ -84,7 +84,7 @@ public static function bucketUser($user, $_key, $attr, $_salt)
             if (is_string($userValue)) {
                 $idHash = $userValue;
                 if ($user->getSecondary() !== null) {
-                    $idHash = $idHash . "." . $user->getSecondary();
+                    $idHash = $idHash . "." . strval($user->getSecondary());
                 }
                 $hash = substr(sha1($_key . "." . $_salt . "." . $idHash), 0, 15);
                 $longVal = base_convert($hash, 16, 10);

tests/EventSerializerTest.php

@@ -126,7 +126,7 @@ public function testUserKey()
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("foo@bar.com", $json['key']);
+        $this->assertSame("foo@bar.com", $json['key']);
     }
 
     public function testEmptyCustom()
@@ -150,70 +150,106 @@ public function testUserSecondary()
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->secondary("secondary")->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("secondary", $json['secondary']);
+        $this->assertSame("secondary", $json['secondary']);
     }
 
     public function testUserIP()
     {
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->ip("127.0.0.1")->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("127.0.0.1", $json['ip']);
+        $this->assertSame("127.0.0.1", $json['ip']);
     }
 
     public function testUserCountry()
     {
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->country("US")->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("US", $json['country']);
+        $this->assertSame("US", $json['country']);
     }
 
     public function testUserEmail()
     {
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->email("foo+test@bar.com")->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("foo+test@bar.com", $json['email']);
+        $this->assertSame("foo+test@bar.com", $json['email']);
     }
 
     public function testUserName()
     {
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->name("Foo Bar")->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("Foo Bar", $json['name']);
+        $this->assertSame("Foo Bar", $json['name']);
     }
 
     public function testUserAvatar()
     {
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->avatar("http://www.gravatar.com/avatar/1")->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("http://www.gravatar.com/avatar/1", $json['avatar']);
+        $this->assertSame("http://www.gravatar.com/avatar/1", $json['avatar']);
     }
 
     public function testUserFirstName()
     {
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->firstName("Foo")->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("Foo", $json['firstName']);
+        $this->assertSame("Foo", $json['firstName']);
     }
 
     public function testUserLastName()
     {
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->lastName("Bar")->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals("Bar", $json['lastName']);
+        $this->assertSame("Bar", $json['lastName']);
     }
 
     public function testUserAnonymous()
     {
         $builder = new LDUserBuilder("foo@bar.com");
         $user = $builder->anonymous(true)->build();
         $json = $this->getJsonForUserBySerializingEvent($user);
-        $this->assertEquals(true, $json['anonymous']);
+        $this->assertSame(true, $json['anonymous']);
+    }
+
+    public function testUserNotAnonymous()
+    {
+        $builder = new LDUserBuilder("foo@bar.com");
+        $user = $builder->anonymous(false)->build();
+        $json = $this->getJsonForUserBySerializingEvent($user);
+        $this->assertFalse(isset($json['anonymous'])); // omitted rather than set to false, for efficiency
+    }
+
+    public function testNonStringAttributes()
+    {
+        $builder = new LDUserBuilder(1);
+        $user = $builder->secondary(2)
+            ->ip(3)
+            ->country(4)
+            ->email(5)
+            ->name(6)
+            ->avatar(7)
+            ->firstName(8)
+            ->lastName(9)
+            ->anonymous(true)
+            ->customAttribute('foo', 10)
+            ->build();
+        $json = $this->getJsonForUserBySerializingEvent($user);
+        $this->assertSame('1', $json['key']);
+        $this->assertSame('2', $json['secondary']);
+        $this->assertSame('3', $json['ip']);
+        $this->assertSame('4', $json['country']);
+        $this->assertSame('5', $json['email']);
+        $this->assertSame('6', $json['name']);
+        $this->assertSame('7', $json['avatar']);
+        $this->assertSame('8', $json['firstName']);
+        $this->assertSame('9', $json['lastName']);
+        $this->assertSame(true, $json['anonymous']); // We do NOT want "anonymous" to be stringified
+        $this->assertSame(10, $json['custom']['foo']); // We do NOT want custom attribute values to be stringified
     }
 }

tests/FeatureFlagTest.php

@@ -615,6 +615,37 @@ public function testFlagReturnsErrorIfRuleHasRolloutWithNoVariations()
         self::assertEquals(array(), $result->getPrerequisiteEvents());
     }
 
+    public function testSecondaryKeyIsCoercedToStringForRolloutCalculation()
+    {
+        // We can't really verify that the rollout calculation works correctly, but we can at least
+        // make sure it doesn't error out if there's a non-string secondary value (ch35189)
+        $flag = $this->makeBooleanFlagWithRules(array(
+            array(
+                'id' => 'ruleid',
+                'clauses' => array(
+                    array('attribute' => 'key', 'op' => 'in', 'values' => array('userkey'), 'negate' => false)
+                ),
+                'rollout' => array(
+                    'salt' => '',
+                    'variations' => array(
+                        array(
+                            'weight' => 100000,
+                            'variation' => 1
+                        )
+                    )
+                )
+            )
+        ));
+        $ub = new LDUserBuilder('userkey');
+        $ub->secondary(999);
+        $user = $ub->build();
+
+        $result = $flag->evaluate($user, null);
+        $detail = new EvaluationDetail(true, 1, EvaluationReason::ruleMatch(0, 'ruleid'));
+        self::assertEquals($detail, $result->getDetail());
+        self::assertEquals(array(), $result->getPrerequisiteEvents());
+    }
+
     public function clauseCanMatchBuiltInAttribute()
     {
         $clause = array('attribute' => 'name', 'op' => 'in', 'values' => array('Bob'), 'negate' => false);