MAGETWO-70325: Add filename paramenter log #4147

Author: ishakhsuvarov

lib/internal/Magento/Framework/Logger/Handler/Base.php

@@ -31,23 +31,50 @@ class Base extends StreamHandler
     /**
      * @param DriverInterface $filesystem
      * @param string $filePath
+     * @param string $fileName
      */
     public function __construct(
         DriverInterface $filesystem,
-        $filePath = null
+        $filePath = null,
+        $fileName = null
     ) {
         $this->filesystem = $filesystem;
+        if (!empty($fileName)) {
+            $this->fileName = $this->sanitizeFileName($fileName);
+        }
         parent::__construct(
-            $filePath ? $filePath . $this->fileName : BP . $this->fileName,
+            $filePath ? $filePath . $this->fileName : BP . DIRECTORY_SEPARATOR . $this->fileName,
             $this->loggerType
         );
+
         $this->setFormatter(new LineFormatter(null, null, true));
     }
 
+    /**
+     * @param string $fileName
+     *
+     * @return string
+     * @throws \InvalidArgumentException
+     */
+    private function sanitizeFileName($fileName)
+    {
+        if (!is_string($fileName)) {
+            throw  new \InvalidArgumentException('Filename expected to be a string');
+        }
+
+        $parts = explode('/', $fileName);
+        $parts = array_filter($parts, function ($value) {
+            return !in_array($value, ['', '.', '..']);
+        });
+
+        return implode('/', $parts);
+    }
+
     /**
      * @{inheritDoc}
      *
      * @param $record array
+     *
      * @return void
      */
     public function write(array $record)

lib/internal/Magento/Framework/Logger/Test/Unit/Handler/BaseTest.php

@@ -0,0 +1,66 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Framework\Logger\Test\Unit\Handler;
+
+class BaseTest extends \PHPUnit_Framework_TestCase
+{
+    /**
+     * @var \Magento\Framework\Logger\Handler\Base|\PHPUnit_Framework_MockObject_MockObject
+     */
+    private $model;
+
+    /**
+     * @var \ReflectionMethod
+     */
+    private $sanitizeMethod;
+
+    protected function setUp()
+    {
+        $driverMock = $this->getMockBuilder(\Magento\Framework\Filesystem\DriverInterface::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->model = new \Magento\Framework\Logger\Handler\Base($driverMock);
+
+        $class = new \ReflectionClass($this->model);
+        $this->sanitizeMethod = $class->getMethod('sanitizeFileName');
+        $this->sanitizeMethod->setAccessible(true);
+    }
+
+    public function testSanitizeEmpty()
+    {
+        $this->assertEquals('', $this->sanitizeMethod->invokeArgs($this->model, ['']));
+    }
+
+    public function testSanitizeSimpleFilename()
+    {
+        $this->assertEquals('custom.log', $this->sanitizeMethod->invokeArgs($this->model, ['custom.log']));
+    }
+
+    public function testSanitizeLeadingSlashFilename()
+    {
+        $this->assertEquals(
+            'customfolder/custom.log',
+            $this->sanitizeMethod->invokeArgs($this->model, ['/customfolder/custom.log'])
+        );
+    }
+
+    public function testSanitizeParentLevelFolder()
+    {
+        $this->assertEquals(
+            'var/hack/custom.log',
+            $this->sanitizeMethod->invokeArgs($this->model, ['../../../var/hack/custom.log'])
+        );
+    }
+
+    /**
+     * @expectedException \InvalidArgumentException
+     * @expectedExceptionMessage Filename expected to be a string
+     */
+    public function testSanitizeFileException()
+    {
+        $this->sanitizeMethod->invokeArgs($this->model, [['filename' => 'notValid']]);
+    }
+}