[9.x] Validate uuid before route binding query (#44945)

* validate uuid before route binding query * Update HasUuids.php * Update HasUuids.php * validate uuid in resolveRouteBindingQuery * validate uuid if field in uniqueIds * styleci changes * drop comments table * formatting Co-authored-by: Taylor Otwell <[email protected]>
sashashura · Nov 21, 2022 · ed48ce7 · ed48ce7
1 parent 63a0697
commit ed48ce7
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/Eloquent/Concerns/HasUuids.php b/Eloquent/Concerns/HasUuids.php
@@ -2,6 +2,7 @@
 
 namespace Illuminate\Database\Eloquent\Concerns;
 
+use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Support\Str;
 
 trait HasUuids
@@ -42,6 +43,27 @@ public function uniqueIds()
         return [$this->getKeyName()];
     }
 
+    /**
+     * Retrieve the model for a bound value.
+     *
+     * @param  \Illuminate\Database\Eloquent\Model|\Illuminate\Database\Eloquent\Relations\Relation  $query
+     * @param  mixed  $value
+     * @param  string|null  $field
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function resolveRouteBindingQuery($query, $value, $field = null)
+    {
+        if ($field && in_array($field, $this->uniqueIds()) && ! Str::isUuid($value)) {
+            throw (new ModelNotFoundException)->setModel(get_class($this), $value);
+        }
+
+        if (! $field && in_array($this->getRouteKeyName(), $this->uniqueIds()) && ! Str::isUuid($value)) {
+            throw (new ModelNotFoundException)->setModel(get_class($this), $value);
+        }
+
+        return parent::resolveRouteBindingQuery($query, $value, $field);
+    }
+
     /**
      * Get the auto-incrementing key type.
      *