This repository has been archived by the owner on Jan 8, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 327
internal/server: Add many validations to authenticated endpoints #2273
Merged
Merged
Changes from 17 commits
Commits
Show all changes
18 commits
Select commit
Hold shift + click to select a range
1808286
internal/server: Validate GetAuthMethodRequest
briancain 5d57a07
internal/server: Add API validations for project endpoints
briancain 8edffcf
internal/server: Validate API build requests
briancain b9f36f8
internal/server: Add API validation for UpsertBuildRequest
briancain 400a342
Simplify validation for GetLatestBuildRequest
briancain 7bf78cc
internal/server: Add API validation for pushed artifacts
briancain cb908f4
internal/server: Add API validation for Release endpoints
briancain 5da226f
internal/server: Add API validation for config
briancain f65fed0
internal/server: Add API validation for hostname
briancain 7ed35a2
internal/server: Add API validation for UpsertDeployment
briancain 41162e8
Hostname field can be empty
briancain 32cf579
Add note about validation failing on nil
briancain e8ef780
internal/server: Validate API requests for GetOnDemandRunnerConfig
briancain b3bdb19
internal/server: Add API validation for status reports API
briancain 9a79aaf
internal/server: Add validation to UI_GetProject endpoint
briancain 72d91db
Add changelog
briancain d1539fd
Target can be blank on list
briancain 5154daf
Fix comment
briancain File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
```release-note:bug | ||
server: Adds API validation to ensure server doesn't panic when given an empty | ||
request body | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
package ptypes | ||
|
||
import ( | ||
validation "github.com/go-ozzo/ozzo-validation/v4" | ||
"github.com/imdario/mergo" | ||
"github.com/mitchellh/go-testing-interface" | ||
"github.com/stretchr/testify/require" | ||
|
||
"github.com/hashicorp/waypoint/internal/pkg/validationext" | ||
pb "github.com/hashicorp/waypoint/internal/server/gen" | ||
) | ||
|
||
// TestArtifact returns a valid user for tests. | ||
func TestArtifact(t testing.T, src *pb.PushedArtifact) *pb.PushedArtifact { | ||
t.Helper() | ||
|
||
if src == nil { | ||
src = &pb.PushedArtifact{} | ||
} | ||
|
||
require.NoError(t, mergo.Merge(src, &pb.PushedArtifact{ | ||
Id: "test", | ||
})) | ||
|
||
return src | ||
} | ||
|
||
// ValidatePushedArtifact validates the user structure. | ||
func ValidatePushedArtifact(v *pb.PushedArtifact) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
ValidatePushedArtifactRules(v)..., | ||
)) | ||
} | ||
|
||
// ValidatePushedArtifactRules | ||
func ValidatePushedArtifactRules(v *pb.PushedArtifact) []*validation.FieldRules { | ||
return []*validation.FieldRules{ | ||
validation.Field(&v.Artifact, validation.Required), | ||
|
||
validationext.StructField(&v.Application, func() []*validation.FieldRules { | ||
return []*validation.FieldRules{ | ||
validation.Field(&v.Application.Application, validation.Required), | ||
validation.Field(&v.Application.Project, validation.Required), | ||
} | ||
}), | ||
|
||
validationext.StructField(&v.Workspace, func() []*validation.FieldRules { | ||
return []*validation.FieldRules{ | ||
validation.Field(&v.Workspace.Workspace, validation.Required), | ||
} | ||
}), | ||
} | ||
} | ||
|
||
// ValidateUpsertArtifactRequest | ||
func ValidateUpsertPushedArtifactRequest(v *pb.UpsertPushedArtifactRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Artifact, validation.Required), | ||
)) | ||
} | ||
|
||
// ValidateListPushedArtifactsRequest | ||
func ValidateListPushedArtifactsRequest(v *pb.ListPushedArtifactsRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validationext.StructField(&v.Application, func() []*validation.FieldRules { | ||
return []*validation.FieldRules{ | ||
validation.Field(&v.Application.Application, validation.Required), | ||
validation.Field(&v.Application.Project, validation.Required), | ||
} | ||
}))) | ||
} | ||
|
||
// ValidateGetLatestPushedArtifactRequest | ||
func ValidateGetLatestPushedArtifactRequest(v *pb.GetLatestPushedArtifactRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Application, validation.Required), | ||
)) | ||
} | ||
|
||
// ValidateGetPushedArtifactRequest | ||
func ValidateGetPushedArtifactRequest(v *pb.GetPushedArtifactRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Ref, validation.Required), | ||
validationext.StructField(&v.Ref, func() []*validation.FieldRules { | ||
return ValidateRefOperationRules(v.Ref) | ||
}), | ||
)) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
package ptypes | ||
|
||
import ( | ||
validation "github.com/go-ozzo/ozzo-validation/v4" | ||
"github.com/imdario/mergo" | ||
"github.com/mitchellh/go-testing-interface" | ||
"github.com/stretchr/testify/require" | ||
|
||
"github.com/hashicorp/waypoint/internal/pkg/validationext" | ||
pb "github.com/hashicorp/waypoint/internal/server/gen" | ||
) | ||
|
||
// TestBuild returns a valid user for tests. | ||
func TestBuild(t testing.T, src *pb.Build) *pb.Build { | ||
t.Helper() | ||
|
||
if src == nil { | ||
src = &pb.Build{} | ||
} | ||
|
||
require.NoError(t, mergo.Merge(src, &pb.Build{ | ||
Id: "test", | ||
})) | ||
|
||
return src | ||
} | ||
|
||
// ValidateBuild validates the user structure. | ||
func ValidateBuild(v *pb.Build) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
ValidateBuildRules(v)..., | ||
)) | ||
} | ||
|
||
// ValidateBuildRules | ||
func ValidateBuildRules(v *pb.Build) []*validation.FieldRules { | ||
return []*validation.FieldRules{ | ||
validationext.StructField(&v.Application, func() []*validation.FieldRules { | ||
return []*validation.FieldRules{ | ||
validation.Field(&v.Application.Application, validation.Required), | ||
validation.Field(&v.Application.Project, validation.Required), | ||
} | ||
}), | ||
|
||
validationext.StructField(&v.Workspace, func() []*validation.FieldRules { | ||
return []*validation.FieldRules{ | ||
validation.Field(&v.Workspace.Workspace, validation.Required), | ||
} | ||
}), | ||
} | ||
} | ||
|
||
// ValidateGetBuildRequest | ||
func ValidateGetBuildRequest(v *pb.GetBuildRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Ref, validation.Required), | ||
validationext.StructField(&v.Ref, func() []*validation.FieldRules { | ||
return ValidateRefOperationRules(v.Ref) | ||
}), | ||
)) | ||
} | ||
|
||
// ValidateListBuildsRequest | ||
func ValidateListBuildsRequest(v *pb.ListBuildsRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validationext.StructField(&v.Application, func() []*validation.FieldRules { | ||
return []*validation.FieldRules{ | ||
validation.Field(&v.Application.Application, validation.Required), | ||
validation.Field(&v.Application.Project, validation.Required), | ||
} | ||
}))) | ||
} | ||
|
||
// ValidateGetLatestBuildRequest | ||
func ValidateGetLatestBuildRequest(v *pb.GetLatestBuildRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Application, validation.Required), | ||
)) | ||
} | ||
|
||
// ValidateUpsertBuildRequest | ||
func ValidateUpsertBuildRequest(v *pb.UpsertBuildRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Build, validation.Required), | ||
validationext.StructField(&v.Build, func() []*validation.FieldRules { | ||
return ValidateBuildRules(v.Build) | ||
}), | ||
)) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
package ptypes | ||
|
||
import ( | ||
validation "github.com/go-ozzo/ozzo-validation/v4" | ||
"github.com/hashicorp/waypoint/internal/pkg/validationext" | ||
pb "github.com/hashicorp/waypoint/internal/server/gen" | ||
) | ||
|
||
// ValidateSetConfigSourceRequest | ||
func ValidateSetConfigSourceRequest(v *pb.SetConfigSourceRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.ConfigSource, validation.Required), | ||
)) | ||
} | ||
|
||
// ValidateGetConfigRequest | ||
func ValidateGetConfigRequest(v *pb.ConfigGetRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Scope, validation.Required), | ||
)) | ||
} | ||
|
||
// ValidateGetConfigRequest | ||
func ValidateGetConfigSourceRequest(v *pb.GetConfigSourceRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Scope, validation.Required), | ||
)) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
package ptypes | ||
|
||
import ( | ||
validation "github.com/go-ozzo/ozzo-validation/v4" | ||
"github.com/hashicorp/waypoint/internal/pkg/validationext" | ||
pb "github.com/hashicorp/waypoint/internal/server/gen" | ||
) | ||
|
||
// ValidateCreateHostnameRequest | ||
func ValidateCreateHostnameRequest(v *pb.CreateHostnameRequest) error { | ||
return validationext.Error(validation.ValidateStruct(v, | ||
validation.Field(&v.Target, validation.Required), | ||
)) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[sand] This comment doesn’t match the function below it. But also: these comments don’t add much, could we drop them altogether?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops, yeah probably from all the copy paste to get the bare functions around before adding the content :D I can just fix the comment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If I were to do this again I'd probably delete them but now that they are there I'll probably leave them be 😅