-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add input validation for API numerical inputs #204
Add input validation for API numerical inputs #204
Conversation
This commit includes the addition of a utility function that checks the range of the data types and validates them. This is particularly useful for numerical inputs in the API that need to be within a specific range. The commit also updates the backend routes to use these validations. Issue: #202 Signed-off-by: Nikolay Martyanov <ohmspectator@gmail.com>
WalkthroughThe code updates introduce a function to validate integer inputs by enforcing range constraints, preventing server crashes due to excessively large integer values. This is achieved by adding a utility function to get data type ranges and modifying API route validation to utilize these ranges, ensuring that integer inputs are within the permissible bounds for the database. Changes
Assessment against linked issues
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 0
Configuration used: .coderabbit.yaml
Files selected for processing (3)
- backend/.eslintrc (1 hunks)
- backend/src/routes/regionRoutes.js (8 hunks)
- backend/src/utils/dataTypes.js (1 hunks)
Additional comments: 10
backend/.eslintrc (1)
- 14-16: The update to the ESLint configuration to support ECMAScript 2020 features, including BigInt, is correctly implemented and aligns with the PR objectives.
backend/src/utils/dataTypes.js (1)
- 1-18: The
getDataTypeRange
function is well-implemented with appropriate error handling for undefined fields and unsupported data types. It correctly returns the range for INTEGER, BIGINT, and SMALLINT data types, which should help in validating numerical inputs as per the PR objectives.backend/src/routes/regionRoutes.js (8)
4-5: The addition of imports for
getDataTypeRange
and the Sequelize modelsHierarchy
andRegion
is correct and necessary for the subsequent validation logic.18-20: The validation logic for
hierarchyId
usinggetDataTypeRange
to set the maximum value is correctly implemented. This ensures that thehierarchyId
is within the acceptable range for the data type.36-38: The validation for
hierarchyId
in the search route is consistent with the validation in the root route, correctly usinggetDataTypeRange
to determine the maximum value.53-58: The validation for
regionId
andhierarchyId
in the region ID route is correctly implemented, usinggetDataTypeRange
to ensure the IDs are within the valid range for their respective data types.72-78: The validation for
regionId
andhierarchyId
in the subregions route is consistent with the other routes, correctly usinggetDataTypeRange
for determining the maximum values.93-95: The validation for
regionId
in the ancestors route is correctly implemented, usinggetDataTypeRange
to ensure the ID is within the valid range for its data type.110-112: The validation for
regionId
in the geometry route is correctly implemented, usinggetDataTypeRange
to ensure the ID is within the valid range for its data type.128-133: The validation for
regionId
andhierarchyId
in the siblings route is correctly implemented, usinggetDataTypeRange
to ensure the IDs are within the valid range for their respective data types.
Apply Sweep Rules to your PR?
This is an automated message generated by Sweep AI. |
Description
This PR introduces a utility function
getDataTypeRange
to check the range of data types for numerical inputs in the API, ensuring inputs are within specific ranges. The routes inregionRoutes.js
have been updated to utilize these validations for improved robustness and error handling.Related Issues
Closes: #202
How Was This Tested?
getDataTypeRange
was tested with different model fields to ensure correct range retrieval.Checklist
Summary by CodeRabbit