Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add additional validation to prevent wildcards in resource object IDs
- Loading branch information
1 parent
1d6c78f
commit 975b955
Showing
4 changed files
with
149 additions
and
0 deletions.
There are no files selected for viewing
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
// The contents of this file are hand-written to add HandwrittenValidate to select message types | ||
|
||
package v0 | ||
|
||
func (m *CheckRequest) HandwrittenValidate() error { | ||
if m.GetTestUserset() != nil && m.GetTestUserset().GetObjectId() == "*" { | ||
return ObjectAndRelationValidationError{ | ||
field: "ObjectId", | ||
reason: "alphanumeric value is required", | ||
} | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func (m *ContentChangeCheckRequest) HandwrittenValidate() error { | ||
if m.GetTestUserset() != nil && m.GetTestUserset().GetObjectId() == "*" { | ||
return ObjectAndRelationValidationError{ | ||
field: "ObjectId", | ||
reason: "alphanumeric value is required", | ||
} | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func (m *ExpandRequest) HandwrittenValidate() error { | ||
if m.GetUserset() != nil && m.GetUserset().GetObjectId() == "*" { | ||
return ObjectAndRelationValidationError{ | ||
field: "ObjectId", | ||
reason: "alphanumeric value is required", | ||
} | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func (m *LookupRequest) HandwrittenValidate() error { | ||
if m.GetUser() != nil && m.GetUser().GetObjectId() == "*" { | ||
return ObjectAndRelationValidationError{ | ||
field: "ObjectId", | ||
reason: "alphanumeric value is required", | ||
} | ||
} | ||
|
||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
// The contents of this file are hand-written to add HandwrittenValidate to select message types | ||
|
||
package v1 | ||
|
||
func (m *CheckPermissionRequest) HandwrittenValidate() error { | ||
if m.GetResource() != nil && m.GetResource().GetObjectId() == "*" { | ||
return ObjectReferenceValidationError{ | ||
field: "ObjectId", | ||
reason: "alphanumeric value is required", | ||
} | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func (m *ExpandPermissionTreeRequest) HandwrittenValidate() error { | ||
if m.GetResource() != nil && m.GetResource().GetObjectId() == "*" { | ||
return ObjectReferenceValidationError{ | ||
field: "ObjectId", | ||
reason: "alphanumeric value is required", | ||
} | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func (m *Precondition) HandwrittenValidate() error { | ||
if m.GetFilter() != nil { | ||
return m.GetFilter().HandwrittenValidate() | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func (m *RelationshipFilter) HandwrittenValidate() error { | ||
if m.GetOptionalResourceId() == "*" { | ||
return RelationshipFilterValidationError{ | ||
field: "OptionalResourceId", | ||
reason: "alphanumeric value is required", | ||
} | ||
} | ||
return nil | ||
} | ||
|
||
func (m *RelationshipUpdate) HandwrittenValidate() error { | ||
if m.GetRelationship() != nil { | ||
return m.GetRelationship().HandwrittenValidate() | ||
} | ||
return nil | ||
} | ||
|
||
func (m *Relationship) HandwrittenValidate() error { | ||
if m.GetResource() != nil && m.GetResource().GetObjectId() == "*" { | ||
return ObjectReferenceValidationError{ | ||
field: "ObjectId", | ||
reason: "alphanumeric value is required", | ||
} | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func (m *DeleteRelationshipsRequest) HandwrittenValidate() error { | ||
if m.GetOptionalPreconditions() != nil { | ||
for _, precondition := range m.GetOptionalPreconditions() { | ||
err := precondition.HandwrittenValidate() | ||
if err != nil { | ||
return err | ||
} | ||
} | ||
} | ||
|
||
if m.GetRelationshipFilter() != nil { | ||
return m.GetRelationshipFilter().HandwrittenValidate() | ||
} | ||
|
||
return nil | ||
} | ||
|
||
func (m *WriteRelationshipsRequest) HandwrittenValidate() error { | ||
if m.GetOptionalPreconditions() != nil { | ||
for _, precondition := range m.GetOptionalPreconditions() { | ||
err := precondition.HandwrittenValidate() | ||
if err != nil { | ||
return err | ||
} | ||
} | ||
} | ||
|
||
if m.GetUpdates() != nil { | ||
for _, update := range m.GetUpdates() { | ||
if update.GetRelationship() != nil { | ||
err := update.GetRelationship().HandwrittenValidate() | ||
if err != nil { | ||
return err | ||
} | ||
} | ||
} | ||
} | ||
|
||
return nil | ||
} |