Add validation for project and jobset names

This commit is contained in:
Eelco Dolstra 2012-04-17 08:53:00 +00:00
parent 90e0ba2a7a
commit d350b935f2
4 changed files with 33 additions and 23 deletions

View file

@ -221,7 +221,7 @@ sub updateJobset {
my ($c, $jobset) = @_; my ($c, $jobset) = @_;
my $jobsetName = trim $c->request->params->{"name"}; my $jobsetName = trim $c->request->params->{"name"};
error($c, "Invalid jobset name: $jobsetName") unless $jobsetName =~ /^[[:alpha:]][\w\-]*$/; error($c, "Invalid jobset name: $jobsetName") if $jobsetName !~ /^$jobsetNameRE$/;
my ($nixExprPath, $nixExprInput) = nixExprPathFromParams $c; my ($nixExprPath, $nixExprInput) = nixExprPathFromParams $c;
@ -298,13 +298,13 @@ sub clone_submit : Chained('jobset') PathPart('clone/submit') Args(0) {
requireProjectOwner($c, $jobset->project); requireProjectOwner($c, $jobset->project);
requirePost($c); requirePost($c);
my $newjobsetName = trim $c->request->params->{"newjobset"}; my $newJobsetName = trim $c->request->params->{"newjobset"};
error($c, "Invalid jobset name: $newjobsetName") unless $newjobsetName =~ /^[[:alpha:]][\w\-]*$/; error($c, "Invalid jobset name: $newJobsetName") unless $newJobsetName =~ /^[[:alpha:]][\w\-]*$/;
my $newjobset; my $newJobset;
txn_do($c->model('DB')->schema, sub { txn_do($c->model('DB')->schema, sub {
$newjobset = $jobset->project->jobsets->create( $newJobset = $jobset->project->jobsets->create(
{ name => $newjobsetName { name => $newJobsetName
, description => $jobset->description , description => $jobset->description
, nixexprpath => $jobset->nixexprpath , nixexprpath => $jobset->nixexprpath
, nixexprinput => $jobset->nixexprinput , nixexprinput => $jobset->nixexprinput
@ -314,14 +314,14 @@ sub clone_submit : Chained('jobset') PathPart('clone/submit') Args(0) {
}); });
foreach my $input ($jobset->jobsetinputs) { foreach my $input ($jobset->jobsetinputs) {
my $newinput = $newjobset->jobsetinputs->create({name => $input->name, type => $input->type}); my $newinput = $newJobset->jobsetinputs->create({name => $input->name, type => $input->type});
foreach my $inputalt ($input->jobsetinputalts) { foreach my $inputalt ($input->jobsetinputalts) {
$newinput->jobsetinputalts->create({altnr => $inputalt->altnr, value => $inputalt->value}); $newinput->jobsetinputalts->create({altnr => $inputalt->altnr, value => $inputalt->value});
} }
} }
}); });
$c->res->redirect($c->uri_for($c->controller('Jobset')->action_for("edit"), [$jobset->project->name, $newjobsetName])); $c->res->redirect($c->uri_for($c->controller('Jobset')->action_for("edit"), [$jobset->project->name, $newJobsetName]));
} }

View file

@ -32,13 +32,17 @@ sub view : Chained('eval') PathPart('') Args(0) {
# Allow comparing this evaluation against the previous evaluation # Allow comparing this evaluation against the previous evaluation
# (default), an arbitrary evaluation, or the latest completed # (default), an arbitrary evaluation, or the latest completed
# evaluation of another jobset. # evaluation of another jobset.
if (defined $compare && $compare =~ /^\d+$/) { if (defined $compare) {
$eval2 = $c->model('DB::JobsetEvals')->find($compare) if ($compare =~ /^\d+$/) {
or notFound($c, "Evaluation $compare doesn't exist."); $eval2 = $c->model('DB::JobsetEvals')->find($compare)
} elsif (defined $compare && $compare =~ /^($jobNameRE)$/) { or notFound($c, "Evaluation $compare doesn't exist.");
my $j = $c->stash->{project}->jobsets->find({name => $compare}) } elsif (defined $compare && $compare =~ /^($jobsetNameRE)$/) {
or notFound($c, "Jobset $compare doesn't exist."); my $j = $c->stash->{project}->jobsets->find({name => $compare})
$eval2 = getLatestFinishedEval($c, $j); or notFound($c, "Jobset $compare doesn't exist.");
$eval2 = getLatestFinishedEval($c, $j);
} else {
notFound($c, "Unknown comparison source $compare.");
}
} else { } else {
($eval2) = $eval->jobset->jobsetevals->search( ($eval2) = $eval->jobset->jobsetevals->search(
{ hasnewbuilds => 1, id => { '<', $eval->id } }, { hasnewbuilds => 1, id => { '<', $eval->id } },

View file

@ -119,6 +119,8 @@ sub create_submit : Path('/create-project/submit') {
my $projectName = trim $c->request->params->{name}; my $projectName = trim $c->request->params->{name};
error($c, "Invalid project name: $projectName") if $projectName !~ /^$projectNameRE$/;
txn_do($c->model('DB')->schema, sub { txn_do($c->model('DB')->schema, sub {
# Note: $projectName is validated in updateProject, # Note: $projectName is validated in updateProject,
# which will abort the transaction if the name isn't # which will abort the transaction if the name isn't
@ -152,6 +154,8 @@ sub create_jobset_submit : Chained('project') PathPart('create-jobset/submit') A
my $jobsetName = trim $c->request->params->{name}; my $jobsetName = trim $c->request->params->{name};
error($c, "Invalid jobset name: $jobsetName") if $jobsetName !~ /^$jobsetNameRE$/;
txn_do($c->model('DB')->schema, sub { txn_do($c->model('DB')->schema, sub {
# Note: $jobsetName is validated in updateProject, which will # Note: $jobsetName is validated in updateProject, which will
# abort the transaction if the name isn't valid. # abort the transaction if the name isn't valid.
@ -168,7 +172,7 @@ sub create_jobset_submit : Chained('project') PathPart('create-jobset/submit') A
sub updateProject { sub updateProject {
my ($c, $project) = @_; my ($c, $project) = @_;
my $projectName = trim $c->request->params->{name}; my $projectName = trim $c->request->params->{name};
error($c, "Invalid project name: " . ($projectName || "(empty)")) unless $projectName =~ /^[[:alpha:]][\w\-]*$/; error($c, "Invalid project name: $projectName") if $projectName !~ /^$projectNameRE$/;
my $displayName = trim $c->request->params->{displayname}; my $displayName = trim $c->request->params->{displayname};
error($c, "Invalid display name: $displayName") if $displayName eq ""; error($c, "Invalid display name: $displayName") if $displayName eq "";

View file

@ -13,7 +13,7 @@ our @EXPORT = qw(
requireLogin requireProjectOwner requireAdmin requirePost isAdmin isProjectOwner requireLogin requireProjectOwner requireAdmin requirePost isAdmin isProjectOwner
trim trim
getLatestFinishedEval getLatestFinishedEval
$pathCompRE $relPathRE $relNameRE $jobNameRE $systemRE $pathCompRE $relPathRE $relNameRE $projectNameRE $jobsetNameRE $jobNameRE $systemRE
@buildListColumns @buildListColumns
); );
@ -181,12 +181,14 @@ sub getLatestFinishedEval {
# Security checking of filenames. # Security checking of filenames.
Readonly our $pathCompRE => "(?:[A-Za-z0-9-\+\._][A-Za-z0-9-\+\._]*)"; Readonly our $pathCompRE => "(?:[A-Za-z0-9-\+\._][A-Za-z0-9-\+\._]*)";
Readonly our $relPathRE => "(?:$pathCompRE(?:/$pathCompRE)*)"; Readonly our $relPathRE => "(?:$pathCompRE(?:/$pathCompRE)*)";
Readonly our $relNameRE => "(?:[A-Za-z0-9-][A-Za-z0-9-\.]*)"; Readonly our $relNameRE => "(?:[A-Za-z0-9-][A-Za-z0-9-\.]*)";
Readonly our $attrNameRE => "(?:[A-Za-z_][A-Za-z0-9_]*)"; Readonly our $attrNameRE => "(?:[A-Za-z_][A-Za-z0-9_]*)";
Readonly our $jobNameRE => "(?:$attrNameRE(?:\\.$attrNameRE)*)"; Readonly our $projectNameRE => "(?:[A-Za-z_][A-Za-z0-9-_]*)";
Readonly our $systemRE => "(?:[a-z0-9_]+-[a-z0-9_]+)"; Readonly our $jobsetNameRE => "(?:[A-Za-z_][A-Za-z0-9-_]*)";
Readonly our $jobNameRE => "(?:$attrNameRE(?:\\.$attrNameRE)*)";
Readonly our $systemRE => "(?:[a-z0-9_]+-[a-z0-9_]+)";
1; 1;