mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-22 08:42:32 -05:00
240 lines
5.9 KiB
Go
240 lines
5.9 KiB
Go
// Copyright 2017 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package validation
|
|
|
|
import (
|
|
"fmt"
|
|
"regexp"
|
|
"strings"
|
|
|
|
"code.gitea.io/gitea/modules/auth"
|
|
"code.gitea.io/gitea/modules/git"
|
|
|
|
"gitea.com/go-chi/binding"
|
|
"github.com/gobwas/glob"
|
|
)
|
|
|
|
const (
|
|
// ErrGitRefName is git reference name error
|
|
ErrGitRefName = "GitRefNameError"
|
|
// ErrGlobPattern is returned when glob pattern is invalid
|
|
ErrGlobPattern = "GlobPattern"
|
|
// ErrRegexPattern is returned when a regex pattern is invalid
|
|
ErrRegexPattern = "RegexPattern"
|
|
// ErrUsername is username error
|
|
ErrUsername = "UsernameError"
|
|
// ErrInvalidGroupTeamMap is returned when a group team mapping is invalid
|
|
ErrInvalidGroupTeamMap = "InvalidGroupTeamMap"
|
|
// ErrEmail is returned when an email address is invalid
|
|
ErrEmail = "Email"
|
|
)
|
|
|
|
// AddBindingRules adds additional binding rules
|
|
func AddBindingRules() {
|
|
addGitRefNameBindingRule()
|
|
addValidURLBindingRule()
|
|
addValidSiteURLBindingRule()
|
|
addGlobPatternRule()
|
|
addRegexPatternRule()
|
|
addGlobOrRegexPatternRule()
|
|
addUsernamePatternRule()
|
|
addValidGroupTeamMapRule()
|
|
addEmailBindingRules()
|
|
}
|
|
|
|
func addGitRefNameBindingRule() {
|
|
// Git refname validation rule
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return strings.HasPrefix(rule, "GitRefName")
|
|
},
|
|
IsValid: func(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
str := fmt.Sprintf("%v", val)
|
|
|
|
if !git.IsValidRefPattern(str) {
|
|
errs.Add([]string{name}, ErrGitRefName, "GitRefName")
|
|
return false, errs
|
|
}
|
|
return true, errs
|
|
},
|
|
})
|
|
}
|
|
|
|
func addValidURLBindingRule() {
|
|
// URL validation rule
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return strings.HasPrefix(rule, "ValidUrl")
|
|
},
|
|
IsValid: func(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
str := fmt.Sprintf("%v", val)
|
|
if len(str) != 0 && !IsValidURL(str) {
|
|
errs.Add([]string{name}, binding.ERR_URL, "Url")
|
|
return false, errs
|
|
}
|
|
|
|
return true, errs
|
|
},
|
|
})
|
|
}
|
|
|
|
func addValidSiteURLBindingRule() {
|
|
// URL validation rule
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return strings.HasPrefix(rule, "ValidSiteUrl")
|
|
},
|
|
IsValid: func(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
str := fmt.Sprintf("%v", val)
|
|
if len(str) != 0 && !IsValidSiteURL(str) {
|
|
errs.Add([]string{name}, binding.ERR_URL, "Url")
|
|
return false, errs
|
|
}
|
|
|
|
return true, errs
|
|
},
|
|
})
|
|
}
|
|
|
|
func addGlobPatternRule() {
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return rule == "GlobPattern"
|
|
},
|
|
IsValid: globPatternValidator,
|
|
})
|
|
}
|
|
|
|
func globPatternValidator(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
str := fmt.Sprintf("%v", val)
|
|
|
|
if len(str) != 0 {
|
|
if _, err := glob.Compile(str); err != nil {
|
|
errs.Add([]string{name}, ErrGlobPattern, err.Error())
|
|
return false, errs
|
|
}
|
|
}
|
|
|
|
return true, errs
|
|
}
|
|
|
|
func addRegexPatternRule() {
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return rule == "RegexPattern"
|
|
},
|
|
IsValid: regexPatternValidator,
|
|
})
|
|
}
|
|
|
|
func regexPatternValidator(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
str := fmt.Sprintf("%v", val)
|
|
|
|
if _, err := regexp.Compile(str); err != nil {
|
|
errs.Add([]string{name}, ErrRegexPattern, err.Error())
|
|
return false, errs
|
|
}
|
|
|
|
return true, errs
|
|
}
|
|
|
|
func addGlobOrRegexPatternRule() {
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return rule == "GlobOrRegexPattern"
|
|
},
|
|
IsValid: func(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
str := strings.TrimSpace(fmt.Sprintf("%v", val))
|
|
|
|
if len(str) >= 2 && strings.HasPrefix(str, "/") && strings.HasSuffix(str, "/") {
|
|
return regexPatternValidator(errs, name, str[1:len(str)-1])
|
|
}
|
|
return globPatternValidator(errs, name, val)
|
|
},
|
|
})
|
|
}
|
|
|
|
func addUsernamePatternRule() {
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return rule == "Username"
|
|
},
|
|
IsValid: func(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
str := fmt.Sprintf("%v", val)
|
|
if !IsValidUsername(str) {
|
|
errs.Add([]string{name}, ErrUsername, "invalid username")
|
|
return false, errs
|
|
}
|
|
return true, errs
|
|
},
|
|
})
|
|
}
|
|
|
|
func addValidGroupTeamMapRule() {
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return strings.HasPrefix(rule, "ValidGroupTeamMap")
|
|
},
|
|
IsValid: func(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
_, err := auth.UnmarshalGroupTeamMapping(fmt.Sprintf("%v", val))
|
|
if err != nil {
|
|
errs.Add([]string{name}, ErrInvalidGroupTeamMap, err.Error())
|
|
return false, errs
|
|
}
|
|
|
|
return true, errs
|
|
},
|
|
})
|
|
}
|
|
|
|
func addEmailBindingRules() {
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return strings.HasPrefix(rule, "EmailWithAllowedDomain")
|
|
},
|
|
IsValid: func(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
if err := ValidateEmail(fmt.Sprintf("%v", val)); err != nil {
|
|
errs.Add([]string{name}, ErrEmail, err.Error())
|
|
return false, errs
|
|
}
|
|
return true, errs
|
|
},
|
|
})
|
|
|
|
binding.AddRule(&binding.Rule{
|
|
IsMatch: func(rule string) bool {
|
|
return strings.HasPrefix(rule, "EmailForAdmin")
|
|
},
|
|
IsValid: func(errs binding.Errors, name string, val any) (bool, binding.Errors) {
|
|
if err := ValidateEmailForAdmin(fmt.Sprintf("%v", val)); err != nil {
|
|
errs.Add([]string{name}, ErrEmail, err.Error())
|
|
return false, errs
|
|
}
|
|
return true, errs
|
|
},
|
|
})
|
|
}
|
|
|
|
func portOnly(hostport string) string {
|
|
colon := strings.IndexByte(hostport, ':')
|
|
if colon == -1 {
|
|
return ""
|
|
}
|
|
if i := strings.Index(hostport, "]:"); i != -1 {
|
|
return hostport[i+len("]:"):]
|
|
}
|
|
if strings.Contains(hostport, "]") {
|
|
return ""
|
|
}
|
|
return hostport[colon+len(":"):]
|
|
}
|
|
|
|
func validPort(p string) bool {
|
|
for _, r := range []byte(p) {
|
|
if r < '0' || r > '9' {
|
|
return false
|
|
}
|
|
}
|
|
return true
|
|
}
|