Validate space name with a regexp in the controller (OSIO#3580)

This will prevent creating spaces with a name that cannot be used as a value in pod labels (matching max length and pattern). The regexp and length checks in the controller replace the validation function that was previously used at the design level, which allows for returning proper JSON-API errors to the clients. Fixes openshiftio/openshift.io#3580 Signed-off-by: Xavier Coulon <xcoulon@redhat.com>
xcoulon · May 24, 2018 · 87bf371 · 87bf371
1 parent e3ab0cf
commit 87bf371
Show file tree

Hide file tree

Showing 5 changed files with 242 additions and 223 deletions.
diff --git a/controller/space.go b/controller/space.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+	"regexp"
 
 	"github.com/fabric8-services/fabric8-wit/app"
 	"github.com/fabric8-services/fabric8-wit/application"
@@ -546,6 +547,18 @@ func (c *SpaceController) Update(ctx *app.UpdateSpaceContext) error {
 	return ctx.OK(&response)
 }
 
+const (
+	// see https://github.com/kubernetes/community/blob/master/contributors/design-proposals/architecture/identifiers.md
+	spaceNameMaxLength int    = 63
+	spaceNamePattern   string = `^([A-Za-z0-9][-A-Za-z0-9]*)?[A-Za-z0-9]$`
+)
+
+var nameRegex *regexp.Regexp
+
+func init() {
+	nameRegex = regexp.MustCompile(spaceNamePattern) // will panic if the pattern is invalid
+}
+
 func validateCreateSpace(ctx *app.CreateSpaceContext) error {
 	if ctx.Payload.Data == nil {
 		return errors.NewBadParameterError("data", nil).Expected("not nil")
@@ -556,6 +569,16 @@ func validateCreateSpace(ctx *app.CreateSpaceContext) error {
 	if ctx.Payload.Data.Attributes.Name == nil {
 		return errors.NewBadParameterError("data.attributes.name", nil).Expected("not nil")
 	}
+	name := *ctx.Payload.Data.Attributes.Name
+	// now, verify the length and pattern for the space name
+	if len(name) > spaceNameMaxLength {
+		return errors.NewBadParameterError("data.attributes.name", name).Expected(fmt.Sprintf("max length: %d (was %d)", spaceNameMaxLength, len(name)))
+	}
+	matched := nameRegex.MatchString(name)
+	if !matched {
+		return errors.NewBadParameterError("data.attributes.name", name).Expected(fmt.Sprintf("matching '%s' pattern", spaceNamePattern))
+	}
+
 	// // TODO(kwk): Comment back in once space template is official
 	// if ctx.Payload.Data.Relationships == nil {
 	// 	return errors.NewBadParameterError("data.relationships", nil).Expected("not nil")