feat(api): prevent invalid kind values

Jef Roosens 2022-06-17 13:56:38 +02:00
parent bb5643bb03
commit bd07964509
Signed by untrusted user: Jef Roosens
GPG Key ID: B75D4F293C7052DB
4 changed files with 21 additions and 10 deletions

View File

@ -67,7 +67,7 @@ pub fn cmd() cli.Command {
name: 'add' name: 'add'
required_args: 2 required_args: 2
usage: 'url repo' usage: 'url repo'
description: "Add a new target with the given URL & target repo." description: 'Add a new target with the given URL & target repo.'
flags: [ flags: [
cli.Flag{ cli.Flag{
name: 'kind' name: 'kind'
@ -79,14 +79,12 @@ pub fn cmd() cli.Command {
name: 'branch' name: 'branch'
description: "Which branch to clone; only applies to kind 'git'." description: "Which branch to clone; only applies to kind 'git'."
flag: cli.FlagType.string flag: cli.FlagType.string
} },
] ]
execute: fn (cmd cli.Command) ? { execute: fn (cmd cli.Command) ? {
config_file := cmd.flags.get_string('config-file')? config_file := cmd.flags.get_string('config-file')?
conf := vconf.load<Config>(prefix: 'VIETER_', default_path: config_file)? conf := vconf.load<Config>(prefix: 'VIETER_', default_path: config_file)?
kind := cmd.flags.get_string('kind')?
t := NewTarget{ t := NewTarget{
kind: cmd.flags.get_string('kind')? kind: cmd.flags.get_string('kind')?
url: cmd.args[0] url: cmd.args[0]
@ -152,6 +150,11 @@ pub fn cmd() cli.Command {
description: 'Cron schedule for repository.' description: 'Cron schedule for repository.'
flag: cli.FlagType.string flag: cli.FlagType.string
}, },
cli.Flag{
name: 'kind'
description: 'Kind of target.'
flag: cli.FlagType.string
},
] ]
execute: fn (cmd cli.Command) ? { execute: fn (cmd cli.Command) ? {
config_file := cmd.flags.get_string('config-file')? config_file := cmd.flags.get_string('config-file')?

View File

@ -1,5 +1,7 @@
module models module models
pub const valid_kinds = ['git', 'url']
pub struct TargetArch { pub struct TargetArch {
pub: pub:
id int [primary; sql: serial] id int [primary; sql: serial]
@ -35,6 +37,7 @@ pub mut:
pub fn (gr &Target) str() string { pub fn (gr &Target) str() string {
mut parts := [ mut parts := [
'id: $gr.id', 'id: $gr.id',
'kind: $gr.kind',
'url: $gr.url', 'url: $gr.url',
'branch: $gr.branch', 'branch: $gr.branch',
'repo: $gr.repo', 'repo: $gr.repo',

View File

@ -52,6 +52,11 @@ fn (mut app App) v1_post_target() web.Result {
return app.json(http.Status.bad_request, new_response(err.msg())) return app.json(http.Status.bad_request, new_response(err.msg()))
} }
// Ensure someone doesn't submit an invalid kind
if new_repo.kind !in models.valid_kinds {
return app.json(http.Status.bad_request, new_response('Invalid kind.'))
}
app.db.add_target(new_repo) app.db.add_target(new_repo)
return app.json(http.Status.ok, new_response('Repo added successfully.')) return app.json(http.Status.ok, new_response('Repo added successfully.'))