Skip to content

Commit

Permalink
fix(api): enforce numbers as integers in the validation schema
Browse files Browse the repository at this point in the history
  • Loading branch information
@andris9
andris9 committed Jan 2, 2024
1 parent cb30bd5 commit 84298c8
Show file tree
Hide file tree
Showing 4 changed files with 168 additions and 105 deletions.
9 changes: 5 additions & 4 deletions lib/api-routes/template-routes.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -247,22 +247,23 @@ async function init(args) {
account: Joi.string().empty('').max(256).example('example').description('Account ID to list the templates for'),

page: Joi.number()
.integer()
.min(0)
.max(1024 * 1024)
.default(0)
.example(0)
.description('Page number (zero indexed, so use 0 for first page)')
.label('PageNumber'),
pageSize: Joi.number().min(1).max(1000).default(20).example(20).description('How many entries per page').label('PageSize')
pageSize: Joi.number().integer().min(1).max(1000).default(20).example(20).description('How many entries per page').label('PageSize')
}).label('AccountTemplatesRequest')
},

response: {
schema: Joi.object({
account: accountIdSchema.required(),
total: Joi.number().example(120).description('How many matching entries').label('TotalNumber'),
page: Joi.number().example(0).description('Current page (0-based index)').label('PageNumber'),
pages: Joi.number().example(24).description('Total page count').label('PagesNumber'),
total: Joi.number().integer().example(120).description('How many matching entries').label('TotalNumber'),
page: Joi.number().integer().example(0).description('Current page (0-based index)').label('PageNumber'),
pages: Joi.number().integer().example(24).description('Total page count').label('PagesNumber'),

templates: Joi.array()
.items(
Expand Down
43 changes: 26 additions & 17 deletions lib/routes-ui.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,7 @@ const configWebhooksSchema = {
notifyHeaders: Joi.string().empty('').trim(),
notifyText: Joi.boolean().truthy('Y', 'true', '1', 'on').falsy('N', 'false', 0, '').default(false),
notifyWebSafeHtml: Joi.boolean().truthy('Y', 'true', '1', 'on').falsy('N', 'false', 0, '').default(false),
notifyTextSize: Joi.number().empty(''),
notifyTextSize: Joi.number().integer().empty(''),
notifyCalendarEvents: Joi.boolean().truthy('Y', 'true', '1', 'on').falsy('N', 'false', 0, '').default(false),
inboxNewOnly: Joi.boolean().truthy('Y', 'true', '1', 'on').falsy('N', 'false', 0, '').default(false),

Expand Down Expand Up @@ -266,7 +266,7 @@ const configDocumentStoreSchema = {

const configLoggingSchema = {
all: Joi.boolean().truthy('Y', 'true', '1', 'on').falsy('N', 'false', 0, '').default(false).description('Enable logs for all accounts'),
maxLogLines: Joi.number().empty('').min(0).max(10000000).default(DEFAULT_MAX_LOG_LINES)
maxLogLines: Joi.number().integer().empty('').min(0).max(10000000).default(DEFAULT_MAX_LOG_LINES)
};

const OKTA_OAUTH2_ISSUER = readEnvValue('OKTA_OAUTH2_ISSUER');
Expand Down Expand Up @@ -2214,8 +2214,8 @@ return true;`
},

query: Joi.object({
page: Joi.number().min(1).max(1000000).default(1),
pageSize: Joi.number().min(1).max(250).default(DEFAULT_PAGE_SIZE)
page: Joi.number().integer().min(1).max(1000000).default(1),
pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
})
}
}
Expand Down Expand Up @@ -2787,8 +2787,8 @@ return true;`
},

query: Joi.object({
page: Joi.number().min(1).max(1000000).default(1),
pageSize: Joi.number().min(1).max(250).default(DEFAULT_PAGE_SIZE)
page: Joi.number().integer().min(1).max(1000000).default(1),
pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
})
}
}
Expand Down Expand Up @@ -3487,8 +3487,8 @@ return payload;`)

query: Joi.object({
account: accountIdSchema.default(null),
page: Joi.number().min(1).max(1000000).default(1),
pageSize: Joi.number().min(1).max(250).default(DEFAULT_PAGE_SIZE)
page: Joi.number().integer().min(1).max(1000000).default(1),
pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
})
}
}
Expand Down Expand Up @@ -4222,8 +4222,8 @@ return payload;`)
},

query: Joi.object({
page: Joi.number().min(1).max(1000000).default(1),
pageSize: Joi.number().min(1).max(250).default(DEFAULT_PAGE_SIZE)
page: Joi.number().integer().min(1).max(1000000).default(1),
pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
})
}
}
Expand Down Expand Up @@ -4437,6 +4437,7 @@ return payload;`)

host: Joi.string().hostname().example('smtp.gmail.com').description('Hostname to connect to').label('Hostname').required(),
port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.example(465)
Expand Down Expand Up @@ -4563,6 +4564,7 @@ return payload;`)

host: Joi.string().hostname().example('smtp.gmail.com').description('Hostname to connect to').label('Hostname').required(),
port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.example(465)
Expand Down Expand Up @@ -4661,6 +4663,7 @@ return payload;`)
pass: Joi.string().empty('').max(1024).label('Password'),
host: Joi.string().hostname().example('smtp.gmail.com').description('Hostname to connect to').label('Hostname'),
port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.example(465)
Expand Down Expand Up @@ -4813,8 +4816,8 @@ return payload;`)

query: Joi.object({
account: accountIdSchema.default(null),
page: Joi.number().min(1).max(1000000).default(1),
pageSize: Joi.number().min(1).max(250).default(DEFAULT_PAGE_SIZE)
page: Joi.number().integer().min(1).max(1000000).default(1),
pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE)
})
}
}
Expand Down Expand Up @@ -6154,8 +6157,8 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
},

query: Joi.object({
page: Joi.number().min(1).max(1000000).default(1),
pageSize: Joi.number().min(1).max(250).default(DEFAULT_PAGE_SIZE),
page: Joi.number().integer().min(1).max(1000000).default(1),
pageSize: Joi.number().integer().min(1).max(250).default(DEFAULT_PAGE_SIZE),
query: Joi.string().example('user@example').description('Filter accounts by name/email match').label('AccountQuery'),
state: Joi.string()
.trim()
Expand Down Expand Up @@ -6598,6 +6601,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
imap_auth_pass: Joi.string().empty('').max(1024).required(),
imap_host: Joi.string().hostname().required().example('imap.gmail.com').description('Hostname to connect to'),
imap_port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.required()
Expand All @@ -6620,6 +6624,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
smtp_auth_pass: Joi.string().empty('').max(1024).required(),
smtp_host: Joi.string().hostname().required().example('smtp.gmail.com').description('Hostname to connect to'),
smtp_port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.required()
Expand Down Expand Up @@ -6762,6 +6767,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
imap_auth_pass: Joi.string().empty('').max(1024).required(),
imap_host: Joi.string().hostname().required().example('imap.gmail.com').description('Hostname to connect to'),
imap_port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.required()
Expand All @@ -6785,6 +6791,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
smtp_auth_pass: Joi.string().empty('').max(1024).required(),
smtp_host: Joi.string().hostname().required().example('smtp.gmail.com').description('Hostname to connect to'),
smtp_port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.required()
Expand Down Expand Up @@ -7417,6 +7424,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
imap_auth_pass: Joi.string().empty('').max(1024),
imap_host: Joi.string().hostname().example('imap.gmail.com').description('Hostname to connect to'),
imap_port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.example(993)
Expand All @@ -7434,7 +7442,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
.example(true)
.description('Disable IMAP if you are using this email account to only send emails.'),

imap_resyncDelay: Joi.number().empty(''),
imap_resyncDelay: Joi.number().integer().empty(''),

imap_sentMailPath: Joi.string()
.empty('')
Expand All @@ -7461,6 +7469,7 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
smtp_auth_pass: Joi.string().empty('').max(1024),
smtp_host: Joi.string().hostname().example('smtp.gmail.com').description('Hostname to connect to'),
smtp_port: Joi.number()
.integer()
.min(1)
.max(64 * 1024)
.example(465)
Expand Down Expand Up @@ -9360,7 +9369,7 @@ ${now}`,
},

payload: Joi.object({
thread: Joi.number().min(1).max(1000000).required().example(1).description('Thread ID')
thread: Joi.number().integer().min(1).max(1000000).required().example(1).description('Thread ID')
})
}
}
Expand Down Expand Up @@ -9412,7 +9421,7 @@ ${now}`,
},

payload: Joi.object({
thread: Joi.number().empty('').min(0).max(1000000).required().example(1).description('Thread ID')
thread: Joi.number().integer().empty('').min(0).max(1000000).required().example(1).description('Thread ID')
})
}
}
Expand Down
Loading

0 comments on commit 84298c8

Please sign in to comment.