From fba09ef51260f5c7f7edc20c28de4a8ede111ea9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gustavo=20Gir=C3=A1ldez?= Date: Tue, 30 Apr 2024 17:55:41 -0400 Subject: [PATCH] fix: Sanitize tags for filtering providers in projects (#730) Fixes #728 Delete all non-alpha characters and replace whitespace with `-` in provider filtering tags when configuring a project and also when querying the providers for building the scenarios. --- client/src/planwise/client/projects2/handlers.cljs | 12 ++++++++---- common/src/planwise/common.cljc | 9 ++++++++- src/planwise/component/providers_set.clj | 9 +++++++-- test/planwise/component/providers_set_test.clj | 12 ++++++++++-- 4 files changed, 33 insertions(+), 9 deletions(-) diff --git a/client/src/planwise/client/projects2/handlers.cljs b/client/src/planwise/client/projects2/handlers.cljs index 1a1574643..f8aaea5f0 100644 --- a/client/src/planwise/client/projects2/handlers.cljs +++ b/client/src/planwise/client/projects2/handlers.cljs @@ -6,6 +6,8 @@ [planwise.client.effects :as effects] [planwise.client.projects2.db :as db] [planwise.client.utils :as utils] + [planwise.common :as common] + [clojure.string :as string] [clojure.spec.alpha :as s])) @@ -270,10 +272,12 @@ :projects2/save-tag in-projects2 (fn [{:keys [db]} [_ tag]] - (let [path [:current-project :config :providers :tags] - n (count (get-in db path))] - {:db (update-in db path (comp vec conj) tag) - :dispatch [:projects2/persist-current-project]}))) + (let [tag (common/sanitize-tag tag) + path [:current-project :config :providers :tags] + n (count (get-in db path))] + (when-not (string/blank? tag) + {:db (update-in db path (comp vec conj) tag) + :dispatch [:projects2/persist-current-project]})))) (rf/reg-event-fx :projects2/delete-tag diff --git a/common/src/planwise/common.cljc b/common/src/planwise/common.cljc index 338462151..b963cda79 100644 --- a/common/src/planwise/common.cljc +++ b/common/src/planwise/common.cljc @@ -1,5 +1,5 @@ (ns planwise.common - (:require [clojure.string :refer [lower-case]])) + (:require [clojure.string :as string :refer [lower-case]])) (defn is-budget [analysis-type] @@ -47,3 +47,10 @@ (get-capacity-unit project true)) ([project lowercase?] (get-project-unit project [:config :providers :capacity-unit] "units" lowercase?))) + +(defn sanitize-tag + [tag] + (-> tag + string/trim + (string/replace #"\s+" "-") + (string/replace #"[^a-zA-Z0-9.-]" ""))) diff --git a/src/planwise/component/providers_set.clj b/src/planwise/component/providers_set.clj index cf880e300..e5b8c24a5 100644 --- a/src/planwise/component/providers_set.clj +++ b/src/planwise/component/providers_set.clj @@ -10,6 +10,7 @@ [clojure.edn :as edn] [planwise.util.files :as files] [planwise.util.collections :refer [csv-data->maps]] + [planwise.common :as common] [clojure.string :as str] [clojure.set :as set])) @@ -104,8 +105,10 @@ :version version :region-id (:region-id filter-options)} all-providers (db-find-providers-in-region db-spec config) + filter-tags (->> (:tags filter-options) + (map common/sanitize-tag)) providers-partition (group-by - #(provider-matches-tags? % (:tags filter-options)) + #(provider-matches-tags? % filter-tags) all-providers)] {:providers (or (get providers-partition true) []) :disabled-providers (or (get providers-partition false) [])})) @@ -115,7 +118,9 @@ (count-providers-filter-by-tags store provider-set-id region-id tags nil)) ([store provider-set-id region-id tags version] (let [db-spec (get-db store) - tags (str/join " & " tags) + tags (->> tags + (map common/sanitize-tag) + (str/join " & ")) count-fn (fn [tags version] (let [{:keys [last-version]} (get-provider-set store provider-set-id)] (:count (db-count-providers-with-tags db-spec {:provider-set-id provider-set-id diff --git a/test/planwise/component/providers_set_test.clj b/test/planwise/component/providers_set_test.clj index bca64cd4f..d65d151d0 100644 --- a/test/planwise/component/providers_set_test.clj +++ b/test/planwise/component/providers_set_test.clj @@ -5,6 +5,7 @@ [planwise.component.providers-set :as providers-set] [planwise.boundary.projects2 :as projects2] [planwise.test-system :as test-system] + [planwise.common :as common] [clj-time.core :as time] [integrant.core :as ig]) (:import [org.postgis PGgeometry])) @@ -159,7 +160,7 @@ (defn- validate-filter-count [store id tags number] - (is (= (:filtered (providers-set/count-providers-filter-by-tags store id 1 tags)) number))) + (is (= number (:filtered (providers-set/count-providers-filter-by-tags store id 1 tags))))) (deftest filtering-providers (test-system/with-system (test-config fixture-filtering-providers-tags) @@ -170,7 +171,14 @@ (validate-filter-count store 1 ["inexistent"] 0) (validate-filter-count store 1 ["private"] 2) (validate-filter-count store 2 ["private"] 0) - (validate-filter-count store 2 ["-"] 0)))) + (validate-filter-count store 2 ["-"] 0) + ;; sanitizes input tags + (validate-filter-count store 1 ["pri&vate"] 2)))) + +(deftest sanitize-tag + (is (= "" (common/sanitize-tag "&|"))) + (is (= "general-medicine" (common/sanitize-tag "general medicine"))) + (is (= "private" (common/sanitize-tag "pri&vate")))) ;; ---------------------------------------------------------------------- ;; Testing deleting provider-set