From 157fd8b20931e4d9b563d02629a1d466b7fe9adc Mon Sep 17 00:00:00 2001 From: Eddy Decena Date: Thu, 24 Oct 2024 16:29:54 -0400 Subject: [PATCH] fix: Add validation for data source secrets --- internal/models/datasource.go | 24 +++++++++++------------ internal/services/ds.service.impl.go | 17 +++++++++------- internal/services/ds.type.mariadb.impl.go | 12 +++++++++++- internal/services/ds.type.mysql.impl.go | 12 +++++++++++- internal/services/ds.type.psql.impl.go | 12 +++++++++++- server.go | 3 +-- 6 files changed, 56 insertions(+), 24 deletions(-) diff --git a/internal/models/datasource.go b/internal/models/datasource.go index 0249c53..c1d8f78 100644 --- a/internal/models/datasource.go +++ b/internal/models/datasource.go @@ -40,19 +40,19 @@ type UpdateRequestDataSourceBody struct { } type PostgreSQLSecret struct { - Host string `json:"hostname"` - Port int `json:"port"` - User string `json:"username"` - Database string `json:"database"` - Password string `json:"password"` - SSL bool `json:"ssl"` + Host string `json:"hostname" validate:"required,hostname"` + Port int `json:"port" validate:"required,number"` + User string `json:"username" validate:"required"` + Database string `json:"database" validate:"required"` + Password string `json:"password" validate:"required"` + SSL bool `json:"ssl" validate:"required,boolean"` } type MySQLSecret struct { - Host string `json:"hostname"` - Port int `json:"port"` - User string `json:"username"` - Database string `json:"database"` - Password string `json:"password"` - SSL bool `json:"ssl"` + Host string `json:"hostname" validate:"required,hostname"` + Port int `json:"port" validate:"required,number"` + User string `json:"username" validate:"required"` + Database string `json:"database" validate:"required"` + Password string `json:"password" validate:"required"` + SSL bool `json:"ssl" validate:"required,boolean"` } diff --git a/internal/services/ds.service.impl.go b/internal/services/ds.service.impl.go index 966a059..2ff0105 100644 --- a/internal/services/ds.service.impl.go +++ b/internal/services/ds.service.impl.go @@ -6,6 +6,7 @@ import ( "fmt" "reflect" + validatorv10 "github.com/go-playground/validator/v10" "github.com/poligonoio/vega-core/internal/models" "github.com/poligonoio/vega-core/pkg/logger" "github.com/poligonoio/vega-core/pkg/utils" @@ -20,15 +21,17 @@ type DataSourceServiceImpl struct { infisicalService InfisicalService engineService EngineService schemaService SchemaService + validate *validatorv10.Validate } -func NewDataSourceService(ctx context.Context, dataSourceCollection *mongo.Collection, infisicalService InfisicalService, engineService EngineService, schemaService SchemaService) DataSourceService { +func NewDataSourceService(ctx context.Context, dataSourceCollection *mongo.Collection, infisicalService InfisicalService, engineService EngineService, schemaService SchemaService, validate *validatorv10.Validate) DataSourceService { return &DataSourceServiceImpl{ ctx: ctx, dataSourceCollection: dataSourceCollection, infisicalService: infisicalService, engineService: engineService, schemaService: schemaService, + validate: validate, } } @@ -259,13 +262,13 @@ func (self *DataSourceServiceImpl) CreateCatalog(catalogName string, dataSourceT switch dataSourceType { case models.PostgreSQL: - psql := NewPostgreSQLDataSourceDatabase(self.ctx, self.engineService, self.schemaService) + psql := NewPostgreSQLDataSourceDatabase(self.ctx, self.engineService, self.schemaService, self.validate) err = psql.CreateCatalog(catalogName, dataSourceType, secret) case models.MySQL: - mysql := NewMySQLDataSourceDatabase(self.ctx, self.engineService, self.schemaService) + mysql := NewMySQLDataSourceDatabase(self.ctx, self.engineService, self.schemaService, self.validate) err = mysql.CreateCatalog(catalogName, dataSourceType, secret) case models.MariaDB: - mariadb := NewMariaDBDataSourceDatabase(self.ctx, self.engineService, self.schemaService) + mariadb := NewMariaDBDataSourceDatabase(self.ctx, self.engineService, self.schemaService, self.validate) err = mariadb.CreateCatalog(catalogName, dataSourceType, secret) default: return errors.New("Invalid Data Source Type") @@ -283,13 +286,13 @@ func (self *DataSourceServiceImpl) Sync(id primitive.ObjectID, dataSourceType mo switch dataSourceType { case models.PostgreSQL: - psql := NewPostgreSQLDataSourceDatabase(self.ctx, self.engineService, self.schemaService) + psql := NewPostgreSQLDataSourceDatabase(self.ctx, self.engineService, self.schemaService, self.validate) err = psql.Sync(id) case models.MySQL: - mysql := NewMySQLDataSourceDatabase(self.ctx, self.engineService, self.schemaService) + mysql := NewMySQLDataSourceDatabase(self.ctx, self.engineService, self.schemaService, self.validate) err = mysql.Sync(id) case models.MariaDB: - mariadb := NewMariaDBDataSourceDatabase(self.ctx, self.engineService, self.schemaService) + mariadb := NewMariaDBDataSourceDatabase(self.ctx, self.engineService, self.schemaService, self.validate) err = mariadb.Sync(id) default: return errors.New("Invalid Data Source Type") diff --git a/internal/services/ds.type.mariadb.impl.go b/internal/services/ds.type.mariadb.impl.go index fdb369f..8caaf7d 100644 --- a/internal/services/ds.type.mariadb.impl.go +++ b/internal/services/ds.type.mariadb.impl.go @@ -6,7 +6,9 @@ import ( "fmt" "strconv" + validatorv10 "github.com/go-playground/validator/v10" "github.com/poligonoio/vega-core/internal/models" + "github.com/poligonoio/vega-core/pkg/logger" "go.mongodb.org/mongo-driver/bson/primitive" ) @@ -14,13 +16,15 @@ type MariaDBDataSourceTypeImpl struct { ctx context.Context engineService EngineService schemaService SchemaService + validate *validatorv10.Validate } -func NewMariaDBDataSourceDatabase(ctx context.Context, engineService EngineService, schemaService SchemaService) DataSourceTypeInter { +func NewMariaDBDataSourceDatabase(ctx context.Context, engineService EngineService, schemaService SchemaService, validate *validatorv10.Validate) DataSourceTypeInter { return &MariaDBDataSourceTypeImpl{ ctx: ctx, engineService: engineService, schemaService: schemaService, + validate: validate, } } @@ -83,6 +87,12 @@ func (self *MariaDBDataSourceTypeImpl) CreateCatalog(catalogName string, dataSou return err } + if err := self.validate.Struct(mysql); err != nil { + validationErr := err.(validatorv10.ValidationErrors) + logger.Error.Println(fmt.Printf("One or more secret fields are invalid: %s\n", validationErr)) + return validationErr + } + var mysqlString string if mysql.SSL { diff --git a/internal/services/ds.type.mysql.impl.go b/internal/services/ds.type.mysql.impl.go index 738d51c..6bc86ce 100644 --- a/internal/services/ds.type.mysql.impl.go +++ b/internal/services/ds.type.mysql.impl.go @@ -6,7 +6,9 @@ import ( "fmt" "strconv" + validatorv10 "github.com/go-playground/validator/v10" "github.com/poligonoio/vega-core/internal/models" + "github.com/poligonoio/vega-core/pkg/logger" "go.mongodb.org/mongo-driver/bson/primitive" ) @@ -14,13 +16,15 @@ type MySQLDataSourceTypeImpl struct { ctx context.Context engineService EngineService schemaService SchemaService + validate *validatorv10.Validate } -func NewMySQLDataSourceDatabase(ctx context.Context, engineService EngineService, schemaService SchemaService) DataSourceTypeInter { +func NewMySQLDataSourceDatabase(ctx context.Context, engineService EngineService, schemaService SchemaService, validate *validatorv10.Validate) DataSourceTypeInter { return &MySQLDataSourceTypeImpl{ ctx: ctx, engineService: engineService, schemaService: schemaService, + validate: validate, } } @@ -83,6 +87,12 @@ func (self *MySQLDataSourceTypeImpl) CreateCatalog(catalogName string, dataSourc return err } + if err := self.validate.Struct(mysql); err != nil { + validationErr := err.(validatorv10.ValidationErrors) + logger.Error.Println(fmt.Printf("One or more secret fields are invalid: %s\n", validationErr)) + return validationErr + } + var mysqlString string if mysql.SSL { diff --git a/internal/services/ds.type.psql.impl.go b/internal/services/ds.type.psql.impl.go index a1ed2ee..98733b4 100644 --- a/internal/services/ds.type.psql.impl.go +++ b/internal/services/ds.type.psql.impl.go @@ -6,7 +6,9 @@ import ( "fmt" "strconv" + validatorv10 "github.com/go-playground/validator/v10" "github.com/poligonoio/vega-core/internal/models" + "github.com/poligonoio/vega-core/pkg/logger" "go.mongodb.org/mongo-driver/bson/primitive" ) @@ -14,13 +16,15 @@ type PostgresSQLDataSourceTypeImpl struct { ctx context.Context engineService EngineService schemaService SchemaService + validate *validatorv10.Validate } -func NewPostgreSQLDataSourceDatabase(ctx context.Context, engineService EngineService, schemaService SchemaService) DataSourceTypeInter { +func NewPostgreSQLDataSourceDatabase(ctx context.Context, engineService EngineService, schemaService SchemaService, validate *validatorv10.Validate) DataSourceTypeInter { return &PostgresSQLDataSourceTypeImpl{ ctx: ctx, engineService: engineService, schemaService: schemaService, + validate: validate, } } @@ -84,6 +88,12 @@ func (self *PostgresSQLDataSourceTypeImpl) CreateCatalog(catalogName string, dat return err } + if err := self.validate.Struct(psql); err != nil { + validationErr := err.(validatorv10.ValidationErrors) + logger.Error.Println(fmt.Printf("One or more secret fields are invalid: %s\n", validationErr)) + return validationErr + } + var psqlString string if psql.SSL { diff --git a/server.go b/server.go index 8449f2f..3ac0301 100644 --- a/server.go +++ b/server.go @@ -29,7 +29,6 @@ var server *http.Server var version string func init() { - // version := os.Getenv("POLIGONO_VERSION") basePathStr := "/v1alpha1" port := os.Getenv("PORT") @@ -99,7 +98,7 @@ func init() { // Initialize Data source service and controller logger.Info.Println("Initializing Data source service and controller...") dataSourceCollection := mongoClient.Database("poligono").Collection("datasources") - dataSourceService := services.NewDataSourceService(ctx, dataSourceCollection, infisicalService, trinoEngineService, schemaService) + dataSourceService := services.NewDataSourceService(ctx, dataSourceCollection, infisicalService, trinoEngineService, schemaService, validate) dataSourceController := controllers.NewDataSourceController(dataSourceService, trinoEngineService, schemaService, validate) logger.Info.Println("Data source service and controller Initialized successfully!")