-
-
Notifications
You must be signed in to change notification settings - Fork 55
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: validate username and db_name format #366
base: main
Are you sure you want to change the base?
Conversation
cc @hauleth |
lib/supavisor/client_handler.ex
Outdated
|
||
if String.contains?(user, not_allowed) or String.contains?(db_name, not_allowed) do | ||
reason = "Invalid characters in user or db_name" | ||
if !String.match?(user, rule) or !String.match?(db_name, rule) do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I prefer using not
over !
. Also I think that =~
would be cleaner there.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also I think that =~ would be cleaner there.
good call!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I prefer using not over !
is it just because of readability or is there some other benefit?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2 things:
- I find it more readable
!
works on any type,not
works only on booleans
Technically not
could be faster (though I doubt that it would be noticeable) and it also will warn you faster if there will be something off.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
! should be faster
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Name ips average deviation median 99th %
! 81.42 M 12.28 ns ±1101.51% 12.08 ns 13.75 ns
not 78.34 M 12.77 ns ±1097.19% 12.50 ns 14.58 ns
Comparison:
! 81.42 M
not 78.34 M - 1.04x slower +0.48 ns
Benchee.run(%{
"!" => fn ->
!true
end,
"not" => fn ->
not true
end
})
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So unnoticeable difference. Also I do not see how !
can be faster, and there I think it could be optimised away by the compiler anyway.
lib/supavisor/client_handler.ex
Outdated
|
||
if String.contains?(user, not_allowed) or String.contains?(db_name, not_allowed) do | ||
reason = "Invalid characters in user or db_name" | ||
if !(user =~ rule && db_name =~ rule) do do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I preferred it in older form
if !(user =~ rule && db_name =~ rule) do do | |
if not user =~ rule or not db_name =~ rule do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Alternatively we can swap bodies of if
and use positive predicate there.
lib/supavisor/client_handler.ex
Outdated
|
||
if String.contains?(user, not_allowed) or String.contains?(db_name, not_allowed) do | ||
reason = "Invalid characters in user or db_name" | ||
if !(user =~ rule && db_name =~ rule) do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I preferred older form of:
if !(user =~ rule && db_name =~ rule) do | |
if not user =~ rule or not db_name =~ rule do |
Though I would probably swap bodies of the if
and use positive predicate there, so it would be:
if user =~ rule and db_name =~ rule do
# old `else` block content
else
# old `if` block content
end
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
100%, just need to swap cases 😄
No description provided.