Shiloh/lasthourcloud
Shiloh/lasthourcloud
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

fix: database input validators

Browse Source
This commit is contained in:
Andras Bacsai 2024-07-09 15:23:53 +02:00
parent db9faed184
commit d05e23264b
1 changed files with 201 additions and 156 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

357
app/Http/Controllers/Api/DatabasesController.php
View File

@ -260,46 +260,12 @@ public function update_by_uuid(Request $request)
'limits_cpus' => 'string', 'limits_cpus' => 'string',
'limits_cpuset' => 'string|nullable', 'limits_cpuset' => 'string|nullable',
'limits_cpu_shares' => 'numeric', 'limits_cpu_shares' => 'numeric',
'postgres_user' => 'string',
'postgres_password' => 'string',
'postgres_db' => 'string',
'postgres_initdb_args' => 'string',
'postgres_host_auth_method' => 'string',
'postgres_conf' => 'string',
'clickhouse_admin_user' => 'string',
'clickhouse_admin_password' => 'string',
'dragonfly_password' => 'string',
'redis_password' => 'string',
'redis_conf' => 'string',
'keydb_password' => 'string',
'keydb_conf' => 'string',
'mariadb_conf' => 'string',
'mariadb_root_password' => 'string',
'mariadb_user' => 'string',
'mariadb_password' => 'string',
'mariadb_database' => 'string',
'mongo_conf' => 'string',
'mongo_initdb_root_username' => 'string',
'mongo_initdb_root_password' => 'string',
'mongo_initdb_init_database' => 'string',
'mysql_root_password' => 'string',
'mysql_user' => 'string',
'mysql_database' => 'string',
'mysql_conf' => 'string',
]); ]);
$extraFields = array_diff(array_keys($request->all()), $allowedFields); if ($validator->fails()) {
if ($validator->fails() || ! empty($extraFields)) {
$errors = $validator->errors();
if (! empty($extraFields)) {
foreach ($extraFields as $field) {
$errors->add($field, 'This field is not allowed.');
}
}
return response()->json([ return response()->json([
'message' => 'Validation failed.', 'message' => 'Validation failed.',
'errors' => $errors, 'errors' => $validator->errors(),
], 422); ], 422);
} }
$uuid = $request->uuid; $uuid = $request->uuid;
@ -313,130 +279,209 @@ public function update_by_uuid(Request $request)
return response()->json(['message' => 'Public port already used by another database.'], 400); return response()->json(['message' => 'Public port already used by another database.'], 400);
} }
} }
switch ($database->type()) {
case 'standalone-postgresql':
$allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'postgres_user', 'postgres_password', 'postgres_db', 'postgres_initdb_args', 'postgres_host_auth_method', 'postgres_conf'];
$validator = customApiValidator($request->all(), [
'postgres_user' => 'string',
'postgres_password' => 'string',
'postgres_db' => 'string',
'postgres_initdb_args' => 'string',
'postgres_host_auth_method' => 'string',
'postgres_conf' => 'string',
]);
if ($request->has('postgres_conf')) {
if (! isBase64Encoded($request->postgres_conf)) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'postgres_conf' => 'The postgres_conf should be base64 encoded.',
],
], 422);
}
$postgresConf = base64_decode($request->postgres_conf);
if (mb_detect_encoding($postgresConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'postgres_conf' => 'The postgres_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('postgres_conf', $postgresConf);
}
break;
case 'standalone-clickhouse':
$allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'clickhouse_admin_user', 'clickhouse_admin_password'];
$validator = customApiValidator($request->all(), [
'clickhouse_admin_user' => 'string',
'clickhouse_admin_password' => 'string',
]);
break;
case 'standalone-dragonfly':
$allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'dragonfly_password'];
$validator = customApiValidator($request->all(), [
'dragonfly_password' => 'string',
]);
break;
case 'standalone-redis':
$allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'redis_password', 'redis_conf'];
$validator = customApiValidator($request->all(), [
'redis_password' => 'string',
'redis_conf' => 'string',
]);
if ($request->has('redis_conf')) {
if (! isBase64Encoded($request->redis_conf)) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'redis_conf' => 'The redis_conf should be base64 encoded.',
],
], 422);
}
$redisConf = base64_decode($request->redis_conf);
if (mb_detect_encoding($redisConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'redis_conf' => 'The redis_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('redis_conf', $redisConf);
}
break;
case 'standalone-keydb':
$allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'keydb_password', 'keydb_conf'];
$validator = customApiValidator($request->all(), [
'keydb_password' => 'string',
'keydb_conf' => 'string',
]);
if ($request->has('keydb_conf')) {
if (! isBase64Encoded($request->keydb_conf)) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'keydb_conf' => 'The keydb_conf should be base64 encoded.',
],
], 422);
}
$keydbConf = base64_decode($request->keydb_conf);
if (mb_detect_encoding($keydbConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'keydb_conf' => 'The keydb_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('keydb_conf', $keydbConf);
}
break;
case 'standalone-mariadb':
$allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mariadb_conf', 'mariadb_root_password', 'mariadb_user', 'mariadb_password', 'mariadb_database'];
$validator = customApiValidator($request->all(), [
'mariadb_conf' => 'string',
'mariadb_root_password' => 'string',
'mariadb_user' => 'string',
'mariadb_password' => 'string',
'mariadb_database' => 'string',
]);
if ($request->has('mariadb_conf')) {
if (! isBase64Encoded($request->mariadb_conf)) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'mariadb_conf' => 'The mariadb_conf should be base64 encoded.',
],
], 422);
}
$mariadbConf = base64_decode($request->mariadb_conf);
if (mb_detect_encoding($mariadbConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'mariadb_conf' => 'The mariadb_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('mariadb_conf', $mariadbConf);
}
break;
case 'standalone-mongodb':
$allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mongo_conf', 'mongo_initdb_root_username', 'mongo_initdb_root_password', 'mongo_initdb_init_database'];
$validator = customApiValidator($request->all(), [
'mongo_conf' => 'string',
'mongo_initdb_root_username' => 'string',
'mongo_initdb_root_password' => 'string',
'mongo_initdb_init_database' => 'string',
]);
if ($request->has('mongo_conf')) {
if (! isBase64Encoded($request->mongo_conf)) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'mongo_conf' => 'The mongo_conf should be base64 encoded.',
],
], 422);
}
$mongoConf = base64_decode($request->mongo_conf);
if (mb_detect_encoding($mongoConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'mongo_conf' => 'The mongo_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('mongo_conf', $mongoConf);
}
if ($request->has('keydb_conf')) { break;
if (! isBase64Encoded($request->keydb_conf)) { case 'standalone-mysql':
return response()->json([ $allowedFields = ['name', 'description', 'image', 'public_port', 'is_public', 'instant_deploy', 'limits_memory', 'limits_memory_swap', 'limits_memory_swappiness', 'limits_memory_reservation', 'limits_cpus', 'limits_cpuset', 'limits_cpu_shares', 'mysql_root_password', 'mysql_user', 'mysql_database', 'mysql_conf'];
'message' => 'Validation failed.', $validator = customApiValidator($request->all(), [
'errors' => [ 'mysql_root_password' => 'string',
'keydb_conf' => 'The keydb_conf should be base64 encoded.', 'mysql_user' => 'string',
], 'mysql_database' => 'string',
], 422); 'mysql_conf' => 'string',
} ]);
$keydbConf = base64_decode($request->keydb_conf); if ($request->has('mysql_conf')) {
if (mb_detect_encoding($keydbConf, 'ASCII', true) === false) { if (! isBase64Encoded($request->mysql_conf)) {
return response()->json([ return response()->json([
'message' => 'Validation failed.', 'message' => 'Validation failed.',
'errors' => [ 'errors' => [
'keydb_conf' => 'The keydb_conf should be base64 encoded.', 'mysql_conf' => 'The mysql_conf should be base64 encoded.',
], ],
], 422); ], 422);
} }
$request->offsetSet('keydb_conf', $keydbConf); $mysqlConf = base64_decode($request->mysql_conf);
} if (mb_detect_encoding($mysqlConf, 'ASCII', true) === false) {
if ($request->has('mongo_conf')) { return response()->json([
if (! isBase64Encoded($request->mongo_conf)) { 'message' => 'Validation failed.',
return response()->json([ 'errors' => [
'message' => 'Validation failed.', 'mysql_conf' => 'The mysql_conf should be base64 encoded.',
'errors' => [ ],
'mongo_conf' => 'The mongo_conf should be base64 encoded.', ], 422);
], }
], 422); $request->offsetSet('mysql_conf', $mysqlConf);
} }
$mongoConf = base64_decode($request->mongo_conf); break;
if (mb_detect_encoding($mongoConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'mongo_conf' => 'The mongo_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('mongo_conf', $mongoConf);
}
if ($request->has('redis_conf')) {
if (! isBase64Encoded($request->redis_conf)) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'redis_conf' => 'The redis_conf should be base64 encoded.',
],
], 422);
}
$redisConf = base64_decode($request->redis_conf);
if (mb_detect_encoding($redisConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'redis_conf' => 'The redis_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('redis_conf', $redisConf);
} }
$extraFields = array_diff(array_keys($request->all()), $allowedFields);
if ($validator->fails() || ! empty($extraFields)) {
$errors = $validator->errors();
if (! empty($extraFields)) {
foreach ($extraFields as $field) {
$errors->add($field, 'This field is not allowed.');
}
}
if ($request->has('mysql_conf')) { return response()->json([
if (! isBase64Encoded($request->mysql_conf)) { 'message' => 'Validation failed.',
return response()->json([ 'errors' => $errors,
'message' => 'Validation failed.', ], 422);
'errors' => [
'mysql_conf' => 'The mysql_conf should be base64 encoded.',
],
], 422);
}
$mysqlConf = base64_decode($request->mysql_conf);
if (mb_detect_encoding($mysqlConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'mysql_conf' => 'The mysql_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('mysql_conf', $mysqlConf);
}
if ($request->has('mariadb_conf')) {
if (! isBase64Encoded($request->mariadb_conf)) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'mariadb_conf' => 'The mariadb_conf should be base64 encoded.',
],
], 422);
}
$mariadbConf = base64_decode($request->mariadb_conf);
if (mb_detect_encoding($mariadbConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'mariadb_conf' => 'The mariadb_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('mariadb_conf', $mariadbConf);
}
if ($request->has('postgres_conf')) {
if (! isBase64Encoded($request->postgres_conf)) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'postgres_conf' => 'The postgres_conf should be base64 encoded.',
],
], 422);
}
$postgresConf = base64_decode($request->postgres_conf);
if (mb_detect_encoding($postgresConf, 'ASCII', true) === false) {
return response()->json([
'message' => 'Validation failed.',
'errors' => [
'postgres_conf' => 'The postgres_conf should be base64 encoded.',
],
], 422);
}
$request->offsetSet('postgres_conf', $postgresConf);
} }
$whatToDoWithDatabaseProxy = null; $whatToDoWithDatabaseProxy = null;
if ($request->is_public === false && $database->is_public === true) { if ($request->is_public === false && $database->is_public === true) {