[icn/sdwan.git] /

// SPDX-License-Identifier: Apache-2.0\r
// Copyright (c) 2020 Intel Corporation\r
\r
package validation\r
\r
import (\r
        "archive/tar"\r
        "compress/gzip"\r
        "encoding/json"\r
        "fmt"\r
        "io"\r
        "io/ioutil"\r
        "net"\r
        "net/http"\r
        "os"\r
        "regexp"\r
        "strconv"\r
        "strings"\r
\r
        log "github.com/open-ness/EMCO/src/orchestrator/pkg/infra/logutils"\r
        pkgerrors "github.com/pkg/errors"\r
        "github.com/xeipuuv/gojsonschema"\r
        "k8s.io/apimachinery/pkg/util/validation"\r
)\r
\r
func IsTarGz(r io.Reader) error {\r
        //Check if it is a valid gz\r
        gzf, err := gzip.NewReader(r)\r
        if err != nil {\r
                return pkgerrors.Wrap(err, "Invalid gzip format")\r
        }\r
\r
        //Check if it is a valid tar file\r
        //Unfortunately this can only be done by inspecting all the tar contents\r
        tarR := tar.NewReader(gzf)\r
        first := true\r
\r
        for true {\r
                header, err := tarR.Next()\r
\r
                if err == io.EOF {\r
                        //Check if we have just a gzip file without a tar archive inside\r
                        if first {\r
                                return pkgerrors.New("Empty or non-existant Tar file found")\r
                        }\r
                        //End of archive\r
                        break\r
                }\r
\r
                if err != nil {\r
                        return pkgerrors.Errorf("Error reading tar file %s", err.Error())\r
                }\r
\r
                //Check if files are of type directory and regular file\r
                if header.Typeflag != tar.TypeDir &&\r
                        header.Typeflag != tar.TypeReg {\r
                        return pkgerrors.Errorf("Unknown header in tar %s, %s",\r
                                header.Name, string(header.Typeflag))\r
                }\r
\r
                first = false\r
        }\r
\r
        return nil\r
}\r
\r
func IsIpv4Cidr(cidr string) error {\r
        ip, _, err := net.ParseCIDR(cidr)\r
        if err != nil || ip.To4() == nil {\r
                return pkgerrors.Wrapf(err, "could not parse ipv4 cidr %v", cidr)\r
        }\r
        return nil\r
}\r
\r
func IsIp(ip string) error {\r
        addr := net.ParseIP(ip)\r
        if addr == nil {\r
                return pkgerrors.Errorf("invalid ip address %v", ip)\r
        }\r
        return nil\r
}\r
\r
func IsIpv4(ip string) error {\r
        addr := net.ParseIP(ip)\r
        if addr == nil || addr.To4() == nil {\r
                return pkgerrors.Errorf("invalid ipv4 address %v", ip)\r
        }\r
        return nil\r
}\r
\r
func IsMac(mac string) error {\r
        _, err := net.ParseMAC(mac)\r
        if err != nil {\r
                return pkgerrors.Errorf("invalid MAC address %v", mac)\r
        }\r
        return nil\r
}\r
\r
// default name check - matches valid label value with addtion that length > 0\r
func IsValidName(name string) []string {\r
        var errs []string\r
\r
        errs = validation.IsValidLabelValue(name)\r
        if len(name) == 0 {\r
                errs = append(errs, "name must have non-zero length")\r
        }\r
        return errs\r
}\r
\r
const VALID_NAME_STR string = "NAME"\r
\r
var validNameRegEx = regexp.MustCompile("^([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]$")\r
\r
const VALID_ALPHA_STR string = "ALPHA"\r
\r
var validAlphaStrRegEx = regexp.MustCompile("^[A-Za-z]*$")\r
\r
const VALID_ALPHANUM_STR string = "ALPHANUM"\r
\r
var validAlphaNumStrRegEx = regexp.MustCompile("^[A-Za-z0-9]*$")\r
\r
// doesn't verify valid base64 length - just checks for proper base64 characters\r
const VALID_BASE64_STR string = "BASE64"\r
\r
var validBase64StrRegEx = regexp.MustCompile("^[A-Za-z0-9+/]+={0,2}$")\r
\r
const VALID_ANY_STR string = "ANY"\r
\r
var validAnyStrRegEx = regexp.MustCompile("(?s)^.*$")\r
\r
// string check - validates for conformance to provided lengths and specified content\r
// min and max - the string\r
// if format string provided - check against matching predefined\r
func IsValidString(str string, min, max int, format string) []string {\r
        var errs []string\r
\r
        if min > max {\r
                errs = append(errs, "Invalid string length constraints - min is greater than max")\r
                return errs\r
        }\r
\r
        if len(str) < min {\r
                errs = append(errs, "string length is less than the minimum constraint")\r
                return errs\r
        }\r
        if len(str) > max {\r
                errs = append(errs, "string length is greater than the maximum constraint")\r
                return errs\r
        }\r
\r
        switch format {\r
        case VALID_ALPHA_STR:\r
                if !validAlphaStrRegEx.MatchString(str) {\r
                        errs = append(errs, "string does not match the alpha only constraint")\r
                }\r
        case VALID_ALPHANUM_STR:\r
                if !validAlphaNumStrRegEx.MatchString(str) {\r
                        errs = append(errs, "string does not match the alphanumeric only constraint")\r
                }\r
        case VALID_NAME_STR:\r
                if !validNameRegEx.MatchString(str) {\r
                        errs = append(errs, "string does not match the valid k8s name constraint")\r
                }\r
        case VALID_BASE64_STR:\r
                if !validBase64StrRegEx.MatchString(str) {\r
                        errs = append(errs, "string does not match the valid base64 characters constraint")\r
                }\r
                if len(str)%4 != 0 {\r
                        errs = append(errs, "base64 string length should be a multiple of 4")\r
                }\r
        case VALID_ANY_STR:\r
                if !validAnyStrRegEx.MatchString(str) {\r
                        errs = append(errs, "string does not match the any characters constraint")\r
                }\r
        default:\r
                // invalid string format supplied\r
                errs = append(errs, "an invalid string constraint was supplied")\r
        }\r
\r
        return errs\r
}\r
\r
// validate that label conforms to kubernetes label conventions\r
//  general label format expected is:\r
//  "<labelprefix>/<labelname>=<Labelvalue>"\r
//  where labelprefix matches DNS1123Subdomain format\r
//        labelname matches DNS1123Label format\r
//\r
// Input labels are allowed to  match following formats:\r
//  "<DNS1123Subdomain>/<DNS1123Label>=<Labelvalue>"\r
//  "<DNS1123Label>=<LabelValue>"\r
//  "<LabelValue>"\r
func IsValidLabel(label string) []string {\r
        var labelerrs []string\r
\r
        expectLabelName := false\r
        expectLabelPrefix := false\r
\r
        // split label up into prefix, name and value\r
        // format:  prefix/name=value\r
        var labelprefix, labelname, labelvalue string\r
\r
        kv := strings.SplitN(label, "=", 2)\r
        if len(kv) == 1 {\r
                labelprefix = ""\r
                labelname = ""\r
                labelvalue = kv[0]\r
        } else {\r
                pn := strings.SplitN(kv[0], "/", 2)\r
                if len(pn) == 1 {\r
                        labelprefix = ""\r
                        labelname = pn[0]\r
                } else {\r
                        labelprefix = pn[0]\r
                        labelname = pn[1]\r
                        expectLabelPrefix = true\r
                }\r
                labelvalue = kv[1]\r
                // if "=" was in the label input, then expect a non-zero length name\r
                expectLabelName = true\r
        }\r
\r
        // check label prefix validity - prefix is optional\r
        if len(labelprefix) > 0 {\r
                errs := validation.IsDNS1123Subdomain(labelprefix)\r
                if len(errs) > 0 {\r
                        labelerrs = append(labelerrs, "Invalid label prefix - label=["+label+"%], labelprefix=["+labelprefix+"], errors: ")\r
                        for _, err := range errs {\r
                                labelerrs = append(labelerrs, err)\r
                        }\r
                }\r
        } else if expectLabelPrefix {\r
                labelerrs = append(labelerrs, "Invalid label prefix - label=["+label+"%], labelprefix=["+labelprefix+"]")\r
        }\r
        if expectLabelName {\r
                errs := validation.IsDNS1123Label(labelname)\r
                if len(errs) > 0 {\r
                        labelerrs = append(labelerrs, "Invalid label name - label=["+label+"%], labelname=["+labelname+"], errors: ")\r
                        for _, err := range errs {\r
                                labelerrs = append(labelerrs, err)\r
                        }\r
                }\r
        }\r
        if len(labelvalue) > 0 {\r
                errs := validation.IsValidLabelValue(labelvalue)\r
                if len(errs) > 0 {\r
                        labelerrs = append(labelerrs, "Invalid label value - label=["+label+"%], labelvalue=["+labelvalue+"], errors: ")\r
                        for _, err := range errs {\r
                                labelerrs = append(labelerrs, err)\r
                        }\r
                }\r
        } else {\r
                // expect a non-zero value\r
                labelerrs = append(labelerrs, "Invalid label value - label=["+label+"%], labelvalue=["+labelvalue+"]")\r
        }\r
\r
        return labelerrs\r
}\r
\r
func IsValidNumber(value, min, max int) []string {\r
        var errs []string\r
\r
        if min > max {\r
                errs = append(errs, "invalid constraints")\r
                return errs\r
        }\r
\r
        if value < min {\r
                errs = append(errs, "value less than minimum")\r
        }\r
        if value > max {\r
                errs = append(errs, "value greater than maximum")\r
        }\r
        return errs\r
}\r
\r
func IsValidNumberStr(value string, min, max int) []string {\r
        var errs []string\r
\r
        if min > max {\r
                errs = append(errs, "invalid constraints")\r
                return errs\r
        }\r
\r
        n, err := strconv.Atoi(value)\r
        if err != nil {\r
                errs = append(errs, err.Error())\r
                return errs\r
        }\r
        if n < min {\r
                errs = append(errs, "value less than minimum")\r
        }\r
        if n > max {\r
                errs = append(errs, "value greater than maximum")\r
        }\r
        return errs\r
}\r
\r
/*\r
IsValidParameterPresent method takes in a vars map and a array of string parameters\r
that you expect to be present in the GET request.\r
Returns Nil if all the parameters are present or else shall return error message.\r
*/\r
func IsValidParameterPresent(vars map[string]string, sp []string) error {\r
\r
        for i := range sp {\r
                v := vars[sp[i]]\r
                if v == "" {\r
                        errMessage := fmt.Sprintf("Missing %v in GET request", sp[i])\r
                        return fmt.Errorf(errMessage)\r
                }\r
\r
        }\r
        return nil\r
\r
}\r
\r
// ValidateJsonSchemaData function validates the document against the Json Schema\r
func ValidateJsonSchemaData(jsonSchemaFile string, jsonData interface{}) (error, int) {\r
\r
        // Read the Json Schema File\r
        if _, err := os.Stat(jsonSchemaFile); err != nil {\r
                if os.IsNotExist(err) {\r
                        err = pkgerrors.New("JsonSchemaValidation: File " + jsonSchemaFile + " not found")\r
                } else {\r
                        err = pkgerrors.Wrap(err, "JsonSchemaValidation: Stat file error")\r
                }\r
                return err, http.StatusInternalServerError\r
        }\r
        rawBytes, err := ioutil.ReadFile(jsonSchemaFile)\r
        if err != nil {\r
                return pkgerrors.Wrap(err, "JsonSchemaValidation: Read JSON file error"), http.StatusInternalServerError\r
        }\r
\r
        // Json encode the data\r
        req, err := json.Marshal(jsonData)\r
        if err != nil {\r
                return pkgerrors.Wrap(err, "JsonSchemaValidation, Request Body error"), http.StatusBadRequest\r
        }\r
\r
        // Load schema and document\r
        schemaLoader := gojsonschema.NewStringLoader(string(rawBytes))\r
        s, err := gojsonschema.NewSchema(schemaLoader)\r
        if err != nil {\r
                return pkgerrors.Wrap(err, "JsonSchemaValidation: Validation error"), http.StatusInternalServerError\r
        }\r
        documentLoader := gojsonschema.NewStringLoader(string(req))\r
        result, err := s.Validate(documentLoader)\r
        if err != nil {\r
                return pkgerrors.Wrap(err, "JsonSchemaValidation: Validation error"), http.StatusInternalServerError\r
        }\r
        // Validate document against Json Schema\r
        if !result.Valid() {\r
                for _, desc := range result.Errors() {\r
                        log.Error("The document is not valid", log.Fields{\r
                                "Error": desc.Description(),\r
                        })\r
                }\r
                return pkgerrors.New("JsonSchemaValidation: Document Validation failed"), http.StatusBadRequest\r
        }\r
\r
        return nil, 0\r
}\r