You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

646 lines
18 KiB

  1. // Copyright 2015 go-swagger maintainers
  2. //
  3. // Licensed under the Apache License, Version 2.0 (the "License");
  4. // you may not use this file except in compliance with the License.
  5. // You may obtain a copy of the License at
  6. //
  7. // http://www.apache.org/licenses/LICENSE-2.0
  8. //
  9. // Unless required by applicable law or agreed to in writing, software
  10. // distributed under the License is distributed on an "AS IS" BASIS,
  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. // See the License for the specific language governing permissions and
  13. // limitations under the License.
  14. package validate
  15. import (
  16. "fmt"
  17. "reflect"
  18. "github.com/go-openapi/errors"
  19. "github.com/go-openapi/spec"
  20. "github.com/go-openapi/strfmt"
  21. )
  22. // An EntityValidator is an interface for things that can validate entities
  23. type EntityValidator interface {
  24. Validate(interface{}) *Result
  25. }
  26. type valueValidator interface {
  27. SetPath(path string)
  28. Applies(interface{}, reflect.Kind) bool
  29. Validate(interface{}) *Result
  30. }
  31. type itemsValidator struct {
  32. items *spec.Items
  33. root interface{}
  34. path string
  35. in string
  36. validators []valueValidator
  37. KnownFormats strfmt.Registry
  38. }
  39. func newItemsValidator(path, in string, items *spec.Items, root interface{}, formats strfmt.Registry) *itemsValidator {
  40. iv := &itemsValidator{path: path, in: in, items: items, root: root, KnownFormats: formats}
  41. iv.validators = []valueValidator{
  42. &typeValidator{
  43. Type: spec.StringOrArray([]string{items.Type}),
  44. Nullable: items.Nullable,
  45. Format: items.Format,
  46. In: in,
  47. Path: path,
  48. },
  49. iv.stringValidator(),
  50. iv.formatValidator(),
  51. iv.numberValidator(),
  52. iv.sliceValidator(),
  53. iv.commonValidator(),
  54. }
  55. return iv
  56. }
  57. func (i *itemsValidator) Validate(index int, data interface{}) *Result {
  58. tpe := reflect.TypeOf(data)
  59. kind := tpe.Kind()
  60. mainResult := new(Result)
  61. path := fmt.Sprintf("%s.%d", i.path, index)
  62. for _, validator := range i.validators {
  63. validator.SetPath(path)
  64. if validator.Applies(i.root, kind) {
  65. result := validator.Validate(data)
  66. mainResult.Merge(result)
  67. mainResult.Inc()
  68. if result != nil && result.HasErrors() {
  69. return mainResult
  70. }
  71. }
  72. }
  73. return mainResult
  74. }
  75. func (i *itemsValidator) commonValidator() valueValidator {
  76. return &basicCommonValidator{
  77. In: i.in,
  78. Default: i.items.Default,
  79. Enum: i.items.Enum,
  80. }
  81. }
  82. func (i *itemsValidator) sliceValidator() valueValidator {
  83. return &basicSliceValidator{
  84. In: i.in,
  85. Default: i.items.Default,
  86. MaxItems: i.items.MaxItems,
  87. MinItems: i.items.MinItems,
  88. UniqueItems: i.items.UniqueItems,
  89. Source: i.root,
  90. Items: i.items.Items,
  91. KnownFormats: i.KnownFormats,
  92. }
  93. }
  94. func (i *itemsValidator) numberValidator() valueValidator {
  95. return &numberValidator{
  96. In: i.in,
  97. Default: i.items.Default,
  98. MultipleOf: i.items.MultipleOf,
  99. Maximum: i.items.Maximum,
  100. ExclusiveMaximum: i.items.ExclusiveMaximum,
  101. Minimum: i.items.Minimum,
  102. ExclusiveMinimum: i.items.ExclusiveMinimum,
  103. Type: i.items.Type,
  104. Format: i.items.Format,
  105. }
  106. }
  107. func (i *itemsValidator) stringValidator() valueValidator {
  108. return &stringValidator{
  109. In: i.in,
  110. Default: i.items.Default,
  111. MaxLength: i.items.MaxLength,
  112. MinLength: i.items.MinLength,
  113. Pattern: i.items.Pattern,
  114. AllowEmptyValue: false,
  115. }
  116. }
  117. func (i *itemsValidator) formatValidator() valueValidator {
  118. return &formatValidator{
  119. In: i.in,
  120. //Default: i.items.Default,
  121. Format: i.items.Format,
  122. KnownFormats: i.KnownFormats,
  123. }
  124. }
  125. type basicCommonValidator struct {
  126. Path string
  127. In string
  128. Default interface{}
  129. Enum []interface{}
  130. }
  131. func (b *basicCommonValidator) SetPath(path string) {
  132. b.Path = path
  133. }
  134. func (b *basicCommonValidator) Applies(source interface{}, kind reflect.Kind) bool {
  135. switch source.(type) {
  136. case *spec.Parameter, *spec.Schema, *spec.Header:
  137. return true
  138. }
  139. return false
  140. }
  141. func (b *basicCommonValidator) Validate(data interface{}) (res *Result) {
  142. if len(b.Enum) > 0 {
  143. for _, enumValue := range b.Enum {
  144. actualType := reflect.TypeOf(enumValue)
  145. if actualType != nil { // Safeguard
  146. expectedValue := reflect.ValueOf(data)
  147. if expectedValue.IsValid() && expectedValue.Type().ConvertibleTo(actualType) {
  148. if reflect.DeepEqual(expectedValue.Convert(actualType).Interface(), enumValue) {
  149. return nil
  150. }
  151. }
  152. }
  153. }
  154. return errorHelp.sErr(errors.EnumFail(b.Path, b.In, data, b.Enum))
  155. }
  156. return nil
  157. }
  158. // A HeaderValidator has very limited subset of validations to apply
  159. type HeaderValidator struct {
  160. name string
  161. header *spec.Header
  162. validators []valueValidator
  163. KnownFormats strfmt.Registry
  164. }
  165. // NewHeaderValidator creates a new header validator object
  166. func NewHeaderValidator(name string, header *spec.Header, formats strfmt.Registry) *HeaderValidator {
  167. p := &HeaderValidator{name: name, header: header, KnownFormats: formats}
  168. p.validators = []valueValidator{
  169. &typeValidator{
  170. Type: spec.StringOrArray([]string{header.Type}),
  171. Nullable: header.Nullable,
  172. Format: header.Format,
  173. In: "header",
  174. Path: name,
  175. },
  176. p.stringValidator(),
  177. p.formatValidator(),
  178. p.numberValidator(),
  179. p.sliceValidator(),
  180. p.commonValidator(),
  181. }
  182. return p
  183. }
  184. // Validate the value of the header against its schema
  185. func (p *HeaderValidator) Validate(data interface{}) *Result {
  186. result := new(Result)
  187. tpe := reflect.TypeOf(data)
  188. kind := tpe.Kind()
  189. for _, validator := range p.validators {
  190. if validator.Applies(p.header, kind) {
  191. if err := validator.Validate(data); err != nil {
  192. result.Merge(err)
  193. if err.HasErrors() {
  194. return result
  195. }
  196. }
  197. }
  198. }
  199. return nil
  200. }
  201. func (p *HeaderValidator) commonValidator() valueValidator {
  202. return &basicCommonValidator{
  203. Path: p.name,
  204. In: "response",
  205. Default: p.header.Default,
  206. Enum: p.header.Enum,
  207. }
  208. }
  209. func (p *HeaderValidator) sliceValidator() valueValidator {
  210. return &basicSliceValidator{
  211. Path: p.name,
  212. In: "response",
  213. Default: p.header.Default,
  214. MaxItems: p.header.MaxItems,
  215. MinItems: p.header.MinItems,
  216. UniqueItems: p.header.UniqueItems,
  217. Items: p.header.Items,
  218. Source: p.header,
  219. KnownFormats: p.KnownFormats,
  220. }
  221. }
  222. func (p *HeaderValidator) numberValidator() valueValidator {
  223. return &numberValidator{
  224. Path: p.name,
  225. In: "response",
  226. Default: p.header.Default,
  227. MultipleOf: p.header.MultipleOf,
  228. Maximum: p.header.Maximum,
  229. ExclusiveMaximum: p.header.ExclusiveMaximum,
  230. Minimum: p.header.Minimum,
  231. ExclusiveMinimum: p.header.ExclusiveMinimum,
  232. Type: p.header.Type,
  233. Format: p.header.Format,
  234. }
  235. }
  236. func (p *HeaderValidator) stringValidator() valueValidator {
  237. return &stringValidator{
  238. Path: p.name,
  239. In: "response",
  240. Default: p.header.Default,
  241. Required: true,
  242. MaxLength: p.header.MaxLength,
  243. MinLength: p.header.MinLength,
  244. Pattern: p.header.Pattern,
  245. AllowEmptyValue: false,
  246. }
  247. }
  248. func (p *HeaderValidator) formatValidator() valueValidator {
  249. return &formatValidator{
  250. Path: p.name,
  251. In: "response",
  252. //Default: p.header.Default,
  253. Format: p.header.Format,
  254. KnownFormats: p.KnownFormats,
  255. }
  256. }
  257. // A ParamValidator has very limited subset of validations to apply
  258. type ParamValidator struct {
  259. param *spec.Parameter
  260. validators []valueValidator
  261. KnownFormats strfmt.Registry
  262. }
  263. // NewParamValidator creates a new param validator object
  264. func NewParamValidator(param *spec.Parameter, formats strfmt.Registry) *ParamValidator {
  265. p := &ParamValidator{param: param, KnownFormats: formats}
  266. p.validators = []valueValidator{
  267. &typeValidator{
  268. Type: spec.StringOrArray([]string{param.Type}),
  269. Nullable: param.Nullable,
  270. Format: param.Format,
  271. In: param.In,
  272. Path: param.Name,
  273. },
  274. p.stringValidator(),
  275. p.formatValidator(),
  276. p.numberValidator(),
  277. p.sliceValidator(),
  278. p.commonValidator(),
  279. }
  280. return p
  281. }
  282. // Validate the data against the description of the parameter
  283. func (p *ParamValidator) Validate(data interface{}) *Result {
  284. result := new(Result)
  285. tpe := reflect.TypeOf(data)
  286. kind := tpe.Kind()
  287. // TODO: validate type
  288. for _, validator := range p.validators {
  289. if validator.Applies(p.param, kind) {
  290. if err := validator.Validate(data); err != nil {
  291. result.Merge(err)
  292. if err.HasErrors() {
  293. return result
  294. }
  295. }
  296. }
  297. }
  298. return nil
  299. }
  300. func (p *ParamValidator) commonValidator() valueValidator {
  301. return &basicCommonValidator{
  302. Path: p.param.Name,
  303. In: p.param.In,
  304. Default: p.param.Default,
  305. Enum: p.param.Enum,
  306. }
  307. }
  308. func (p *ParamValidator) sliceValidator() valueValidator {
  309. return &basicSliceValidator{
  310. Path: p.param.Name,
  311. In: p.param.In,
  312. Default: p.param.Default,
  313. MaxItems: p.param.MaxItems,
  314. MinItems: p.param.MinItems,
  315. UniqueItems: p.param.UniqueItems,
  316. Items: p.param.Items,
  317. Source: p.param,
  318. KnownFormats: p.KnownFormats,
  319. }
  320. }
  321. func (p *ParamValidator) numberValidator() valueValidator {
  322. return &numberValidator{
  323. Path: p.param.Name,
  324. In: p.param.In,
  325. Default: p.param.Default,
  326. MultipleOf: p.param.MultipleOf,
  327. Maximum: p.param.Maximum,
  328. ExclusiveMaximum: p.param.ExclusiveMaximum,
  329. Minimum: p.param.Minimum,
  330. ExclusiveMinimum: p.param.ExclusiveMinimum,
  331. Type: p.param.Type,
  332. Format: p.param.Format,
  333. }
  334. }
  335. func (p *ParamValidator) stringValidator() valueValidator {
  336. return &stringValidator{
  337. Path: p.param.Name,
  338. In: p.param.In,
  339. Default: p.param.Default,
  340. AllowEmptyValue: p.param.AllowEmptyValue,
  341. Required: p.param.Required,
  342. MaxLength: p.param.MaxLength,
  343. MinLength: p.param.MinLength,
  344. Pattern: p.param.Pattern,
  345. }
  346. }
  347. func (p *ParamValidator) formatValidator() valueValidator {
  348. return &formatValidator{
  349. Path: p.param.Name,
  350. In: p.param.In,
  351. //Default: p.param.Default,
  352. Format: p.param.Format,
  353. KnownFormats: p.KnownFormats,
  354. }
  355. }
  356. type basicSliceValidator struct {
  357. Path string
  358. In string
  359. Default interface{}
  360. MaxItems *int64
  361. MinItems *int64
  362. UniqueItems bool
  363. Items *spec.Items
  364. Source interface{}
  365. itemsValidator *itemsValidator
  366. KnownFormats strfmt.Registry
  367. }
  368. func (s *basicSliceValidator) SetPath(path string) {
  369. s.Path = path
  370. }
  371. func (s *basicSliceValidator) Applies(source interface{}, kind reflect.Kind) bool {
  372. switch source.(type) {
  373. case *spec.Parameter, *spec.Items, *spec.Header:
  374. return kind == reflect.Slice
  375. }
  376. return false
  377. }
  378. func (s *basicSliceValidator) Validate(data interface{}) *Result {
  379. val := reflect.ValueOf(data)
  380. size := int64(val.Len())
  381. if s.MinItems != nil {
  382. if err := MinItems(s.Path, s.In, size, *s.MinItems); err != nil {
  383. return errorHelp.sErr(err)
  384. }
  385. }
  386. if s.MaxItems != nil {
  387. if err := MaxItems(s.Path, s.In, size, *s.MaxItems); err != nil {
  388. return errorHelp.sErr(err)
  389. }
  390. }
  391. if s.UniqueItems {
  392. if err := UniqueItems(s.Path, s.In, data); err != nil {
  393. return errorHelp.sErr(err)
  394. }
  395. }
  396. if s.itemsValidator == nil && s.Items != nil {
  397. s.itemsValidator = newItemsValidator(s.Path, s.In, s.Items, s.Source, s.KnownFormats)
  398. }
  399. if s.itemsValidator != nil {
  400. for i := 0; i < int(size); i++ {
  401. ele := val.Index(i)
  402. if err := s.itemsValidator.Validate(i, ele.Interface()); err != nil && err.HasErrors() {
  403. return err
  404. }
  405. }
  406. }
  407. return nil
  408. }
  409. /* unused
  410. func (s *basicSliceValidator) hasDuplicates(value reflect.Value, size int) bool {
  411. dict := make(map[interface{}]struct{})
  412. for i := 0; i < size; i++ {
  413. ele := value.Index(i)
  414. if _, ok := dict[ele.Interface()]; ok {
  415. return true
  416. }
  417. dict[ele.Interface()] = struct{}{}
  418. }
  419. return false
  420. }
  421. */
  422. type numberValidator struct {
  423. Path string
  424. In string
  425. Default interface{}
  426. MultipleOf *float64
  427. Maximum *float64
  428. ExclusiveMaximum bool
  429. Minimum *float64
  430. ExclusiveMinimum bool
  431. // Allows for more accurate behavior regarding integers
  432. Type string
  433. Format string
  434. }
  435. func (n *numberValidator) SetPath(path string) {
  436. n.Path = path
  437. }
  438. func (n *numberValidator) Applies(source interface{}, kind reflect.Kind) bool {
  439. switch source.(type) {
  440. case *spec.Parameter, *spec.Schema, *spec.Items, *spec.Header:
  441. isInt := kind >= reflect.Int && kind <= reflect.Uint64
  442. isFloat := kind == reflect.Float32 || kind == reflect.Float64
  443. r := isInt || isFloat
  444. debugLog("schema props validator for %q applies %t for %T (kind: %v) isInt=%t, isFloat=%t\n", n.Path, r, source, kind, isInt, isFloat)
  445. return r
  446. }
  447. debugLog("schema props validator for %q applies %t for %T (kind: %v)\n", n.Path, false, source, kind)
  448. return false
  449. }
  450. // Validate provides a validator for generic JSON numbers,
  451. //
  452. // By default, numbers are internally represented as float64.
  453. // Formats float, or float32 may alter this behavior by mapping to float32.
  454. // A special validation process is followed for integers, with optional "format":
  455. // this is an attempt to provide a validation with native types.
  456. //
  457. // NOTE: since the constraint specified (boundary, multipleOf) is unmarshalled
  458. // as float64, loss of information remains possible (e.g. on very large integers).
  459. //
  460. // Since this value directly comes from the unmarshalling, it is not possible
  461. // at this stage of processing to check further and guarantee the correctness of such values.
  462. //
  463. // Normally, the JSON Number.MAX_SAFE_INTEGER (resp. Number.MIN_SAFE_INTEGER)
  464. // would check we do not get such a loss.
  465. //
  466. // If this is the case, replace AddErrors() by AddWarnings() and IsValid() by !HasWarnings().
  467. //
  468. // TODO: consider replacing boundary check errors by simple warnings.
  469. //
  470. // TODO: default boundaries with MAX_SAFE_INTEGER are not checked (specific to json.Number?)
  471. func (n *numberValidator) Validate(val interface{}) *Result {
  472. res := new(Result)
  473. resMultiple := new(Result)
  474. resMinimum := new(Result)
  475. resMaximum := new(Result)
  476. // Used only to attempt to validate constraint on value,
  477. // even though value or constraint specified do not match type and format
  478. data := valueHelp.asFloat64(val)
  479. // Is the provided value within the range of the specified numeric type and format?
  480. res.AddErrors(IsValueValidAgainstRange(val, n.Type, n.Format, "Checked", n.Path))
  481. // nolint: dupl
  482. if n.MultipleOf != nil {
  483. // Is the constraint specifier within the range of the specific numeric type and format?
  484. resMultiple.AddErrors(IsValueValidAgainstRange(*n.MultipleOf, n.Type, n.Format, "MultipleOf", n.Path))
  485. if resMultiple.IsValid() {
  486. // Constraint validated with compatible types
  487. if err := MultipleOfNativeType(n.Path, n.In, val, *n.MultipleOf); err != nil {
  488. resMultiple.Merge(errorHelp.sErr(err))
  489. }
  490. } else {
  491. // Constraint nevertheless validated, converted as general number
  492. if err := MultipleOf(n.Path, n.In, data, *n.MultipleOf); err != nil {
  493. resMultiple.Merge(errorHelp.sErr(err))
  494. }
  495. }
  496. }
  497. // nolint: dupl
  498. if n.Maximum != nil {
  499. // Is the constraint specifier within the range of the specific numeric type and format?
  500. resMaximum.AddErrors(IsValueValidAgainstRange(*n.Maximum, n.Type, n.Format, "Maximum boundary", n.Path))
  501. if resMaximum.IsValid() {
  502. // Constraint validated with compatible types
  503. if err := MaximumNativeType(n.Path, n.In, val, *n.Maximum, n.ExclusiveMaximum); err != nil {
  504. resMaximum.Merge(errorHelp.sErr(err))
  505. }
  506. } else {
  507. // Constraint nevertheless validated, converted as general number
  508. if err := Maximum(n.Path, n.In, data, *n.Maximum, n.ExclusiveMaximum); err != nil {
  509. resMaximum.Merge(errorHelp.sErr(err))
  510. }
  511. }
  512. }
  513. // nolint: dupl
  514. if n.Minimum != nil {
  515. // Is the constraint specifier within the range of the specific numeric type and format?
  516. resMinimum.AddErrors(IsValueValidAgainstRange(*n.Minimum, n.Type, n.Format, "Minimum boundary", n.Path))
  517. if resMinimum.IsValid() {
  518. // Constraint validated with compatible types
  519. if err := MinimumNativeType(n.Path, n.In, val, *n.Minimum, n.ExclusiveMinimum); err != nil {
  520. resMinimum.Merge(errorHelp.sErr(err))
  521. }
  522. } else {
  523. // Constraint nevertheless validated, converted as general number
  524. if err := Minimum(n.Path, n.In, data, *n.Minimum, n.ExclusiveMinimum); err != nil {
  525. resMinimum.Merge(errorHelp.sErr(err))
  526. }
  527. }
  528. }
  529. res.Merge(resMultiple, resMinimum, resMaximum)
  530. res.Inc()
  531. return res
  532. }
  533. type stringValidator struct {
  534. Default interface{}
  535. Required bool
  536. AllowEmptyValue bool
  537. MaxLength *int64
  538. MinLength *int64
  539. Pattern string
  540. Path string
  541. In string
  542. }
  543. func (s *stringValidator) SetPath(path string) {
  544. s.Path = path
  545. }
  546. func (s *stringValidator) Applies(source interface{}, kind reflect.Kind) bool {
  547. switch source.(type) {
  548. case *spec.Parameter, *spec.Schema, *spec.Items, *spec.Header:
  549. r := kind == reflect.String
  550. debugLog("string validator for %q applies %t for %T (kind: %v)\n", s.Path, r, source, kind)
  551. return r
  552. }
  553. debugLog("string validator for %q applies %t for %T (kind: %v)\n", s.Path, false, source, kind)
  554. return false
  555. }
  556. func (s *stringValidator) Validate(val interface{}) *Result {
  557. data, ok := val.(string)
  558. if !ok {
  559. return errorHelp.sErr(errors.InvalidType(s.Path, s.In, stringType, val))
  560. }
  561. if s.Required && !s.AllowEmptyValue && (s.Default == nil || s.Default == "") {
  562. if err := RequiredString(s.Path, s.In, data); err != nil {
  563. return errorHelp.sErr(err)
  564. }
  565. }
  566. if s.MaxLength != nil {
  567. if err := MaxLength(s.Path, s.In, data, *s.MaxLength); err != nil {
  568. return errorHelp.sErr(err)
  569. }
  570. }
  571. if s.MinLength != nil {
  572. if err := MinLength(s.Path, s.In, data, *s.MinLength); err != nil {
  573. return errorHelp.sErr(err)
  574. }
  575. }
  576. if s.Pattern != "" {
  577. if err := Pattern(s.Path, s.In, data, s.Pattern); err != nil {
  578. return errorHelp.sErr(err)
  579. }
  580. }
  581. return nil
  582. }