From d6fd291d856a2005ed8f3a1a4f0f42add4ecb272 Mon Sep 17 00:00:00 2001 From: Angel Garbarino Date: Mon, 14 Oct 2024 13:46:19 -0600 Subject: [PATCH] validations --- ui/app/models/kv/data.js | 16 ++++++++++- ui/app/utils/model-helpers/validators.js | 34 ++++++++++++++++++++++++ 2 files changed, 49 insertions(+), 1 deletion(-) diff --git a/ui/app/models/kv/data.js b/ui/app/models/kv/data.js index 19b07fac95..383e313dab 100644 --- a/ui/app/models/kv/data.js +++ b/ui/app/models/kv/data.js @@ -8,7 +8,11 @@ import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities'; import { withModelValidations } from 'vault/decorators/model-validations'; import { withFormFields } from 'vault/decorators/model-form-fields'; import { isDeleted } from 'kv/utils/kv-deleted'; -import { WHITESPACE_WARNING } from 'vault/utils/model-helpers/validators'; +import { + DATA_OCTET_WARNING, + FORWARD_SLASH_WARNING, + WHITESPACE_WARNING, +} from 'vault/utils/model-helpers/validators'; /* sample response { @@ -39,6 +43,16 @@ const validations = { message: WHITESPACE_WARNING('path'), level: 'warn', }, + { + type: 'containsDataOctet', + message: DATA_OCTET_WARNING('path'), + level: 'warn', + }, + { + type: 'containsForwardSlash', + message: FORWARD_SLASH_WARNING('path'), + level: 'warn', + }, ], secretData: [ { diff --git a/ui/app/utils/model-helpers/validators.js b/ui/app/utils/model-helpers/validators.js index 3d380f3758..f2d368b78c 100644 --- a/ui/app/utils/model-helpers/validators.js +++ b/ui/app/utils/model-helpers/validators.js @@ -36,6 +36,14 @@ export const containsWhiteSpace = (value) => { return !hasWhitespace(value); }; +export const containsDataOctet = (value) => { + return !hasDataOctet(value); +}; + +export const containsForwardSlash = (value) => { + return !hasForwardSlash(value); +}; + export const endsInSlash = (value) => { const validation = new RegExp('/$'); return !validation.test(value); @@ -51,6 +59,22 @@ export const hasWhitespace = (value) => { return validation.test(value); }; +export const hasDataOctet = (value) => { + // A percent-encoded data octet is a character triplet that represents a byte's numeric value in a Uniform Resource Identifier (URI): + // Format: A percent sign (%) followed by two hexadecimal digits + // Example: The percent-encoding for / is %2f + // In KVv2 we want to warn users that their secret path includes a percent-encoded data octet and that we will not transform it + const regex = /%([0-9A-Fa-f]{2})/g; + return !!value.match(regex); +}; + +export const hasForwardSlash = (value) => { + // only show if forward slash is not the last value. If it's the last value the endsInSlash validator will catch it. + const notLastChar = value.slice(0, -1); + const regex = /\//g; + return regex.test(notLastChar); +}; + // HTML form inputs transform values to a string type // this returns if the value can be evaluated as non-string, i.e. "null" export const isNonString = (value) => { @@ -68,6 +92,14 @@ export const WHITESPACE_WARNING = (item) => item )} contains whitespace. If this is desired, you'll need to encode it with %20 in API requests.`; +export const DATA_OCTET_WARNING = (item) => + `${capitalize(item)} contains a percent encoded data octet. The UI will not decode this.`; + +export const FORWARD_SLASH_WARNING = (item) => + `${capitalize( + item + )} contains a forward slash. The UI will interpret this as the name of a directory. Example: foo/bar where foo will be the directory name and foo the secret path.`; + export const NON_STRING_WARNING = 'This value will be saved as a string. If you need to save a non-string value, please use the JSON editor.'; @@ -76,6 +108,8 @@ export default { length, number, containsWhiteSpace, + containsDataOctet, + containsForwardSlash, endsInSlash, isNonString, hasWhitespace,