add backend name validation for app creation / update

This commit is contained in:
Peter Clement 2022-09-13 11:44:33 +01:00
parent 3cedc62bc2
commit 3059e00c77
2 changed files with 15 additions and 3 deletions

View File

@ -2,16 +2,27 @@ import Router from "@koa/router"
import * as controller from "../controllers/application"
import authorized from "../../middleware/authorized"
import { BUILDER } from "@budibase/backend-core/permissions"
import { applicationValidator } from "./utils/validators"
const router = new Router()
router
.post("/api/applications/:appId/sync", authorized(BUILDER), controller.sync)
.post("/api/applications", authorized(BUILDER), controller.create)
.post(
"/api/applications",
authorized(BUILDER),
applicationValidator(),
controller.create
)
.get("/api/applications/:appId/definition", controller.fetchAppDefinition)
.get("/api/applications", controller.fetch)
.get("/api/applications/:appId/appPackage", controller.fetchAppPackage)
.put("/api/applications/:appId", authorized(BUILDER), controller.update)
.put(
"/api/applications/:appId",
authorized(BUILDER),
applicationValidator(),
controller.update
)
.post(
"/api/applications/:appId/client/update",
authorized(BUILDER),

View File

@ -10,6 +10,7 @@ const Joi = require("joi")
const OPTIONAL_STRING = Joi.string().optional().allow(null).allow("")
const OPTIONAL_NUMBER = Joi.number().optional().allow(null)
const OPTIONAL_BOOLEAN = Joi.boolean().optional().allow(null)
const APP_NAME_REGEX = /^[\w\s]+$/
exports.tableValidator = () => {
// prettier-ignore
@ -214,7 +215,7 @@ exports.applicationValidator = () => {
return joiValidator.body(Joi.object({
_id: OPTIONAL_STRING,
_rev: OPTIONAL_STRING,
name: Joi.string().required(),
name: Joi.string().pattern(new RegExp(APP_NAME_REGEX)).required().error(new Error('App name must be letters, numbers and spaces only')),
url: OPTIONAL_STRING,
template: Joi.object({
templateString: OPTIONAL_STRING,