feat: improve validation patterns (#7875)
This commit is contained in:
🏔️ Peak
GitHub
commit
6db5ec2995
12 changed files with 9 additions and 31 deletions
|
|
@ -32,7 +32,7 @@ class CleanupNames extends Command
|
|||
{--backup : Create database backup before changes}
|
||||
{--force : Skip confirmation prompt}';
|
||||
|
||||
protected $description = 'Sanitize name fields by removing invalid characters (keeping only letters, numbers, spaces, dashes, underscores, dots, slashes, colons, parentheses)';
|
||||
protected $description = 'Sanitize name fields by removing dangerous characters';
|
||||
|
||||
protected array $modelsToClean = [
|
||||
'Project' => Project::class,
|
||||
|
|
|
|||
|
|
@ -232,8 +232,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'gitRepository.required' => 'The Git Repository field is required.',
|
||||
'gitBranch.required' => 'The Git Branch field is required.',
|
||||
'buildPack.required' => 'The Build Pack field is required.',
|
||||
|
|
|
|||
|
|
@ -91,8 +91,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'mariadbRootPassword.required' => 'The Root Password field is required.',
|
||||
'mariadbUser.required' => 'The MariaDB User field is required.',
|
||||
'mariadbPassword.required' => 'The MariaDB Password field is required.',
|
||||
|
|
|
|||
|
|
@ -91,8 +91,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'mongoInitdbRootUsername.required' => 'The Root Username field is required.',
|
||||
'mongoInitdbRootPassword.required' => 'The Root Password field is required.',
|
||||
'mongoInitdbDatabase.required' => 'The MongoDB Database field is required.',
|
||||
|
|
|
|||
|
|
@ -94,8 +94,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'mysqlRootPassword.required' => 'The Root Password field is required.',
|
||||
'mysqlUser.required' => 'The MySQL User field is required.',
|
||||
'mysqlPassword.required' => 'The MySQL Password field is required.',
|
||||
|
|
|
|||
|
|
@ -106,8 +106,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'postgresUser.required' => 'The Postgres User field is required.',
|
||||
'postgresPassword.required' => 'The Postgres Password field is required.',
|
||||
'postgresDb.required' => 'The Postgres Database field is required.',
|
||||
|
|
|
|||
|
|
@ -88,8 +88,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'image.required' => 'The Docker Image field is required.',
|
||||
'publicPort.integer' => 'The Public Port must be an integer.',
|
||||
'redisUsername.required' => 'The Redis Username field is required.',
|
||||
|
|
|
|||
|
|
@ -52,8 +52,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'dockerComposeRaw.required' => 'The Docker Compose Raw field is required.',
|
||||
'dockerCompose.required' => 'The Docker Compose field is required.',
|
||||
]
|
||||
|
|
|
|||
|
|
@ -40,8 +40,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'privateKeyValue.required' => 'The Private Key field is required.',
|
||||
'privateKeyValue.string' => 'The Private Key must be a valid string.',
|
||||
]
|
||||
|
|
|
|||
|
|
@ -50,8 +50,6 @@ protected function messages(): array
|
|||
return array_merge(
|
||||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'region.required' => 'The Region field is required.',
|
||||
'region.max' => 'The Region may not be greater than 255 characters.',
|
||||
'key.required' => 'The Access Key field is required.',
|
||||
|
|
|
|||
|
|
@ -37,8 +37,6 @@ protected function messages(): array
|
|||
ValidationPatterns::combinedMessages(),
|
||||
[
|
||||
'name.required' => 'The Name field is required.',
|
||||
'name.regex' => 'The Name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'description.regex' => 'The Description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
]
|
||||
);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,16 +8,14 @@
|
|||
class ValidationPatterns
|
||||
{
|
||||
/**
|
||||
* Pattern for names (allows letters, numbers, spaces, dashes, underscores, dots, slashes, colons, parentheses)
|
||||
* Matches CleanupNames::sanitizeName() allowed characters
|
||||
*/
|
||||
public const NAME_PATTERN = '/^[a-zA-Z0-9\s\-_.:\/()]+$/';
|
||||
* Pattern for names excluding all dangerous characters
|
||||
*/
|
||||
public const NAME_PATTERN = '/^[\p{L}\p{M}\p{N}\s\-_.]+$/u';
|
||||
|
||||
/**
|
||||
* Pattern for descriptions (allows more characters including quotes, commas, etc.)
|
||||
* More permissive than names but still restricts dangerous characters
|
||||
* Pattern for descriptions excluding all dangerous characters with some additional allowed characters
|
||||
*/
|
||||
public const DESCRIPTION_PATTERN = '/^[a-zA-Z0-9\s\-_.:\/()\'\",.!?@#%&+=\[\]{}|~`*]+$/';
|
||||
public const DESCRIPTION_PATTERN = '/^[\p{L}\p{M}\p{N}\s\-_.,!?()\'\"+=*]+$/u';
|
||||
|
||||
/**
|
||||
* Get validation rules for name fields
|
||||
|
|
@ -66,7 +64,7 @@ public static function descriptionRules(bool $required = false, int $maxLength =
|
|||
public static function nameMessages(): array
|
||||
{
|
||||
return [
|
||||
'name.regex' => 'The name may only contain letters, numbers, spaces, dashes (-), underscores (_), dots (.), slashes (/), colons (:), and parentheses ().',
|
||||
'name.regex' => "The name may only contain letters (including Unicode), numbers, spaces, dashes (-), underscores (_) and dots (.).",
|
||||
'name.min' => 'The name must be at least :min characters.',
|
||||
'name.max' => 'The name may not be greater than :max characters.',
|
||||
];
|
||||
|
|
@ -78,12 +76,12 @@ public static function nameMessages(): array
|
|||
public static function descriptionMessages(): array
|
||||
{
|
||||
return [
|
||||
'description.regex' => 'The description contains invalid characters. Only letters, numbers, spaces, and common punctuation (- _ . : / () \' " , ! ? @ # % & + = [] {} | ~ ` *) are allowed.',
|
||||
'description.regex' => "The description may only contain letters (including Unicode), numbers, spaces, and common punctuation (- _ . , ! ? ( ) ' \" + = *).",
|
||||
'description.max' => 'The description may not be greater than :max characters.',
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
/**
|
||||
* Get combined validation messages for both name and description fields
|
||||
*/
|
||||
public static function combinedMessages(): array
|
||||
|
|
|
|||
Loading…
Reference in a new issue