CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-29 03:30:34 +12:00
Code Issues Projects Releases Wiki Activity

Merge pull request #401 from appwrite/database-key-fix

Browse source 
Database key fix
This commit is contained in:
Eldad A. Fux 2020-06-13 14:22:13 +03:00 committed by GitHub
parent fdac5dbf12 6e0b32325a
commit 3a12fc2345
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 53 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGES.md
View file

@ -18,6 +18,7 @@
- Fixed network calculation for uploaded files
- Fixed a UI bug preventing float values in numeric fields
- Fixed scroll positioning when moving rules order up & down
- Fixed missing validation for database documents key length (32 chars)
## Security

15
app/views/console/database/collection.phtml
View file

@ -1,6 +1,7 @@
<?php
$collection = $this->getParam('collection', []);
$rules = $collection->getAttribute('rules', []);
$maxCells = 10;
?>
<div
@ -87,7 +88,10 @@ $rules = $collection->getAttribute('rules', []);
<table class="vertical">
<thead>
<tr>
<?php foreach($rules as $rule):
<?php foreach($rules as $i => $rule):
if($i > $maxCells) {
break;
}
$label = (isset($rule['label'])) ? $rule['label'] : '';
?>
<th width="120"><?php echo $this->escape($label); ?></th>
@ -96,7 +100,10 @@ $rules = $collection->getAttribute('rules', []);
</thead>
<tbody data-ls-loop="project-documents.documents" data-ls-as="node">
<tr>
<?php foreach($rules as $rule):
<?php foreach($rules as $i => $rule):
if($i > $maxCells) {
break;
}
$label = (isset($rule['label'])) ? $rule['label'] : '';
$key = (isset($rule['key'])) ? $rule['key'] : '';
$type = (isset($rule['type'])) ? $rule['type'] : '';
@ -251,7 +258,7 @@ $rules = $collection->getAttribute('rules', []);
<span class="tooltip small" data-tooltip="Attribute key name. Used as the document JSON key in the Database API"><i class="icon-info-circled"></i></span>
</label>
<div class="input-copy">
<input data-forms-copy name="key" type="text" data-ls-bind="{{rule.key}}" max="32" pattern="^(\d|\w)+$" title="No spaces or special charts allowed" />
<input data-forms-copy name="key" type="text" data-ls-bind="{{rule.key}}" maxlength="32" pattern="^(\d|\w)+$" title="No spaces or special charts allowed" />
</div>
</div>
</div>
@ -404,7 +411,7 @@ $rules = $collection->getAttribute('rules', []);
<span class="tooltip small" data-tooltip="Attribute key name. Used as the document JSON key in the Database API"><i class="icon-info-circled"></i></span>
</label>
<div class="input-copy">
<input data-forms-copy name="key" type="text" required max="32" pattern="^(\d|\w)+$" title="No spaces or special charts allowed" />
<input data-forms-copy name="key" type="text" required maxlength="32" pattern="^(\d|\w)+$" title="No spaces or special charts allowed" />
</div>
</div>
</div>

6
src/Appwrite/Database/Validator/Key.php
View file

@ -34,11 +34,15 @@ class Key extends Validator
*/
public function isValid($value)
{
if(!is_string($value)) {
return false;
}
if (preg_match('/[^A-Za-z0-9\-\_]/', $value)) {
return false;
}
if (mb_strlen($value) > 40) {
if (mb_strlen($value) > 32) {
return false;
}

36
tests/unit/Database/Validator/KeyTest.php Normal file
View file

@ -0,0 +1,36 @@
<?php
namespace Appwrite\Tests;
use Appwrite\Database\Validator\Key;
use PHPUnit\Framework\TestCase;
class KeyTest extends TestCase
{
/**
* @var Key
*/
protected $object = null;
public function setUp()
{
$this->object = new Key();
}
public function tearDown()
{
}
public function testValues()
{
$this->assertEquals($this->object->isValid('dasda asdasd'), false);
$this->assertEquals($this->object->isValid('asdasdasdas'), true);
$this->assertEquals($this->object->isValid('as$$5dasdasdas'), false);
$this->assertEquals($this->object->isValid(false), false);
$this->assertEquals($this->object->isValid(null), false);
$this->assertEquals($this->object->isValid('socialAccountForYoutubeSubscribers'), false);
$this->assertEquals($this->object->isValid('socialAccountForYoutubeSubscriber'), false);
$this->assertEquals($this->object->isValid('socialAccountForYoutubeSubscribe'), true);
$this->assertEquals($this->object->isValid('socialAccountForYoutubeSubscrib'), true);
}
}