Chore: validate search value against RegEx

rkpattnaik780 · rkpattnaik780 · commit 8b122a849853 · 2021-02-23T00:23:59.000+05:30
diff --git a/cmd/rhoas/pkged.go b/cmd/rhoas/pkged.go
diff --git a/locales/kafka/active.en.toml b/locales/kafka/active.en.toml
@@ -11,6 +11,14 @@ Invalid Kafka instance name. Valid names must satisfy the following conditions:
 [kafka.validation.name.error.lengthError]
 one = 'Kafka instance name must be between 1 and 32 characters'
 
+[kafka.validation.error.invalidSearchValue]
+description = 'Error message when invalid search input is provided'
+one = '''
+Illegal search value "{{.Search}}", search input must satisfy the following conditions:
+
+  - must be of 1 or more characters
+  - must only consist of alphanumeric characters, '-', '_' and '%'
+'''
 
 [kafka.common.error.notFoundErrorById]
 one = 'Kafka instance with ID "{{.ID}}" not found'
diff --git a/pkg/cmd/kafka/list/list.go b/pkg/cmd/kafka/list/list.go
@@ -9,6 +9,7 @@ import (
 	kasclient "github.com/bf2fc6cc711aee1a0c2a/cli/pkg/api/kas/client"
 	flagutil "github.com/bf2fc6cc711aee1a0c2a/cli/pkg/cmdutil/flags"
 	"github.com/bf2fc6cc711aee1a0c2a/cli/pkg/iostreams"
+	"github.com/bf2fc6cc711aee1a0c2a/cli/pkg/kafka"
 
 	"github.com/bf2fc6cc711aee1a0c2a/cli/pkg/dump"
 
@@ -101,6 +102,11 @@ func runList(opts *options) error {
 	a = a.Size(strconv.Itoa(opts.limit))
 
 	if opts.search != "" {
+
+		if err = kafka.ValidateSearchInput(opts.search); err != nil {
+			return err
+		}
+
 		logger.Debug(localizer.MustLocalize(&localizer.Config{
 			MessageID: "kafka.list.log.debug.filteringKafkaList",
 			TemplateData: map[string]interface{}{
diff --git a/pkg/kafka/kafka_util.go b/pkg/kafka/kafka_util.go
@@ -11,7 +11,8 @@ import (
 )
 
 var (
-	validNameRegexp = regexp.MustCompile(`^[a-z]([-a-z0-9]*[a-z0-9])?$`)
+	validNameRegexp   = regexp.MustCompile(`^[a-z]([-a-z0-9]*[a-z0-9])?$`)
+	validSearchRegexp = regexp.MustCompile(`^([a-zA-Z0-9-_%]*[a-zA-Z0-9-_%])?$`)
 )
 
 // ValidateName validates the proposed name of a Kafka instance
@@ -69,3 +70,30 @@ func TransformKafkaRequest(kafka *kasclient.KafkaRequest) *kasclient.KafkaReques
 
 	return kafka
 }
+
+func ValidateSearchInput(val interface{}) error {
+	search, ok := val.(string)
+
+	if !ok {
+		return errors.New(localizer.MustLocalize(&localizer.Config{
+			MessageID: "common.error.castError",
+			TemplateData: map[string]interface{}{
+				"Value": val,
+				"Type":  "string",
+			},
+		}))
+	}
+
+	matched := validSearchRegexp.MatchString(search)
+
+	if matched {
+		return nil
+	}
+
+	return errors.New(localizer.MustLocalize(&localizer.Config{
+		MessageID: "kafka.validation.error.invalidSearchValue",
+		TemplateData: map[string]interface{}{
+			"Search": search,
+		},
+	}))
+}
