8000 fix(api): do not let add run conditions with unknown operator (#3126) · ovh/cds@b072e35 · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Commit b072e35

Browse files
bnjjjyesnault
authored andcommitted
fix(api): do not let add run conditions with unknown operator (#3126)
close #3123
1 parent 023fed7 commit b072e35

File tree

3 files changed

+140
-14
lines changed

3 files changed

+140
-14
lines changed

engine/api/workflow/dao_node.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -250,6 +250,12 @@ func UpdateNodeContext(db gorp.SqlExecutor, c *sdk.WorkflowNodeContext) error {
250250
sqlContext.DefaultPipelineParameters = sql.NullString{String: string(b), Valid: true}
251251
}
252252

253+
for _, cond := range c.Conditions.PlainConditions {
254+
if _, ok := sdk.WorkflowConditionsOperators[cond.Operator]; !ok {
255+
return sdk.ErrWorkflowConditionBadOperator
256+
}
257+
}
258+
253259
var errC error
254260
sqlContext.Conditions, errC = gorpmapping.JSONToNullString(c.Conditions)
255261
if errC != nil {

engine/api/workflow/dao_test.go

Lines changed: 131 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -244,7 +244,7 @@ func TestInsertComplexeWorkflowAndExport(t *testing.T) {
244244
Conditions: sdk.WorkflowNodeConditions{
245245
PlainConditions: []sdk.WorkflowNodeCondition{
246246
sdk.WorkflowNodeCondition{
247-
Operator: "=",
247+
Operator: "eq",
248248
Value: "master",
249249
Variable: ".git.branch",
250250
},
@@ -261,7 +261,7 @@ func TestInsertComplexeWorkflowAndExport(t *testing.T) {
< 10000 /code>
261261
Conditions: sdk.WorkflowNodeConditions{
262262
PlainConditions: []sdk.WorkflowNodeCondition{
263263
sdk.WorkflowNodeCondition{
264-
Operator: "=",
264+
Operator: "eq",
265265
Value: "master",
266266
Variable: ".git.branch",
267267
},
@@ -282,7 +282,7 @@ func TestInsertComplexeWorkflowAndExport(t *testing.T) {
282282
Conditions: sdk.WorkflowNodeConditions{
283283
PlainConditions: []sdk.WorkflowNodeCondition{
284284
sdk.WorkflowNodeCondition{
285-
Operator: "=",
285+
Operator: "eq",
286286
Value: "master",
287287
Variable: ".git.branch",
288288
},
@@ -319,6 +319,123 @@ func TestInsertComplexeWorkflowAndExport(t *testing.T) {
319319
fmt.Println(string(btes))
320320
}
321321

322+
func TestInsertComplexeWorkflowWithBadOperator(t *testing.T) {
323+
db, cache := test.SetupPG(t)
324+
325+
u, _ := assets.InsertAdminUser(db)
326+
key := sdk.RandomString(10)
327+
proj := assets.InsertTestProject(t, db, cache, key, key, u)
328+
329+
pip1 := sdk.Pipeline{
330+
ProjectID: proj.ID,
331+
ProjectKey: proj.Key,
332+
Name: "pip1",
333+
Type: sdk.BuildPipeline,
334+
}
335+
336+
test.NoError(t, pipeline.InsertPipeline(db, cache, proj, &pip1, u))
337+
338+
pip2 := sdk.Pipeline{
339+
ProjectID: proj.ID,
340+
ProjectKey: proj.Key,
341+
Name: "pip2",
342+
Type: sdk.BuildPipeline,
343+
}
344+
345+
test.NoError(t, pipeline.InsertPipeline(db, cache, proj, &pip2, u))
346+
347+
pip3 := sdk.Pipeline{
348+
ProjectID: proj.ID,
349+
ProjectKey: proj.Key,
350+
Name: "pip3",
351+
Type: sdk.BuildPipeline,
352+
}
353+
354+
test.NoError(t, pipeline.InsertPipeline(db, cache, proj, &pip3, u))
355+
356+
pip4 := sdk.Pipeline{
357+
ProjectID: proj.ID,
358+
ProjectKey: proj.Key,
359+
Name: "pip4",
360+
Type: sdk.BuildPipeline,
361+
}
362+
363+
test.NoError(t, pipeline.InsertPipeline(db, cache, proj, &pip4, u))
364+
365+
proj, _ = project.LoadByID(db, cache, proj.ID, u, project.LoadOptions.WithApplications, project.LoadOptions.WithPipelines, project.LoadOptions.WithEnvironments, project.LoadOptions.WithGroups)
366+
367+
w := sdk.Workflow{
368+
Name: "test_1",
369+
ProjectID: proj.ID,
370+
ProjectKey: proj.Key,
371+
Root: &sdk.WorkflowNode{
372+
Name: "Root",
373+
PipelineID: pip1.ID,
374+
PipelineName: pip1.Name,
375+
Triggers: []sdk.WorkflowNodeTrigger{
376+
sdk.WorkflowNodeTrigger{
377+
WorkflowDestNode: sdk.WorkflowNode{
378+
Name: "First",
379+
PipelineID: pip2.ID,
380+
PipelineName: pip2.Name,
381+
Context: &sdk.WorkflowNodeContext{
382+
Conditions: sdk.WorkflowNodeConditions{
383+
PlainConditions: []sdk.WorkflowNodeCondition{
384+
sdk.WorkflowNodeCondition{
385+
Operator: "=",
386+
Value: "master",
387+
Variable: ".git.branch",
388+
},
389+
},
390+
},
391+
},
392+
Triggers: []sdk.WorkflowNodeTrigger{
393+
sdk.WorkflowNodeTrigger{
394+
WorkflowDestNode: sdk.WorkflowNode{
395+
Name: "Second",
396+
PipelineID: pip3.ID,
397+
PipelineName: pip3.Name,
398+
Context: &sdk.WorkflowNodeContext{
399+
Conditions: sdk.WorkflowNodeConditions{
400+
PlainConditions: []sdk.WorkflowNodeCondition{
401+
sdk.WorkflowNodeCondition{
402+
Operator: "=",
403+
Value: "master",
404+
Variable: ".git.branch",
405+
},
406+
},
407+
},
408+
},
409+
},
410+
},
411+
},
412+
},
413+
},
414+
sdk.WorkflowNodeTrigger{
415+
WorkflowDestNode: sdk.WorkflowNode{
416+
Name: "Last",
417+
PipelineID: pip4.ID,
418+
PipelineName: pip4.Name,
419+
Context: &sdk.WorkflowNodeContext{
420+
Conditions: sdk.WorkflowNodeConditions{
421+
PlainConditions: []sdk.WorkflowNodeCondition{
422+
sdk.WorkflowNodeCondition{
423+
Operator: "=",
424+
Value: "master",
425+
Variable: ".git.branch",
426+
},
427+
},
428+
},
429+
},
430+
},
431+
},
432+
},
433+
},
434+
}
435+
436+
assert.Error(t, workflow.Insert(db, cache, &w, proj, u))
437+
}
438+
322439
func assertEqualNode(t *testing.T, n1, n2 *sdk.WorkflowNode) {
323440
t.Logf("assertEqualNode : %d(%s) on %s", n2.ID, n2.Ref, n2.PipelineName)
324441
workflow.SortNode(n1)
@@ -541,7 +658,7 @@ func TestInsertComplexeWorkflowWithJoinsAndExport(t *testing.T) {
541658
Conditions: sdk.WorkflowNodeConditions{
542659
PlainConditions: []sdk.WorkflowNodeCondition{
543660
sdk.WorkflowNodeCondition{
544-
Operator: "=",
661+
Operator: "eq",
545662
Value: "master",
546663
Variable: ".git.branch",
547664
},
@@ -558,7 +675,7 @@ func TestInsertComplexeWorkflowWithJoinsAndExport(t *testing.T) {
558675
Conditions: sdk.WorkflowNodeConditions{
559676
PlainConditions: []sdk.WorkflowNodeCondition{
560677
sdk.WorkflowNodeCondition{
561-
Operator: "=",
678+
Operator: "eq",
562679
Value: "master",
563680
Variable: ".git.branch",
564681
},
@@ -575,7 +692,7 @@ func TestInsertComplexeWorkflowWithJoinsAndExport(t *testing.T) {
575692
Conditions: sdk.WorkflowNodeConditions{
576693
PlainConditions: []sdk.WorkflowNodeCondition{
577694
sdk.WorkflowNodeCondition{
578-
Operator: "=",
695+
Operator: "eq",
579696
Value: "master",
580697
Variable: ".git.branch",
581698
},
@@ -606,7 +723,7 @@ func TestInsertComplexeWorkflowWithJoinsAndExport(t *testing.T) {
606723
Conditions: sdk.WorkflowNodeConditions{
607724
PlainConditions: []sdk.WorkflowNodeCondition{
608725
sdk.WorkflowNodeCondition{
609-
Operator: "=",
726+
Operator: "eq",
610727
Value: "master",
611728
Variable: ".git.branch",
612729
},
@@ -768,7 +885,7 @@ func TestInsertComplexeWorkflowWithComplexeJoins(t *testing.T) {
768885
Conditions: sdk.WorkflowNodeConditions{
769886
PlainConditions: []sdk.WorkflowNodeCondition{
770887
sdk.WorkflowNodeCondition{
771-
Operator: "=",
888+
Operator: "eq",
772889
Value: "master",
773890
Variable: ".git.branch",
774891
},
@@ -785,7 +902,7 @@ func TestInsertComplexeWorkflowWithComplexeJoins(t *testing.T) {
785902
Conditions: sdk.WorkflowNodeConditions{
786903
PlainConditions: []sdk.WorkflowNodeCondition{
787904
sdk.WorkflowNodeCondition{
788-
Operator: "=",
905+
Operator: "eq",
789906
Value: "master",
790907
Variable: ".git.branch",
791908
},
@@ -802,7 +919,7 @@ func TestInsertComplexeWorkflowWithComplexeJoins(t *testing.T) {
802919
Conditions: sdk.WorkflowNodeConditions{
803920
PlainConditions: []sdk.WorkflowNodeCondition{
804921
sdk.WorkflowNodeCondition{
805-
Operator: "=",
922+
Operator: "eq",
806923
Value: "master",
807924
Variable: ".git.branch",
808925
},
@@ -834,7 +951,7 @@ func TestInsertComplexeWorkflowWithComplexeJoins(t *testing.T) {
834951
Conditions: sdk.WorkflowNodeConditions{
835952
PlainConditions: []sdk.WorkflowNodeCondition{
836953
sdk.WorkflowNodeCondition{
837-
Operator: "=",
954+
Operator: "eq",
838955
Value: "master",
839956
Variable: ".git.branch",
840957
},
@@ -852,7 +969,7 @@ func TestInsertComplexeWorkflowWithComplexeJoins(t *testing.T) {
852969
Conditions: sdk.WorkflowNodeConditions{
853970
PlainConditions: []sdk.WorkflowNodeCondition{
854971
sdk.WorkflowNodeCondition{
855-
Operator: "=",
972+
Operator: "eq",
856973
Value: "master",
857974
Variable: ".git.branch",
858975
},
@@ -876,7 +993,7 @@ func TestInsertComplexeWorkflowWithComplexeJoins(t *testing.T) {
876993
Conditions: sdk.WorkflowNodeConditions{
877994
PlainConditions: []sdk.WorkflowNodeCondition{
878995
sdk.WorkflowNodeCondition{
879-
Operator: "=",
996+
Operator: "eq",
880997
Value: "master",
881998
Variable: ".git.branch",
882999
},
@@ -1079,7 +1196,7 @@ func TestInsertSimpleWorkflowWithHookAndExport(t *testing.T) {
10791196
Conditions: sdk.WorkflowNodeConditions{
10801197
PlainConditions: []sdk.WorkflowNodeCondition{
10811198
sdk.WorkflowNodeCondition{
1082-
Operator: "=",
1199+
Operator: "eq",
10831200
Value: "master",
10841201
Variable: ".git.branch",
10851202
},

sdk/error.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -155,6 +155,7 @@ var (
155155
ErrWorkflowNameImport = Error{ID: 140, Status: http.StatusBadRequest}
156156
ErrIconBadFormat = Error{ID: 141, Status: http.StatusBadRequest}
157157
ErrIconBadSize = Error{ID: 142, Status: http.StatusBadRequest}
158+
ErrWorkflowConditionBadOperator = Error{ID: 143, Status: http.StatusBadRequest}
158159
)
159160

160161
var errorsAmericanEnglish = map[int]string{
@@ -298,6 +299,7 @@ var errorsAmericanEnglish = map[int]string{
298299
ErrWorkflowNameImport.ID: "Workflow name doesn't correspond in your code",
299300
ErrIconBadFormat.ID: "Bad icon format. Must be an image",
300301
ErrIconBadSize.ID: "Bad icon size. Must be lower than 100Ko",
302+
ErrWorkflowConditionBadOperator.ID: "Your run conditions have bad operator",
301303
}
302304

303305
var errorsFrench = map[int]string{
@@ -441,6 +443,7 @@ var errorsFrench = map[int]string{
441443
ErrWorkflowNameImport.ID: "Le nom du workflow dans le code ne correspond pas au nom du workflow que vous voulez éditer",
442444
ErrIconBadFormat.ID: "Mauvais format d'icône, doit être une image",
443445
ErrIconBadSize.ID: "Taille de l'icône trop importante. (max 100Ko)",
446+
ErrWorkflowConditionBadOperator.ID: "Opérateur de condition de lancement incorrect",
444447
}
445448

446449
var errorsLanguages = []map[int]string{

0 commit comments

Comments
 (0)
0