1 /*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15 #include "check_common.h"
16
17 #include <algorithm>
18 #include <climits>
19
20 #include "doc_errno.h"
21 #include "log_print.h"
22 #include "securec.h"
23
24 namespace DocumentDB {
25 namespace {
26 constexpr const char *KEY_ID = "_id";
27 constexpr const char *COLLECTION_PREFIX_GRD = "GRD_";
28 constexpr const char *COLLECTION_PREFIX_GM_SYS = "GM_SYS";
29 const int MAX_COLLECTION_NAME = 512;
30 const int MAX_ID_LENS = 900;
31 const int JSON_DEEP_MAX = 4;
32
CheckCollectionNamePrefix(const std::string & name,const std::string & prefix)33 bool CheckCollectionNamePrefix(const std::string &name, const std::string &prefix)
34 {
35 if (name.length() < prefix.length()) {
36 return false;
37 }
38
39 return (strncasecmp(name.c_str(), prefix.c_str(), prefix.length()) == 0);
40 }
41
ReplaceAll(std::string & inout,const std::string & what,const std::string & with)42 void ReplaceAll(std::string &inout, const std::string &what, const std::string &with)
43 {
44 std::string::size_type pos {};
45 while ((pos = inout.find(what.data(), pos, what.length())) != std::string::npos) {
46 inout.replace(pos, what.length(), with.data(), with.length());
47 pos += with.length();
48 }
49 }
50 } // namespace
51
CheckCollectionName(const std::string & collectionName,std::string & formattedName,int & errCode)52 bool CheckCommon::CheckCollectionName(const std::string &collectionName, std::string &formattedName, int &errCode)
53 {
54 if (collectionName.empty()) {
55 errCode = -E_INVALID_ARGS;
56 return false;
57 }
58 if (collectionName.length() + 1 > MAX_COLLECTION_NAME) { // with '\0'
59 errCode = -E_OVER_LIMIT;
60 return false;
61 }
62 if (CheckCollectionNamePrefix(collectionName, COLLECTION_PREFIX_GRD) ||
63 CheckCollectionNamePrefix(collectionName, COLLECTION_PREFIX_GM_SYS)) {
64 GLOGE("Collection name is illegal");
65 errCode = -E_INVALID_COLL_NAME_FORMAT;
66 return false;
67 }
68
69 formattedName = collectionName;
70 std::transform(formattedName.begin(), formattedName.end(), formattedName.begin(), [](unsigned char c) {
71 return std::tolower(c);
72 });
73
74 ReplaceAll(formattedName, "'", R"('')");
75 return true;
76 }
77
CheckFilter(JsonObject & filterObj,std::vector<std::vector<std::string>> & filterPath,bool & isIdExist)78 int CheckCommon::CheckFilter(JsonObject &filterObj, std::vector<std::vector<std::string>> &filterPath, bool &isIdExist)
79 {
80 for (size_t i = 0; i < filterPath.size(); i++) {
81 if (filterPath[i].size() > JSON_DEEP_MAX) {
82 GLOGE("filter's json deep is deeper than JSON_DEEP_MAX");
83 return -E_INVALID_ARGS;
84 }
85 }
86 for (size_t i = 0; i < filterPath.size(); i++) {
87 if (filterPath[i].empty()) {
88 return -E_INVALID_JSON_FORMAT;
89 }
90 for (size_t j = 0; j < filterPath[i].size(); j++) {
91 if (filterPath[i][j].empty()) {
92 return -E_INVALID_ARGS;
93 }
94 for (auto oneChar : filterPath[i][j]) {
95 if (!((isalpha(oneChar)) || (isdigit(oneChar)) || (oneChar == '_'))) {
96 return -E_INVALID_ARGS;
97 }
98 }
99 }
100 if (!filterPath[i].empty() && !filterPath[i][0].empty() && isdigit(filterPath[i][0][0])) {
101 return -E_INVALID_ARGS;
102 }
103 }
104 int ret = CheckIdFormat(filterObj, isIdExist);
105 if (ret != E_OK) {
106 GLOGE("Filter Id format is illegal");
107 return ret;
108 }
109 return E_OK;
110 }
111
CheckIdFormat(JsonObject & filterJson,bool & isIdExisit)112 int CheckCommon::CheckIdFormat(JsonObject &filterJson, bool &isIdExisit)
113 {
114 JsonObject filterObjChild = filterJson.GetChild();
115 ValueObject idValue = JsonCommon::GetValueInSameLevel(filterObjChild, KEY_ID, isIdExisit);
116 if ((idValue.GetValueType() == ValueObject::ValueType::VALUE_NULL) && isIdExisit == false) {
117 return E_OK;
118 }
119 if (idValue.GetValueType() != ValueObject::ValueType::VALUE_STRING) {
120 return -E_INVALID_ARGS;
121 }
122 if (idValue.GetStringValue().length() + 1 > MAX_ID_LENS) { // with '\0'
123 return -E_OVER_LIMIT;
124 }
125 return E_OK;
126 }
127
CheckDocument(JsonObject & documentObj,bool & isIdExist)128 int CheckCommon::CheckDocument(JsonObject &documentObj, bool &isIdExist)
129 {
130 if (documentObj.GetDeep() > JSON_DEEP_MAX) {
131 GLOGE("documentObj's json deep is deeper than JSON_DEEP_MAX");
132 return -E_INVALID_ARGS;
133 }
134 int ret = CheckIdFormat(documentObj, isIdExist);
135 if (ret != E_OK) {
136 return ret;
137 }
138 JsonObject documentObjChild = documentObj.GetChild();
139 if (!JsonCommon::CheckJsonField(documentObjChild)) {
140 GLOGE("Document json field format is illegal");
141 return -E_INVALID_ARGS;
142 }
143 return E_OK;
144 }
145
SplitFieldName(const std::string & fieldName,std::vector<std::string> & allFieldsName)146 int SplitFieldName(const std::string &fieldName, std::vector<std::string> &allFieldsName)
147 {
148 std::string tempParseName;
149 std::string priFieldName = fieldName;
150 for (size_t j = 0; j < priFieldName.size(); j++) {
151 if (priFieldName[j] != '.') {
152 tempParseName += priFieldName[j];
153 }
154 if (priFieldName[j] == '.' || j == priFieldName.size() - 1) {
155 if ((j > 0 && priFieldName[j] == '.' && priFieldName[j - 1] == '.') ||
156 (priFieldName[j] == '.' && j == priFieldName.size() - 1)) {
157 return -E_INVALID_ARGS;
158 }
159 allFieldsName.emplace_back(tempParseName);
160 tempParseName.clear();
161 }
162 }
163 return E_OK;
164 }
165
CheckUpdata(JsonObject & updataObj)166 int CheckCommon::CheckUpdata(JsonObject &updataObj)
167 {
168 JsonObject jsonTemp = updataObj.GetChild();
169 size_t maxDeep = 0;
170 while (!jsonTemp.IsNull()) {
171 std::vector<std::string> allFieldsName;
172 int errCode = SplitFieldName(jsonTemp.GetItemField(), allFieldsName);
173 if (errCode != E_OK) {
174 return errCode;
175 }
176 for (const auto &fieldName : allFieldsName) {
177 for (auto oneChar : fieldName) {
178 if (!((isalpha(oneChar)) || (isdigit(oneChar)) || (oneChar == '_'))) {
179 GLOGE("updata fieldName is illegal");
180 return -E_INVALID_ARGS;
181 }
182 }
183 }
184 maxDeep = std::max(allFieldsName.size() + jsonTemp.GetDeep(), maxDeep);
185 if (maxDeep > JSON_DEEP_MAX) {
186 GLOGE("document's json deep is deeper than JSON_DEEP_MAX");
187 return -E_INVALID_ARGS;
188 }
189 jsonTemp = jsonTemp.GetNext();
190 }
191 bool isIdExist = true;
192 CheckIdFormat(updataObj, isIdExist);
193 if (isIdExist) {
194 return -E_INVALID_ARGS;
195 }
196 return E_OK;
197 }
198
CheckProjection(JsonObject & projectionObj,std::vector<std::vector<std::string>> & path)199 int CheckCommon::CheckProjection(JsonObject &projectionObj, std::vector<std::vector<std::string>> &path)
200 {
201 if (projectionObj.GetDeep() > JSON_DEEP_MAX) {
202 GLOGE("projectionObj's json deep is deeper than JSON_DEEP_MAX");
203 return -E_INVALID_ARGS;
204 }
205 int errCode = E_OK;
206 if (!projectionObj.GetChild().IsNull()) {
207 JsonObject projectionObjChild = projectionObj.GetChild();
208 if (!JsonCommon::CheckProjectionField(projectionObjChild, errCode)) {
209 GLOGE("projection json field format is illegal");
210 return errCode;
211 }
212 }
213 for (size_t i = 0; i < path.size(); i++) {
214 if (path[i].empty()) {
215 return -E_INVALID_JSON_FORMAT;
216 }
217 for (const auto &fieldName : path[i]) {
218 if (fieldName.empty()) {
219 return -E_INVALID_ARGS;
220 }
221 for (size_t j = 0; j < fieldName.size(); j++) {
222 if (!((isalpha(fieldName[j])) || (isdigit(fieldName[j])) || (fieldName[j] == '_'))) {
223 return -E_INVALID_ARGS;
224 }
225 if (j == 0 && (isdigit(fieldName[j]))) {
226 return -E_INVALID_ARGS;
227 }
228 }
229 }
230 }
231 return E_OK;
232 }
233 } // namespace DocumentDB