From fb4faba64b2b03faed074dbe9242e553b1b48c3b Mon Sep 17 00:00:00 2001 From: Jill Bender Date: Wed, 16 Jan 2019 17:15:50 -0800 Subject: [PATCH 1/4] remove ETag from validation --- device-telemetry/Services/Models/Rule.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/device-telemetry/Services/Models/Rule.cs b/device-telemetry/Services/Models/Rule.cs index c697ddf..2b286f4 100644 --- a/device-telemetry/Services/Models/Rule.cs +++ b/device-telemetry/Services/Models/Rule.cs @@ -46,7 +46,6 @@ namespace Microsoft.Azure.IoTSolutions.DeviceTelemetry.Services.Models public void Validate() { - InputValidator.Validate(this.ETag); InputValidator.Validate(this.Id); InputValidator.Validate(this.Name); InputValidator.Validate(this.Description); From 5f0f68d5e48dda05a42a5b6aaacf5e5952ddf8a5 Mon Sep 17 00:00:00 2001 From: Jill Bender Date: Wed, 16 Jan 2019 17:39:53 -0800 Subject: [PATCH 2/4] include * in allowable characters --- device-telemetry/Services/Helpers/InputValidator.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/device-telemetry/Services/Helpers/InputValidator.cs b/device-telemetry/Services/Helpers/InputValidator.cs index e349097..13a430e 100644 --- a/device-telemetry/Services/Helpers/InputValidator.cs +++ b/device-telemetry/Services/Helpers/InputValidator.cs @@ -5,7 +5,7 @@ namespace Microsoft.Azure.IoTSolutions.DeviceTelemetry.Services.Helpers { public class InputValidator { - private const string INVALID_CHARACTER = @"[^A-Za-z0-9:;.,_\-]"; + private const string INVALID_CHARACTER = @"[^A-Za-z0-9:;.,_\-*]"; // Check illegal characters in input public static void Validate(string input) From dbf7f0955330ec98d1bf34f1334858b048952d64 Mon Sep 17 00:00:00 2001 From: Jill Bender Date: Thu, 17 Jan 2019 11:32:37 -0800 Subject: [PATCH 3/4] Add test to make sure validation works in regular case. Add whitespace and * to validation regex --- device-telemetry/Services.Test/RulesTest.cs | 38 ++++++++++++++++++- .../Services/Helpers/InputValidator.cs | 6 +-- 2 files changed, 38 insertions(+), 6 deletions(-) diff --git a/device-telemetry/Services.Test/RulesTest.cs b/device-telemetry/Services.Test/RulesTest.cs index 9adfc45..19fb050 100644 --- a/device-telemetry/Services.Test/RulesTest.cs +++ b/device-telemetry/Services.Test/RulesTest.cs @@ -457,6 +457,21 @@ namespace Services.Test await Assert.ThrowsAsync(async () => await this.rules.UpsertIfNotDeletedAsync(rule)); } + [Fact, Trait(Constants.TYPE, Constants.UNIT_TEST)] + public void InputValidationPassesWithValidRule() + { + // Arrange + this.ThereAreSomeRulesInStorage(); + + List rulesList = this.GetSampleRulesList(); + + // Act & Assert + foreach (var rule in rulesList) + { + rule.Validate(); + } + } + private void ThereAreNoRulessInStorage() { this.rulesMock.Setup(x => x.GetListAsync(null, 0, LIMIT, null, false)) @@ -464,6 +479,14 @@ namespace Services.Test } private void ThereAreSomeRulesInStorage() + { + var sampleRules = this.GetSampleRulesList(); + + this.rulesMock.Setup(x => x.GetListAsync(null, 0, LIMIT, null, false)) + .ReturnsAsync(sampleRules); + } + + private List GetSampleRulesList() { var sampleConditions = new List { @@ -507,11 +530,22 @@ namespace Services.Test Severity = SeverityType.Warning, Conditions = sampleConditions, Actions = sampleActions + }, + new Rule() + { + ETag = "*", + Name = "Sample 3", + Enabled = true, + Calculation = CalculationType.Instant, + Description = "Sample description 2.", + GroupId = "Chillers", + Severity = SeverityType.Warning, + Conditions = sampleConditions, + Actions = sampleActions } }; - this.rulesMock.Setup(x => x.GetListAsync(null, 0, LIMIT, null, false)) - .ReturnsAsync(sampleRules); + return sampleRules; } /** diff --git a/device-telemetry/Services/Helpers/InputValidator.cs b/device-telemetry/Services/Helpers/InputValidator.cs index 13a430e..ee0c9ff 100644 --- a/device-telemetry/Services/Helpers/InputValidator.cs +++ b/device-telemetry/Services/Helpers/InputValidator.cs @@ -5,14 +5,12 @@ namespace Microsoft.Azure.IoTSolutions.DeviceTelemetry.Services.Helpers { public class InputValidator { - private const string INVALID_CHARACTER = @"[^A-Za-z0-9:;.,_\-*]"; + private const string INVALID_CHARACTER = @"[^A-Za-z0-9:;.!,_\-* ]"; // Check illegal characters in input public static void Validate(string input) { - input = input.Trim(); - - if (Regex.IsMatch(input, INVALID_CHARACTER)) + if (Regex.IsMatch(input.Trim(), INVALID_CHARACTER)) { throw new InvalidInputException($"Input '{input}' contains invalid characters."); } From fea4e0b79e5b09eb1f62aaf5bf00ad9571980075 Mon Sep 17 00:00:00 2001 From: Jill Bender Date: Thu, 17 Jan 2019 13:03:15 -0800 Subject: [PATCH 4/4] Add test with characters that are in default rules. Remove checks for description --- device-telemetry/Services.Test/RulesTest.cs | 2 +- device-telemetry/Services/Models/Rule.cs | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/device-telemetry/Services.Test/RulesTest.cs b/device-telemetry/Services.Test/RulesTest.cs index 19fb050..9ac8f9a 100644 --- a/device-telemetry/Services.Test/RulesTest.cs +++ b/device-telemetry/Services.Test/RulesTest.cs @@ -515,7 +515,7 @@ namespace Services.Test { Name = "Sample 1", Enabled = true, - Description = "Sample description 1", + Description = "Sample description 1 -- Pressure >= 298", GroupId = "Prototyping devices", Severity = SeverityType.Critical, Conditions = sampleConditions, diff --git a/device-telemetry/Services/Models/Rule.cs b/device-telemetry/Services/Models/Rule.cs index 2b286f4..916c4c1 100644 --- a/device-telemetry/Services/Models/Rule.cs +++ b/device-telemetry/Services/Models/Rule.cs @@ -47,9 +47,6 @@ namespace Microsoft.Azure.IoTSolutions.DeviceTelemetry.Services.Models public void Validate() { InputValidator.Validate(this.Id); - InputValidator.Validate(this.Name); - InputValidator.Validate(this.Description); - InputValidator.Validate(this.GroupId); } }