Commit5bee51f

committed

limit message length

1 parent93de18a commit5bee51fCopy full SHA for 5bee51f

File tree

+28

-3

lines changed

+28

-3

lines changed

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -3921,6 +3921,10 @@ func (q *fakeQuerier) InsertTemplateVersion(_ context.Context, arg database.Inse`
`3921`	`3921`	`return database.TemplateVersion{},err`
`3922`	`3922`	`}`
`3923`	`3923`
	`3924`	`+iflen(arg.Message)>1048576 {`
	`3925`	`+return database.TemplateVersion{},xerrors.New("message too long")`
	`3926`	`+}`
	`3927`	`+`
`3924`	`3928`	`q.mutex.Lock()`
`3925`	`3929`	`deferq.mutex.Unlock()`
`3926`	`3930`

Lines changed: 1 addition & 1 deletion

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`		`-ALTERTABLE template_versions ADD COLUMN messagetextNOT NULL DEFAULT'';`
	`1`	`+ALTERTABLE template_versions ADD COLUMN messagevarchar(1048576)NOT NULL DEFAULT'';`
`2`	`2`
`3`	`3`	`COMMENT ON COLUMN template_versions.message IS'Message describing the changes in this version of the template, similar to a Git commit message. Like a commit message, this should be a short, high-level description of the changes in this version of the template. This message is immutable and should not be updated after the fact.';`

Lines changed: 21 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,7 @@ import (`
`5`	`5`	`"context"`
`6`	`6`	`"net/http"`
`7`	`7`	`"regexp"`
	`8`	`+"strings"`
`8`	`9`	`"testing"`
`9`	`10`
`10`	`11`	`"github.com/google/uuid"`
`@@ -51,6 +52,26 @@ func TestTemplateVersion(t *testing.T) {`
`51`	`52`	`assert.Equal(t,"first try",tv.Message)`
`52`	`53`	`})`
`53`	`54`
	`55`	`+t.Run("Message limit exceeded",func(t*testing.T) {`
	`56`	`+t.Parallel()`
	`57`	`+client,_,_:=coderdtest.NewWithAPI(t,nil)`
	`58`	`+user:=coderdtest.CreateFirstUser(t,client)`
	`59`	`+`
	`60`	`+ctx,cancel:=context.WithTimeout(context.Background(),testutil.WaitLong)`
	`61`	`+defercancel()`
	`62`	`+`
	`63`	`+file,err:=client.Upload(ctx,codersdk.ContentTypeTar,bytes.NewReader([]byte{}))`
	`64`	`+require.NoError(t,err)`
	`65`	`+_,err=client.CreateTemplateVersion(ctx,user.OrganizationID, codersdk.CreateTemplateVersionRequest{`
	`66`	`+Name:"bananas",`
	`67`	`+Message:strings.Repeat("a",1048577),`
	`68`	`+StorageMethod:codersdk.ProvisionerStorageMethodFile,`
	`69`	`+FileID:file.ID,`
	`70`	`+Provisioner:codersdk.ProvisionerTypeEcho,`
	`71`	`+})`
	`72`	`+require.Error(t,err,"message too long, create should fail")`
	`73`	`+})`
	`74`	`+`
`54`	`75`	`t.Run("MemberCanRead",func(t*testing.T) {`
`55`	`76`	`t.Parallel()`
`56`	`77`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,7 @@ type OrganizationMember struct {`
`43`	`43`	`// CreateTemplateVersionRequest enables callers to create a new Template Version.`
`44`	`44`	`typeCreateTemplateVersionRequeststruct {`
`45`	`45`	Namestring`json:"name,omitempty" validate:"omitempty,template_version_name"`
`46`		-Messagestring`json:"message,omitempty"`
	`46`	+Messagestring`json:"message,omitempty" validate:"lt=1048577"`// Database limit: 1048576.
`47`	`47`	`// TemplateID optionally associates a version with a template.`
`48`	`48`	TemplateID uuid.UUID`json:"template_id,omitempty" format:"uuid"`
`49`	`49`	StorageMethodProvisionerStorageMethod`json:"storage_method" validate:"oneof=file,required" enums:"file"`

Comments

(0)