Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb54b0aa

Browse files
committed
make start/endtime check more strict
1 parentaaadc6a commitb54b0aa

File tree

1 file changed

+59
-0
lines changed

1 file changed

+59
-0
lines changed

‎coderd/insights.go

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package coderd
22

33
import (
4+
"context"
45
"fmt"
56
"net/http"
67
"time"
@@ -89,6 +90,10 @@ func (api *API) insightsUserLatency(rw http.ResponseWriter, r *http.Request) {
8990
return
9091
}
9192

93+
if!verifyInsightsStartAndEndTime(ctx,rw,startTime,endTime) {
94+
return
95+
}
96+
9297
// Should we verify all template IDs exist, or just return no rows?
9398
// _, err := api.Database.GetTemplatesWithFilter(ctx, database.GetTemplatesWithFilterParams{
9499
// IDs: templateIDs,
@@ -201,6 +206,10 @@ func (api *API) insightsTemplates(rw http.ResponseWriter, r *http.Request) {
201206
return
202207
}
203208

209+
if!verifyInsightsStartAndEndTime(ctx,rw,startTime,endTime) {
210+
return
211+
}
212+
204213
// Should we verify all template IDs exist, or just return no rows?
205214
// _, err := api.Database.GetTemplatesWithFilter(ctx, database.GetTemplatesWithFilterParams{
206215
// IDs: templateIDs,
@@ -313,3 +322,53 @@ func (api *API) insightsTemplates(rw http.ResponseWriter, r *http.Request) {
313322
}
314323
httpapi.Write(ctx,rw,http.StatusOK,resp)
315324
}
325+
326+
funcverifyInsightsStartAndEndTime(ctx context.Context,rw http.ResponseWriter,startTime,endTime time.Time)bool {
327+
for_,v:=range []struct {
328+
namestring
329+
t time.Time
330+
}{
331+
{"start_time",startTime},
332+
{"end_time",endTime},
333+
} {
334+
ifv.t.IsZero() {
335+
httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{
336+
Message:"Query parameter has invalid value.",
337+
Validations: []codersdk.ValidationError{
338+
{
339+
Field:v.name,
340+
Detail:"must be not be zero",
341+
},
342+
},
343+
})
344+
returnfalse
345+
}
346+
h,m,s:=v.t.Clock()
347+
ifh!=0||m!=0||s!=0 {
348+
httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{
349+
Message:"Query parameter has invalid value.",
350+
Validations: []codersdk.ValidationError{
351+
{
352+
Field:v.name,
353+
Detail:"clock must be 00:00:00",
354+
},
355+
},
356+
})
357+
returnfalse
358+
}
359+
}
360+
ifendTime.Before(startTime) {
361+
httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{
362+
Message:"Query parameter has invalid value.",
363+
Validations: []codersdk.ValidationError{
364+
{
365+
Field:"end_time",
366+
Detail:"must be after start_time",
367+
},
368+
},
369+
})
370+
returnfalse
371+
}
372+
373+
returntrue
374+
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp