fix: Ensure that service IDs provided to API operations are alphanume…

…ric. (#543) * feat: validate service id to be alphanumeric * use english character set only for alphanumeric check
fastly · Sep 5, 2024 · 5245c1a · 5245c1a
1 parent 81f6471
commit 5245c1a
Show file tree

Hide file tree

Showing 125 changed files with 2,772 additions and 563 deletions.
diff --git a/fastly/acl.go b/fastly/acl.go
@@ -27,8 +27,8 @@ type ListACLsInput struct {
 
 // ListACLs retrieves all resources.
 func (c *Client) ListACLs(i *ListACLsInput) ([]*ACL, error) {
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	if i.ServiceVersion == 0 {
 		return nil, ErrMissingServiceVersion
@@ -60,8 +60,8 @@ type CreateACLInput struct {
 
 // CreateACL creates a new resource.
 func (c *Client) CreateACL(i *CreateACLInput) (*ACL, error) {
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	if i.ServiceVersion == 0 {
 		return nil, ErrMissingServiceVersion
@@ -96,8 +96,8 @@ func (c *Client) DeleteACL(i *DeleteACLInput) error {
 	if i.Name == "" {
 		return ErrMissingName
 	}
-	if i.ServiceID == "" {
-		return ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return err
 	}
 	if i.ServiceVersion == 0 {
 		return ErrMissingServiceVersion
@@ -135,8 +135,8 @@ func (c *Client) GetACL(i *GetACLInput) (*ACL, error) {
 	if i.Name == "" {
 		return nil, ErrMissingName
 	}
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	if i.ServiceVersion == 0 {
 		return nil, ErrMissingServiceVersion
@@ -173,8 +173,8 @@ func (c *Client) UpdateACL(i *UpdateACLInput) (*ACL, error) {
 	if i.Name == "" {
 		return nil, ErrMissingName
 	}
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	if i.ServiceVersion == 0 {
 		return nil, ErrMissingServiceVersion

diff --git a/fastly/acl_entry.go b/fastly/acl_entry.go
@@ -73,8 +73,8 @@ func (c *Client) ListACLEntries(i *ListACLEntriesInput) ([]*ACLEntry, error) {
 	if i.ACLID == "" {
 		return nil, ErrMissingACLID
 	}
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	p := c.GetACLEntries(&GetACLEntriesInput{
 		ACLID:     i.ACLID,
@@ -111,8 +111,8 @@ func (c *Client) GetACLEntry(i *GetACLEntryInput) (*ACLEntry, error) {
 	if i.EntryID == "" {
 		return nil, ErrMissingID
 	}
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 
 	path := fmt.Sprintf("/service/%s/acl/%s/entry/%s", i.ServiceID, i.ACLID, i.EntryID)
@@ -152,8 +152,8 @@ func (c *Client) CreateACLEntry(i *CreateACLEntryInput) (*ACLEntry, error) {
 	if i.ACLID == "" {
 		return nil, ErrMissingACLID
 	}
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 
 	path := fmt.Sprintf("/service/%s/acl/%s/entry", i.ServiceID, i.ACLID)
@@ -190,8 +190,8 @@ func (c *Client) DeleteACLEntry(i *DeleteACLEntryInput) error {
 	if i.EntryID == "" {
 		return ErrMissingEntryID
 	}
-	if i.ServiceID == "" {
-		return ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return err
 	}
 
 	path := fmt.Sprintf("/service/%s/acl/%s/entry/%s", i.ServiceID, i.ACLID, i.EntryID)
@@ -240,8 +240,8 @@ func (c *Client) UpdateACLEntry(i *UpdateACLEntryInput) (*ACLEntry, error) {
 	if i.EntryID == "" {
 		return nil, ErrMissingID
 	}
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 
 	path := fmt.Sprintf("/service/%s/acl/%s/entry/%s", i.ServiceID, i.ACLID, i.EntryID)
@@ -292,8 +292,8 @@ func (c *Client) BatchModifyACLEntries(i *BatchModifyACLEntriesInput) error {
 	if i.ACLID == "" {
 		return ErrMissingACLID
 	}
-	if i.ServiceID == "" {
-		return ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return err
 	}
 	if len(i.Entries) > BatchModifyMaximumOperations {
 		return ErrMaxExceededEntries

diff --git a/fastly/acl_entry_test.go b/fastly/acl_entry_test.go
@@ -181,6 +181,14 @@ func TestClient_ListACLEntries_validation(t *testing.T) {
 	if err != ErrMissingServiceID {
 		t.Errorf("bad Service ID: %s", err)
 	}
+
+	_, err = testClient.ListACLEntries(&ListACLEntriesInput{
+		ACLID:     "123",
+		ServiceID: "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad Service ID: %s", err)
+	}
 }
 
 func TestClient_CreateACLEntry_validation(t *testing.T) {
@@ -197,6 +205,14 @@ func TestClient_CreateACLEntry_validation(t *testing.T) {
 	if err != ErrMissingServiceID {
 		t.Errorf("bad error: %s", err)
 	}
+
+	_, err = testClient.CreateACLEntry(&CreateACLEntryInput{
+		ACLID:     "123",
+		ServiceID: "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
 }
 
 func TestClient_GetACLEntry_validation(t *testing.T) {
@@ -221,6 +237,15 @@ func TestClient_GetACLEntry_validation(t *testing.T) {
 	if err != ErrMissingServiceID {
 		t.Errorf("bad error: %s", err)
 	}
+
+	_, err = testClient.GetACLEntry(&GetACLEntryInput{
+		ACLID:     "123",
+		EntryID:   "456",
+		ServiceID: "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
 }
 
 func TestClient_UpdateACLEntry_validation(t *testing.T) {
@@ -245,6 +270,15 @@ func TestClient_UpdateACLEntry_validation(t *testing.T) {
 	if err != ErrMissingServiceID {
 		t.Errorf("bad error: %s", err)
 	}
+
+	_, err = testClient.UpdateACLEntry(&UpdateACLEntryInput{
+		ACLID:     "123",
+		EntryID:   "456",
+		ServiceID: "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
 }
 
 func TestClient_DeleteACLEntry_validation(t *testing.T) {
@@ -269,6 +303,15 @@ func TestClient_DeleteACLEntry_validation(t *testing.T) {
 	if err != ErrMissingServiceID {
 		t.Errorf("bad error: %s", err)
 	}
+
+	err = testClient.DeleteACLEntry(&DeleteACLEntryInput{
+		ACLID:     "123",
+		EntryID:   "456",
+		ServiceID: "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
 }
 
 func TestClient_BatchModifyACLEntries_validation(t *testing.T) {
@@ -286,6 +329,14 @@ func TestClient_BatchModifyACLEntries_validation(t *testing.T) {
 		t.Errorf("bad error: %s", err)
 	}
 
+	err = testClient.BatchModifyACLEntries(&BatchModifyACLEntriesInput{
+		ACLID:     "123",
+		ServiceID: "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
+
 	oversizedACLEntries := make([]*BatchACLEntry, BatchModifyMaximumOperations+1)
 	err = testClient.BatchModifyACLEntries(&BatchModifyACLEntriesInput{
 		ACLID:     "123",

diff --git a/fastly/acl_test.go b/fastly/acl_test.go
@@ -132,6 +132,13 @@ func TestClient_ListACLs_validation(t *testing.T) {
 		t.Errorf("bad error: %s", err)
 	}
 
+	_, err = testClient.ListACLs(&ListACLsInput{
+		ServiceID: "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
+
 	_, err = testClient.ListACLs(&ListACLsInput{
 		ServiceID:      "foo",
 		ServiceVersion: 0,
@@ -150,6 +157,13 @@ func TestClient_CreateACL_validation(t *testing.T) {
 		t.Errorf("bad error: %s", err)
 	}
 
+	_, err = testClient.CreateACL(&CreateACLInput{
+		ServiceID: "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
+
 	_, err = testClient.CreateACL(&CreateACLInput{
 		ServiceID:      "foo",
 		ServiceVersion: 0,
@@ -177,6 +191,15 @@ func TestClient_GetACL_validation(t *testing.T) {
 		t.Errorf("bad error: %s", err)
 	}
 
+	_, err = testClient.GetACL(&GetACLInput{
+		Name:           "test",
+		ServiceVersion: 1,
+		ServiceID:      "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
+
 	_, err = testClient.GetACL(&GetACLInput{
 		Name:      "test",
 		ServiceID: "foo",
@@ -205,6 +228,15 @@ func TestClient_UpdateACL_validation(t *testing.T) {
 		t.Errorf("bad error: %s", err)
 	}
 
+	_, err = testClient.UpdateACL(&UpdateACLInput{
+		Name:           "test",
+		ServiceVersion: 1,
+		ServiceID:      "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
+
 	_, err = testClient.UpdateACL(&UpdateACLInput{
 		Name:      "test",
 		ServiceID: "foo",
@@ -233,6 +265,15 @@ func TestClient_DeleteACL_validation(t *testing.T) {
 		t.Errorf("bad error: %s", err)
 	}
 
+	err = testClient.DeleteACL(&DeleteACLInput{
+		Name:           "test",
+		ServiceVersion: 0,
+		ServiceID:      "not-alphanumeric",
+	})
+	if err != ErrServiceIDNotAlphaNumeric {
+		t.Errorf("bad error: %s", err)
+	}
+
 	err = testClient.DeleteACL(&DeleteACLInput{
 		Name:      "test",
 		ServiceID: "foo",

diff --git a/fastly/backend.go b/fastly/backend.go
@@ -57,8 +57,8 @@ type ListBackendsInput struct {
 
 // ListBackends retrieves all resources.
 func (c *Client) ListBackends(i *ListBackendsInput) ([]*Backend, error) {
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	if i.ServiceVersion == 0 {
 		return nil, ErrMissingServiceVersion
@@ -150,8 +150,8 @@ type CreateBackendInput struct {
 
 // CreateBackend creates a new resource.
 func (c *Client) CreateBackend(i *CreateBackendInput) (*Backend, error) {
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	if i.ServiceVersion == 0 {
 		return nil, ErrMissingServiceVersion
@@ -186,8 +186,8 @@ func (c *Client) GetBackend(i *GetBackendInput) (*Backend, error) {
 	if i.Name == "" {
 		return nil, ErrMissingName
 	}
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	if i.ServiceVersion == 0 {
 		return nil, ErrMissingServiceVersion
@@ -284,8 +284,8 @@ func (c *Client) UpdateBackend(i *UpdateBackendInput) (*Backend, error) {
 	if i.Name == "" {
 		return nil, ErrMissingName
 	}
-	if i.ServiceID == "" {
-		return nil, ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return nil, err
 	}
 	if i.ServiceVersion == 0 {
 		return nil, ErrMissingServiceVersion
@@ -320,8 +320,8 @@ func (c *Client) DeleteBackend(i *DeleteBackendInput) error {
 	if i.Name == "" {
 		return ErrMissingName
 	}
-	if i.ServiceID == "" {
-		return ErrMissingServiceID
+	if err := validateServiceID(i.ServiceID); err != nil {
+		return err
 	}
 	if i.ServiceVersion == 0 {
 		return ErrMissingServiceVersion