Skip to content

Commit

Permalink
Add validation of attachment values in flow definitions
Browse files Browse the repository at this point in the history
  • Loading branch information
@rowanseymour
rowanseymour committed Jul 16, 2024
1 parent 0369f36 commit 3906714
Show file tree
Hide file tree
Showing 4 changed files with 41 additions and 28 deletions.
12 changes: 6 additions & 6 deletions flows/actions/base.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,8 @@ func (a *baseAction) evaluateMessage(run flows.Run, languages []i18n.Language, a
for _, a := range translatedAttachments {
evaluatedAttachment, _ := run.EvaluateTemplate(a, logEvent)
evaluatedAttachment = strings.TrimSpace(evaluatedAttachment)
if evaluatedAttachment == "" {
logEvent(events.NewErrorf("attachment text evaluated to empty string, skipping"))
if !utils.IsValidAttachment(evaluatedAttachment) {
logEvent(events.NewErrorf("attachment evaluated to invalid value, skipping"))
continue
}
if len(evaluatedAttachment) > flows.MaxAttachmentLength {
Expand All @@ -103,7 +103,7 @@ func (a *baseAction) evaluateMessage(run flows.Run, languages []i18n.Language, a
for _, qr := range translatedQuickReplies {
evaluatedQuickReply, _ := run.EvaluateTemplate(qr, logEvent)
if evaluatedQuickReply == "" {
logEvent(events.NewErrorf("quick reply text evaluated to empty string, skipping"))
logEvent(events.NewErrorf("quick reply evaluated to empty string, skipping"))
continue
}
evaluatedQuickReplies = append(evaluatedQuickReplies, stringsx.TruncateEllipsis(evaluatedQuickReply, flows.MaxQuickReplyLength))
Expand Down Expand Up @@ -261,9 +261,9 @@ func (a *otherContactsAction) resolveRecipients(run flows.Run, logEvent flows.Ev

// utility struct for actions which create a message
type createMsgAction struct {
Text string `json:"text" validate:"required" engine:"localized,evaluated"`
Attachments []string `json:"attachments,omitempty" engine:"localized,evaluated"`
QuickReplies []string `json:"quick_replies,omitempty" engine:"localized,evaluated"`
Text string `json:"text" validate:"required" engine:"localized,evaluated"`
Attachments []string `json:"attachments,omitempty" validate:"dive,attachment" engine:"localized,evaluated"`
QuickReplies []string `json:"quick_replies,omitempty" engine:"localized,evaluated"`
}

// helper function for actions that have a set of group references that must be resolved to actual groups
Expand Down
12 changes: 6 additions & 6 deletions flows/actions/testdata/send_broadcast.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,7 @@
],
"text": "Hi there!",
"attachments": [
"http://example.com/red.jpg"
"image:http://example.com/red.jpg"
],
"quick_replies": [
"Yes",
Expand All @@ -265,7 +265,7 @@
"Hola!"
],
"attachments": [
"http://example.com/rojo.jpg"
"image:http://example.com/rojo.jpg"
],
"quick_replies": [
"Si",
Expand All @@ -283,7 +283,7 @@
"eng": {
"text": "Hi there!",
"attachments": [
"http://example.com/red.jpg"
"image:http://example.com/red.jpg"
],
"quick_replies": [
"Yes",
Expand All @@ -293,7 +293,7 @@
"spa": {
"text": "Hola!",
"attachments": [
"http://example.com/rojo.jpg"
"image:http://example.com/rojo.jpg"
],
"quick_replies": [
"Si",
Expand All @@ -310,8 +310,8 @@
"templates": [
"Hi there!",
"Hola!",
"http://example.com/red.jpg",
"http://example.com/rojo.jpg",
"image:http://example.com/red.jpg",
"image:http://example.com/rojo.jpg",
"Yes",
"No",
"Si",
Expand Down
32 changes: 16 additions & 16 deletions flows/actions/testdata/send_msg.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"uuid": "ad154980-7bf7-4ab8-8728-545fd6378912",
"text": "",
"attachments": [
"http://example.com/red.jpg"
"image:http://example.com/red.jpg"
]
},
"read_error": "field 'text' is required"
Expand All @@ -28,8 +28,8 @@
"uuid": "ad154980-7bf7-4ab8-8728-545fd6378912",
"text": "Hi there @(1 / 0)",
"attachments": [
"http://example.com/red.jpg@(1 / 0)",
"@(xxxxx)"
"image:http://example.com/red.jpg@(1 / 0)",
"image:@(xxxxx)"
],
"quick_replies": [
"Red@(1 / 0)",
Expand Down Expand Up @@ -60,7 +60,7 @@
"type": "error",
"created_on": "2018-10-18T14:20:30.000123456Z",
"step_uuid": "59d74b86-3e2f-4a93-aece-b05d2fdcde0c",
"text": "attachment text evaluated to empty string, skipping"
"text": "attachment evaluated to invalid value, skipping"
},
{
"type": "error",
Expand All @@ -78,7 +78,7 @@
"type": "error",
"created_on": "2018-10-18T14:20:30.000123456Z",
"step_uuid": "59d74b86-3e2f-4a93-aece-b05d2fdcde0c",
"text": "quick reply text evaluated to empty string, skipping"
"text": "quick reply evaluated to empty string, skipping"
},
{
"type": "msg_created",
Expand All @@ -93,7 +93,7 @@
},
"text": "Hi there ",
"attachments": [
"http://example.com/red.jpg"
"image:http://example.com/red.jpg"
],
"quick_replies": [
"Red",
Expand All @@ -111,7 +111,7 @@
"uuid": "ad154980-7bf7-4ab8-8728-545fd6378912",
"text": "Hi there",
"attachments": [
"@(\" \")"
"image:@(\" \")"
],
"quick_replies": [
"@(\"\")"
Expand All @@ -122,13 +122,13 @@
"type": "error",
"created_on": "2018-10-18T14:20:30.000123456Z",
"step_uuid": "59d74b86-3e2f-4a93-aece-b05d2fdcde0c",
"text": "attachment text evaluated to empty string, skipping"
"text": "attachment evaluated to invalid value, skipping"
},
{
"type": "error",
"created_on": "2018-10-18T14:20:30.000123456Z",
"step_uuid": "59d74b86-3e2f-4a93-aece-b05d2fdcde0c",
"text": "quick reply text evaluated to empty string, skipping"
"text": "quick reply evaluated to empty string, skipping"
},
{
"type": "msg_created",
Expand All @@ -154,7 +154,7 @@
"uuid": "ad154980-7bf7-4ab8-8728-545fd6378912",
"text": "Hi there",
"attachments": [
"@(json(run) & json(run) & json(run))",
"image:@(json(run) & json(run) & json(run))",
"image/jpeg:http://exacmple.com/test.jpg"
]
},
Expand Down Expand Up @@ -710,7 +710,7 @@
"uuid": "ad154980-7bf7-4ab8-8728-545fd6378912",
"text": "Hi there!",
"attachments": [
"http://example.com/red.jpg"
"image:http://example.com/red.jpg"
],
"quick_replies": [
"Yes",
Expand All @@ -724,7 +724,7 @@
"Hola!"
],
"attachments": [
"http://example.com/rojo.jpg"
"image:http://example.com/rojo.jpg"
],
"quick_replies": [
"Si",
Expand All @@ -747,7 +747,7 @@
},
"text": "Hola!",
"attachments": [
"http://example.com/rojo.jpg"
"image:http://example.com/rojo.jpg"
],
"quick_replies": [
"Si",
Expand All @@ -760,16 +760,16 @@
"templates": [
"Hi there!",
"Hola!",
"http://example.com/red.jpg",
"http://example.com/rojo.jpg",
"image:http://example.com/red.jpg",
"image:http://example.com/rojo.jpg",
"Yes",
"No",
"Si",
"No"
],
"localizables": [
"Hi there!",
"http://example.com/red.jpg",
"image:http://example.com/red.jpg",
"Yes",
"No"
],
Expand Down
13 changes: 13 additions & 0 deletions utils/attachment.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,21 @@ package utils
import (
"regexp"
"strings"

"github.com/go-playground/validator/v10"
)

func init() {
RegisterValidatorTag("attachment",
func(fl validator.FieldLevel) bool {
return IsValidAttachment(fl.Field().String())
},
func(validator.FieldError) string {
return "is not a valid attachment"
},

Check warning on line 17 in utils/attachment.go

View check run for this annotation

Codecov / codecov/patch

utils/attachment.go#L13-L17 

Added lines #L13 - L17 were not covered by tests
)
}

// Attachment is a media attachment on a message in the format <content-type>:<url>. Content type may be a full
// media type or may omit the subtype when it is unknown.
//
Expand Down

0 comments on commit 3906714

Please sign in to comment.