diff options
author | Wojtek Kosior <koszko@koszko.org> | 2022-03-01 11:29:26 +0100 |
---|---|---|
committer | Wojtek Kosior <koszko@koszko.org> | 2022-03-04 16:13:35 +0100 |
commit | 57ce414ca81682a71288018a4d9001604002ec23 (patch) | |
tree | b94c9c4cc9b5e4f6a12a82ed4f1ce66537f93525 /html | |
parent | 17e66592321d24a51b18019af84cbc664144d2de (diff) | |
download | browser-extension-57ce414ca81682a71288018a4d9001604002ec23.tar.gz browser-extension-57ce414ca81682a71288018a4d9001604002ec23.zip |
validate repository responses against JSON schemas
* compute_scripts.awk (include_file): don't enforce specific path format on #INCLUDE'd files
* .gitmodules, schemas: add Haketilo JSON schemas subrepo
* html/install.js (InstallView): import schema validator and run it against downloaded mapping and resource definitions
* html/repo_query.js (RepoEntry): import schema validator and run it against obtained query results
* test/haketilo_test/unit/test_install.py (test_install_normal_usage, test_install_dialogs): use underscore instead of hyphen in item identifiers
* test/haketilo_test/unit/test_install.py (test_install_dialogs): adapt error message test cases to new handling method of invalid JSON instanced
* test/haketilo_test/unit/test_repo_query.py (test_repo_query_normal_usage): use underscore instead of hyphen in item identifiers
* test/haketilo_test/unit/test_repo_query.py (test_repo_query_messages): use higher sample unsupported schema version to avoid having to modify the test case soon
* test/haketilo_test/world_wide_library.py: use underscore instead of hyphen in item identifiers
* common/jsonschema.js, common/jsonschema: adapt tdegrunt's jsonschema and include in Haketilo, load schema documents from schemas/
Diffstat (limited to 'html')
-rw-r--r-- | html/install.js | 42 | ||||
-rw-r--r-- | html/repo_query.js | 30 |
2 files changed, 34 insertions, 38 deletions
diff --git a/html/install.js b/html/install.js index 95388a3..c502719 100644 --- a/html/install.js +++ b/html/install.js @@ -45,10 +45,11 @@ #IMPORT html/dialog.js #IMPORT html/item_preview.js AS ip -#FROM common/browser.js IMPORT browser -#FROM html/DOM_helpers.js IMPORT clone_template, Showable -#FROM common/entities.js IMPORT item_id_string, version_string, get_files -#FROM common/misc.js IMPORT sha256_async AS compute_sha256 +#FROM common/browser.js IMPORT browser +#FROM html/DOM_helpers.js IMPORT clone_template, Showable +#FROM common/entities.js IMPORT item_id_string, version_string, get_files +#FROM common/misc.js IMPORT sha256_async AS compute_sha256 +#FROM common/jsonschema.js IMPORT haketilo_validator, haketilo_schemas const coll = new Intl.Collator(); @@ -113,19 +114,6 @@ async function init_work() { new Promise((...cbs) => [work.resolve_cb, work.reject_cb] = cbs)]; } -function _make_url_reg(item_type) { - return new RegExp( - `^https://hydrilla\\.koszko\\.org/schemas/api_${item_type}_description-1\\.([1-9][0-9]*\\.)*schema\\.json$` - ); -} - -const _regexes = {}; - -function item_schema_url_regex(item_type) { - _regexes[item_type] = _regexes[item_type] || _make_url_reg(item_type); - return _regexes[item_type]; -} - function InstallView(tab_id, on_view_show, on_view_hide) { Showable.call(this, on_view_show, on_view_hide); @@ -204,18 +192,22 @@ function InstallView(tab_id, on_view_show, on_view_hide) { } const captype = item_type[0].toUpperCase() + item_type.substring(1); - const reg = item_schema_url_regex(item_type); - if (!response.json["$schema"]) { + const $id = + `https://hydrilla.koszko.org/schemas/api_${item_type}_description-1.0.1.schema.json`; + const schema = haketilo_schemas[$id]; + const result = haketilo_validator.validate(response.json, schema); + if (result.errors.length > 0) { + const reg = new RegExp(schema.allOf[2].properties.$schema.pattern); + if (response.json.$schema && !reg.test(response.json.$schema)) { + const msg = `${captype} ${item_id_string(id, ver)} was served using unsupported Hydrilla API version. You might need to update Haketilo.`; + return work.err(result.errors, msg); + } + const msg = `${captype} ${item_id_string(id, ver)} was served using a nonconforming response format.`; - return work.err(null, msg); - } else if (!reg.test(response.json["$schema"])) { - const msg = `${captype} ${item_id_string(id, ver)} was served using unsupported Hydrilla API version. You might need to update Haketilo.`; - return work.err(null, msg); + return work.err(result.errors, msg); } - /* TODO: JSON schema validation should be added here. */ - const scripts = item_type === "resource" && response.json.scripts; const files = response.json.source_copyright.concat(scripts || []); diff --git a/html/repo_query.js b/html/repo_query.js index d2f0e9b..61f4b10 100644 --- a/html/repo_query.js +++ b/html/repo_query.js @@ -43,10 +43,11 @@ #IMPORT common/indexeddb.js AS haketilodb -#FROM common/browser.js IMPORT browser -#FROM html/DOM_helpers.js IMPORT clone_template, Showable -#FROM common/entities.js IMPORT item_id_string, version_string -#FROM html/install.js IMPORT InstallView +#FROM common/browser.js IMPORT browser +#FROM html/DOM_helpers.js IMPORT clone_template, Showable +#FROM common/entities.js IMPORT item_id_string, version_string +#FROM html/install.js IMPORT InstallView +#FROM common/jsonschema.js IMPORT haketilo_validator, haketilo_schemas const coll = new Intl.Collator(); @@ -68,10 +69,6 @@ function ResultEntry(repo_entry, mapping_ref) { this.install_but.addEventListener("click", cb); } -const query_schema_url_regex = new RegExp( - "^https://hydrilla\\.koszko\\.org/schemas/api_query_result-1\\.([1-9][0-9]*\\.)*schema\\.json$" -); - function RepoEntry(query_view, repo_url) { Object.assign(this, clone_template("repo_query_single_repo")); Object.assign(this, {query_view, repo_url}); @@ -94,12 +91,19 @@ function RepoEntry(query_view, repo_url) { if ("error_json" in response) throw "Repository's response is not valid JSON :("; - if (!response.json["$schema"]) - throw "Results were served using a nonconforming response format."; - if (!query_schema_url_regex.test(response.json["$schema"])) - throw "Results were served using unsupported Hydrilla API version. You might need to update Haketilo."; + const $id = + `https://hydrilla.koszko.org/schemas/api_query_result-1.0.1.schema.json`; + const schema = haketilo_schemas[$id]; + const result = haketilo_validator.validate(response.json, schema); + if (result.errors.length > 0) { + console.error(result.errors); + + const reg = new RegExp(schema.properties.$schema.pattern); + if (response.json.$schema && !reg.test(response.json.$schema)) + throw "Results were served using unsupported Hydrilla API version. You might need to update Haketilo."; - /* TODO: here we should perform JSON schema validation! */ + throw "Results were served using a nonconforming response format."; + } return response.json.mappings; } |