To gitea and beyond, let's go(-yco)

2025-11-10 19:12:09 +01:00
parent 8f6133392d
commit 71a031342b
245 changed files with 83994 additions and 0 deletions
--- a/internal/validation/validation.go
+++ b/internal/validation/validation.go
@@ -0,0 +1,413 @@
+package validation
+
+import (
+	"fmt"
+	"reflect"
+	"regexp"
+	"strconv"
+	"strings"
+	"unicode"
+)
+
+var EmailRegex = regexp.MustCompile(`^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$`)
+var UsernameRegex = regexp.MustCompile(`^[a-zA-Z0-9_-]{3,50}$`)
+var URLRegex = regexp.MustCompile(`^https?://[^\s/$.?#].[^\s]*$`)
+
+func ValidateEmail(email string) error {
+	email = strings.TrimSpace(email)
+	if email == "" {
+		return &ValidationError{Field: "email", Message: "Email is required"}
+	}
+	if len(email) > 254 {
+		return &ValidationError{Field: "email", Message: "Email is too long"}
+	}
+	if !EmailRegex.MatchString(email) {
+		return &ValidationError{Field: "email", Message: "Invalid email format"}
+	}
+	return nil
+}
+
+func ValidateUsername(username string) error {
+	username = strings.TrimSpace(username)
+	if username == "" {
+		return &ValidationError{Field: "username", Message: "Username is required"}
+	}
+	if len(username) < 3 {
+		return &ValidationError{Field: "username", Message: "Username must be at least 3 characters"}
+	}
+	if len(username) > 50 {
+		return &ValidationError{Field: "username", Message: "Username must be at most 50 characters"}
+	}
+	if !UsernameRegex.MatchString(username) {
+		return &ValidationError{Field: "username", Message: "Username can only contain letters, numbers, underscores, and hyphens"}
+	}
+	return nil
+}
+
+func ValidatePassword(password string) error {
+	if password == "" {
+		return &ValidationError{Field: "password", Message: "Password is required"}
+	}
+	if len(password) < 8 {
+		return &ValidationError{Field: "password", Message: "Password must be at least 8 characters long"}
+	}
+	if len(password) > 128 {
+		return &ValidationError{Field: "password", Message: "Password must be no more than 128 characters long"}
+	}
+
+	hasLetter := false
+	for _, char := range password {
+		if unicode.IsLetter(char) {
+			hasLetter = true
+			break
+		}
+	}
+	if !hasLetter {
+		return &ValidationError{Field: "password", Message: "Password must contain at least one letter"}
+	}
+
+	hasNumber := false
+	for _, char := range password {
+		if unicode.IsNumber(char) {
+			hasNumber = true
+			break
+		}
+	}
+	if !hasNumber {
+		return &ValidationError{Field: "password", Message: "Password must contain at least one number"}
+	}
+
+	hasSpecial := false
+	specialChars := "!@#$%^&*()_+-=[]{}|\\:\";'<>?,./~`"
+	for _, char := range password {
+		if strings.ContainsRune(specialChars, char) {
+			hasSpecial = true
+			break
+		}
+	}
+	if !hasSpecial {
+		return &ValidationError{Field: "password", Message: "Password must contain at least one special character"}
+	}
+
+	return nil
+}
+
+func ValidateTitle(title string) error {
+	title = strings.TrimSpace(title)
+	if title == "" {
+		return &ValidationError{Field: "title", Message: "Title is required"}
+	}
+	if len(title) < 3 {
+		return &ValidationError{Field: "title", Message: "Title must be at least 3 characters"}
+	}
+	if len(title) > 200 {
+		return &ValidationError{Field: "title", Message: "Title must be at most 200 characters"}
+	}
+	return nil
+}
+
+func ValidateContent(content string) error {
+	content = strings.TrimSpace(content)
+	if len(content) > 10000 {
+		return &ValidationError{Field: "content", Message: "Content must be at most 10000 characters"}
+	}
+	return nil
+}
+
+func ValidateURL(url string) error {
+	url = strings.TrimSpace(url)
+	if url == "" {
+		return &ValidationError{Field: "url", Message: "URL is required"}
+	}
+	if len(url) > 2048 {
+		return &ValidationError{Field: "url", Message: "URL is too long"}
+	}
+	if !URLRegex.MatchString(url) {
+		return &ValidationError{Field: "url", Message: "Invalid URL format. Only HTTP and HTTPS URLs are allowed"}
+	}
+	return nil
+}
+
+func ValidateSearchQuery(query string) error {
+	query = strings.TrimSpace(query)
+	if len(query) > 100 {
+		return &ValidationError{Field: "query", Message: "Search query is too long"}
+	}
+	return nil
+}
+
+func SanitizeString(input string) string {
+	input = strings.ReplaceAll(input, "\x00", "")
+	input = strings.ReplaceAll(input, "\r", "")
+	input = strings.ReplaceAll(input, "\n", "")
+	input = strings.ReplaceAll(input, "\t", "")
+	return strings.TrimSpace(input)
+}
+
+type ValidationError struct {
+	Field   string
+	Message string
+}
+
+func (e *ValidationError) Error() string {
+	return e.Message
+}
+
+type StructValidationError struct {
+	Errors []FieldValidationError
+}
+
+func (e *StructValidationError) Error() string {
+	if len(e.Errors) == 0 {
+		return "validation failed"
+	}
+	messages := make([]string, len(e.Errors))
+	for i, err := range e.Errors {
+		messages[i] = err.Message
+	}
+	return strings.Join(messages, "; ")
+}
+
+type FieldValidationError struct {
+	Field   string
+	Tag     string
+	Param   string
+	Message string
+}
+
+func ValidateStruct(s interface{}) error {
+	if s == nil {
+		return nil
+	}
+
+	val := reflect.ValueOf(s)
+	typ := reflect.TypeOf(s)
+
+	if val.Kind() == reflect.Ptr {
+		if val.IsNil() {
+			return nil
+		}
+		val = val.Elem()
+		typ = typ.Elem()
+	}
+
+	if val.Kind() != reflect.Struct {
+		return fmt.Errorf("ValidateStruct: expected struct, got %s", val.Kind())
+	}
+
+	var errors []FieldValidationError
+
+	for i := 0; i < val.NumField(); i++ {
+		field := typ.Field(i)
+		fieldVal := val.Field(i)
+
+		if !fieldVal.CanInterface() {
+			continue
+		}
+
+		validateTag := field.Tag.Get("validate")
+		if validateTag == "" {
+			continue
+		}
+
+		tags := strings.Split(validateTag, ",")
+		omitempty := false
+
+		for _, tag := range tags {
+			tag = strings.TrimSpace(tag)
+			if tag == "" {
+				continue
+			}
+
+			if tag == "omitempty" {
+				omitempty = true
+				continue
+			}
+
+			var tagName, param string
+			if idx := strings.Index(tag, "="); idx != -1 {
+				tagName = tag[:idx]
+				param = tag[idx+1:]
+			} else {
+				tagName = tag
+			}
+
+			if err := validateField(field.Name, fieldVal, tagName, param, omitempty); err != nil {
+				errors = append(errors, FieldValidationError{
+					Field:   field.Name,
+					Tag:     tagName,
+					Param:   param,
+					Message: err.Message,
+				})
+				if tagName == "required" {
+					break
+				}
+			}
+		}
+	}
+
+	if len(errors) > 0 {
+		return &StructValidationError{Errors: errors}
+	}
+
+	return nil
+}
+
+func validateField(fieldName string, fieldVal reflect.Value, tagName, param string, omitempty bool) *ValidationError {
+	if omitempty && isEmptyValue(fieldVal) {
+		return nil
+	}
+
+	switch tagName {
+	case "required":
+		if isEmptyValue(fieldVal) {
+			return &ValidationError{Field: fieldName, Message: fieldName + " is required"}
+		}
+	case "min":
+		if err := validateMin(fieldName, fieldVal, param); err != nil {
+			return err
+		}
+	case "max":
+		if err := validateMax(fieldName, fieldVal, param); err != nil {
+			return err
+		}
+	case "email":
+		if err := validateEmailTag(fieldName, fieldVal); err != nil {
+			return err
+		}
+	case "url":
+		if err := validateURLTag(fieldName, fieldVal); err != nil {
+			return err
+		}
+	case "oneof":
+		if err := validateOneOf(fieldName, fieldVal, param); err != nil {
+			return err
+		}
+	default:
+		return &ValidationError{Field: fieldName, Message: fieldName + " is invalid"}
+	}
+
+	return nil
+}
+
+func isEmptyValue(v reflect.Value) bool {
+	switch v.Kind() {
+	case reflect.String:
+		return v.String() == ""
+	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+		return v.Int() == 0
+	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64:
+		return v.Uint() == 0
+	case reflect.Float32, reflect.Float64:
+		return v.Float() == 0
+	case reflect.Bool:
+		return !v.Bool()
+	case reflect.Ptr, reflect.Interface, reflect.Slice, reflect.Map:
+		return v.IsNil()
+	default:
+		return false
+	}
+}
+
+func validateMin(fieldName string, v reflect.Value, param string) *ValidationError {
+	min, err := strconv.Atoi(param)
+	if err != nil {
+		return &ValidationError{Field: fieldName, Message: fieldName + " has invalid min parameter"}
+	}
+
+	switch v.Kind() {
+	case reflect.String:
+		if len(v.String()) < min {
+			return &ValidationError{Field: fieldName, Message: fmt.Sprintf("%s must be at least %d characters", fieldName, min)}
+		}
+	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+		if v.Int() < int64(min) {
+			return &ValidationError{Field: fieldName, Message: fmt.Sprintf("%s must be at least %d", fieldName, min)}
+		}
+	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64:
+		if v.Uint() < uint64(min) {
+			return &ValidationError{Field: fieldName, Message: fmt.Sprintf("%s must be at least %d", fieldName, min)}
+		}
+	}
+
+	return nil
+}
+
+func validateMax(fieldName string, v reflect.Value, param string) *ValidationError {
+	max, err := strconv.Atoi(param)
+	if err != nil {
+		return &ValidationError{Field: fieldName, Message: fieldName + " has invalid max parameter"}
+	}
+
+	switch v.Kind() {
+	case reflect.String:
+		if len(v.String()) > max {
+			return &ValidationError{Field: fieldName, Message: fmt.Sprintf("%s must be at most %d characters", fieldName, max)}
+		}
+	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+		if v.Int() > int64(max) {
+			return &ValidationError{Field: fieldName, Message: fmt.Sprintf("%s must be at most %d", fieldName, max)}
+		}
+	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64:
+		if v.Uint() > uint64(max) {
+			return &ValidationError{Field: fieldName, Message: fmt.Sprintf("%s must be at most %d", fieldName, max)}
+		}
+	}
+
+	return nil
+}
+
+func validateEmailTag(fieldName string, v reflect.Value) *ValidationError {
+	if v.Kind() != reflect.String {
+		return nil
+	}
+
+	email := strings.TrimSpace(v.String())
+	if email == "" {
+		return nil
+	}
+
+	if !EmailRegex.MatchString(email) {
+		return &ValidationError{Field: fieldName, Message: fieldName + " must be a valid email address"}
+	}
+
+	return nil
+}
+
+func validateURLTag(fieldName string, v reflect.Value) *ValidationError {
+	if v.Kind() != reflect.String {
+		return nil
+	}
+
+	url := strings.TrimSpace(v.String())
+	if url == "" {
+		return nil
+	}
+
+	if len(url) > 2048 {
+		return &ValidationError{Field: fieldName, Message: fieldName + " must be at most 2048 characters"}
+	}
+
+	if !URLRegex.MatchString(url) {
+		return &ValidationError{Field: fieldName, Message: fieldName + " must be a valid URL"}
+	}
+
+	return nil
+}
+
+func validateOneOf(fieldName string, v reflect.Value, param string) *ValidationError {
+	if v.Kind() != reflect.String {
+		return nil
+	}
+
+	value := v.String()
+	allowedValues := strings.Split(param, " ")
+
+	for _, allowed := range allowedValues {
+		if value == allowed {
+			return nil
+		}
+	}
+
+	return &ValidationError{Field: fieldName, Message: fieldName + " must be one of: " + param}
+}