From 9776c9b5944dc5832b5f1f50c164ef66b7466c16 Mon Sep 17 00:00:00 2001 From: "Christian R. Garcia" Date: Wed, 27 Nov 2024 07:38:45 -0800 Subject: [PATCH] Updating regex and improved debug --- service/models_pods.py | 18 ++++++++++-------- service/models_templates_tags.py | 4 ++-- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/service/models_pods.py b/service/models_pods.py index c7a6308..1dc3331 100644 --- a/service/models_pods.py +++ b/service/models_pods.py @@ -81,7 +81,7 @@ class Networking(TapisModel): url: str = Field("", description = "URL used to access the port of the pod defined in this networking object. Generated by service.") ip_allow_list: list[str] = Field([], description = "List of IPs that are allowed to access this specific pod port. If empty, all IPs are allowed. ex. ['127.0.0.1/32', '192.168.1.7']") tapis_auth: bool = Field(False, description = "If true, will require Tapis auth to access the pod.") - tapis_auth_response_headers: Dict[str, str] = Field([], description = "Specification of headers to forward to the pod when using Tapis auth.") + tapis_auth_response_headers: Dict[str, str] = Field({}, description = "Specification of headers to forward to the pod when using Tapis auth.") tapis_auth_allowed_users: list[str] = Field(["*"], description = "List of users allowed to access the pod when using Tapis auth. Also accepts basic regex patterns to match against.") tapis_auth_return_path: str = Field("/", description = "Path to redirect to when accessing the pod via Tapis auth.") tapis_ui_uri: str = Field("", description = "Path to redirect to when accessing the pod via Tapis UI.") @@ -108,7 +108,7 @@ def check_url(cls, v): # Regex match to ensure url is safe with only [A-z0-9.-] chars. res = re.fullmatch(r'[a-z][a-z0-9.-]+', v) if not res: - raise ValueError(f"networking.url can only contain lowercase alphanumeric characters, periods, and hyphens.") + raise ValueError(f"networking.url can only contain lowercase alphanumeric characters, periods, and hyphens. Got {v}") # pod_id char limit = 64 if len(v) > 128: raise ValueError(f"networking.*.url length must be below 128 characters. Inputted length: {len(v)}") @@ -131,12 +131,14 @@ def check_tapis_auth_forward_cookies(cls, v): @validator('tapis_auth_return_path') def check_tapis_auth_return_path(cls, v): if v: + if not v.startswith('/'): + raise ValueError(f"networking.tapis_auth_return_path should start with '/'. Got {v}") # Regex match to ensure url is safe with only [A-z0-9.-/] chars. - res = re.fullmatch(r'[a-z][a-z0-9.-/]+', v) + res = re.fullmatch(r'(?:[A-Za-z0-9.\-_\/]+)', v) if not res: - raise ValueError(f"networking.tapis_auth_return_path can only contain lowercase alphanumeric characters, periods, forward-slash, and hyphens.") + raise ValueError(f"networking.tapis_auth_return_path should start with '/' and can contain alphanumeric characters, periods, forward-slash, underscores, and hyphens. Got {v}") if len(v) > 180: - raise ValueError(f"networking.tapis_auth_return_path length must be below 180 characters. Inputted length: {len(v)}") + raise ValueError(f"networking.tapis_auth_return_path length must be below 180 characters. Got length: {len(v)}") return v @validator('tapis_auth_allowed_users') @@ -155,7 +157,7 @@ def check_tapis_ui_uri(cls, v): # Regex match to ensure url is safe with only [A-z0-9.-/] chars. res = re.fullmatch(r'[a-z][a-z0-9.-/]+', v) if not res: - raise ValueError(f"networking.tapis_ui_uri can only contain lowercase alphanumeric characters, periods, forward-slash, and hyphens.") + raise ValueError(f"networking.tapis_ui_uri can only contain lowercase alphanumeric characters, periods, forward-slash, and hyphens. Got {v}") # pod_id char limit = 64 if len(v) > 128: raise ValueError(f"networking.tapis_ui_uri length must be below 128 characters. Inputted length: {len(v)}") @@ -165,7 +167,7 @@ def check_tapis_ui_uri(cls, v): def check_tapis_ui_uri_description(cls, v): # ensure tapis_ui_uri_description is all ascii if not v.isascii(): - raise ValueError(f"networking.tapis_ui_uri_description field may only contain ASCII characters.") + raise ValueError(f"networking.tapis_ui_uri_description field may only contain ASCII characters. Got {v}") # make sure tapis_ui_uri_description < 255 characters if len(v) > 255: raise ValueError(f"networking.tapis_ui_uri_description field must be less than 255 characters. Inputted length: {len(v)}") @@ -177,7 +179,7 @@ def check_tapis_auth_fields(cls, values): tapis_auth = values.get('tapis_auth') if tapis_auth and protocol != "http": - raise ValueError(f"networking.tapis_auth can only be used with protocol 'http'.") + raise ValueError(f"networking.tapis_auth can only be used with protocol 'http'. Got protocol {protocol}.") return values diff --git a/service/models_templates_tags.py b/service/models_templates_tags.py index b3caed3..f3ebd7d 100644 --- a/service/models_templates_tags.py +++ b/service/models_templates_tags.py @@ -484,14 +484,14 @@ def combine_pod_and_template_recursively(input_obj, template_name, seen_template logger.debug(f"End of combine_pod_and_template_recursively for template: {template_name}, tenant: {tenant}, site: {site}") try: - if input_obj.resources: + if input_obj.resources and not type(input_obj.resources) == dict: input_obj.resources = input_obj.resources.dict() except Exception as e: logger.debug(f'this resources part: Got exception when attempting to combine pod and templates: {e}') pass try: - if input_obj.networking: + if input_obj.networking and not type(input_obj.networking) == dict: input_obj.networking = input_obj.networking.dict() except Exception as e: logger.debug(f'this networking part: Got exception when attempting to combine pod and templates: {e}')