diff options
author | Ritu Sood <ritu.sood@intel.com> | 2020-08-04 14:46:34 -0700 |
---|---|---|
committer | Ritu Sood <ritu.sood@intel.com> | 2020-08-20 11:42:12 -0700 |
commit | 6fc3a329aba55dfa2d4867bde9d8a3126b45f59a (patch) | |
tree | 21e39a03255198a8f0781a78ad9e2ade1f3c28ed /src/orchestrator/api/app_profilehandler.go | |
parent | 6e5ca4741dab0de3b4d89f410f0ff9d0313d6aee (diff) |
Add Validation for API's
Adding input validations for API based
on Json schemas
Issue-ID: MULTICLOUD-1096
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
Change-Id: If6591bdef6305f87cbce7ef56d894376f687c6c1
Diffstat (limited to 'src/orchestrator/api/app_profilehandler.go')
-rw-r--r-- | src/orchestrator/api/app_profilehandler.go | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/orchestrator/api/app_profilehandler.go b/src/orchestrator/api/app_profilehandler.go index f2475e23..2fa0f26d 100644 --- a/src/orchestrator/api/app_profilehandler.go +++ b/src/orchestrator/api/app_profilehandler.go @@ -73,6 +73,13 @@ func (h appProfileHandler) createAppProfileHandler(w http.ResponseWriter, r *htt return } + jsonFile := "json-schemas/metadata.json" + // Verify JSON Body + err, httpError := validation.ValidateJsonSchemaData(jsonFile, ap) + if err != nil { + http.Error(w, err.Error(), httpError) + return + } //Read the file section and ignore the header file, _, err := r.FormFile("file") if err != nil { @@ -88,7 +95,11 @@ func (h appProfileHandler) createAppProfileHandler(w http.ResponseWriter, r *htt http.Error(w, "Unable to read file", http.StatusUnprocessableEntity) return } - + // Limit file Size to 1 GB + if len(content) > 1073741824 { + http.Error(w, "File Size Exceeds 1 GB", http.StatusUnprocessableEntity) + return + } err = validation.IsTarGz(bytes.NewBuffer(content)) if err != nil { http.Error(w, "Error in file format", http.StatusUnprocessableEntity) |