slug validation

dragonpoo · dragonpoo · commit 081791f8701a · 2024-12-27T09:07:33.000-05:00
diff --git a/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/application/repository/ApplicationRepository.java b/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/application/repository/ApplicationRepository.java
@@ -67,6 +67,8 @@ public interface ApplicationRepository extends ReactiveMongoRepository<Applicati
      * Find all agency applications
      */
     Flux<Application> findByPublicToAllIsTrueAndAgencyProfileIsTrue();
-    Mono<Boolean> existsBySlug(String slug);
+
+    @Query("{ 'organizationId': ?0, 'slug': ?1 }")
+    Mono<Boolean> existsByOrganizationIdAndSlug(String organizationId, String slug);
 
 }
diff --git a/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/application/service/ApplicationServiceImpl.java b/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/application/service/ApplicationServiceImpl.java
@@ -18,6 +18,7 @@
 import org.lowcoder.domain.permission.model.ResourceType;
 import org.lowcoder.domain.permission.service.ResourcePermissionService;
 import org.lowcoder.domain.user.repository.UserRepository;
+import org.lowcoder.domain.util.SlugUtils;
 import org.lowcoder.infra.annotation.NonEmptyMono;
 import org.lowcoder.infra.mongo.MongoUpsertHelper;
 import org.lowcoder.sdk.constants.FieldName;
@@ -349,15 +350,15 @@ public Mono<Map<String, Object>> getLiveDSLByApplicationId(String applicationId)
 
     @Override
     public Mono<Application> updateSlug(String applicationId, String newSlug) {
-        return repository.existsBySlug(newSlug).flatMap(exists -> {
+        return repository.findById(applicationId).flatMap(application -> repository.existsByOrganizationIdAndSlug(application.getOrganizationId(), newSlug).flatMap(exists -> {
+            if (!SlugUtils.validate(newSlug)) {
+                return Mono.error(new BizException(BizError.INVALID_SLUG, "Slug format is invalid"));
+            }
             if (exists) {
                 return Mono.error(new BizException(BizError.DUPLICATE_ENTRY, "Slug already exists"));
             }
-            return repository.findById(applicationId)
-                    .flatMap(application -> {
-                        application.setSlug(newSlug);
-                        return repository.save(application);
-                    });
-        });
+            application.setSlug(newSlug);
+            return repository.save(application);
+        }));
     }
 }
diff --git a/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/organization/service/OrganizationServiceImpl.java b/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/organization/service/OrganizationServiceImpl.java
@@ -16,6 +16,7 @@
 import org.lowcoder.domain.organization.repository.OrganizationRepository;
 import org.lowcoder.domain.user.model.User;
 import org.lowcoder.domain.user.repository.UserRepository;
+import org.lowcoder.domain.util.SlugUtils;
 import org.lowcoder.infra.annotation.PossibleEmptyMono;
 import org.lowcoder.infra.mongo.MongoUpsertHelper;
 import org.lowcoder.sdk.config.CommonConfig;
@@ -292,6 +293,9 @@ private String buildCommonSettingsUpdateTimeKey(String key) {
     @Override
     public Mono<Organization> updateSlug(String organizationId, String newSlug) {
         return repository.existsBySlug(newSlug).flatMap(exists -> {
+            if (!SlugUtils.validate(newSlug)) {
+                return Mono.error(new BizException(BizError.INVALID_SLUG, "Slug format is invalid"));
+            }
             if (exists) {
                 return Mono.error(new BizException(BizError.DUPLICATE_ENTRY, "Slug already exists"));
             }
diff --git a/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/util/SlugUtils.java b/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/util/SlugUtils.java
@@ -0,0 +1,7 @@
+package org.lowcoder.domain.util;
+
+public class SlugUtils {
+    public static Boolean validate(String slug) {
+        return slug.matches("^[a-zA-Z0-9_-]*$");
+    }
+}
diff --git a/server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/exception/BizError.java b/server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/exception/BizError.java
@@ -154,7 +154,8 @@ public enum BizError {
     ILLEGAL_BUNDLE_PERMISSION_ID(500, 6404),
 
     //slug 6501 - 6501
-    DUPLICATE_ENTRY(403, 6501);
+    DUPLICATE_ENTRY(403, 6501),
+    INVALID_SLUG(403, 6502);
 
     static {
         checkDuplicates(values(), BizError::getBizErrorCode);

Original file line number	Diff line number	Diff line change
`@@ -67,6 +67,8 @@ public interface ApplicationRepository extends ReactiveMongoRepository<Applicati`
`67`	`67`	`* Find all agency applications`
`68`	`68`	`*/`
`69`	`69`	`Flux<Application> findByPublicToAllIsTrueAndAgencyProfileIsTrue();`
`70`		`- Mono<Boolean> existsBySlug(String slug);`
	`70`	`+`
	`71`	`+ @Query("{ 'organizationId': ?0, 'slug': ?1 }")`
	`72`	`+ Mono<Boolean> existsByOrganizationIdAndSlug(String organizationId, String slug);`
`71`	`73`
`72`	`74`	`}`