Merge pull request #7806 from wy65701436/valid-robot

add validation for robot account registration

src/common/models/robot.go

@@ -17,6 +17,7 @@ package models
 import (
 	"github.com/astaxie/beego/validation"
 	"github.com/goharbor/harbor/src/common/rbac"
+	"github.com/goharbor/harbor/src/common/utils"
 	"time"
 )
 
@@ -52,9 +53,14 @@ type RobotReq struct {
 	Access      []*rbac.Policy `json:"access"`
 }
 
-// Valid put request validation
+// Valid ...
 func (rq *RobotReq) Valid(v *validation.Validation) {
-	// ToDo: add validation for access info.
+	if utils.IsIllegalLength(rq.Name, 1, 255) {
+		v.SetError("name", "robot name with illegal length")
+	}
+	if utils.IsContainIllegalChar(rq.Name, []string{",", "~", "#", "$", "%"}) {
+		v.SetError("name", "robot name contains illegal characters")
+	}
 }
 
 // RobotRep ...

src/core/api/robot.go

@@ -107,7 +107,8 @@ func (r *RobotAPI) Post() {
 	}
 
 	var robotReq models.RobotReq
-	if err := r.DecodeJSONReq(&robotReq); err != nil {
+	isValid, err := r.DecodeJSONReqAndValidate(&robotReq)
+	if !isValid {
 		r.SendBadRequestError(err)
 		return
 	}
@@ -230,8 +231,7 @@ func (r *RobotAPI) Put() {
 	}
 
 	var robotReq models.RobotReq
-	isValid, err := r.DecodeJSONReqAndValidate(&robotReq)
+	if err := r.DecodeJSONReq(&robotReq); err != nil {
-	if !isValid {
 		r.SendBadRequestError(err)
 		return
 	}

src/core/api/robot_test.go

@@ -70,6 +70,19 @@ func TestRobotAPIPost(t *testing.T) {
 			},
 			code: http.StatusCreated,
 		},
+		// 400
+		{
+			request: &testingRequest{
+				method: http.MethodPost,
+				url:    robotPath,
+				bodyJSON: &models.RobotReq{
+					Name:        "testIllgel#",
+					Description: "test desc",
+				},
+				credential: projAdmin4Robot,
+			},
+			code: http.StatusBadRequest,
+		},
 		// 403 -- developer
 		{
 			request: &testingRequest{