From f880bc33615c80a68449acc5431c99d2f4ec0b68 Mon Sep 17 00:00:00 2001
From: chlins <chenyuzh@vmware.com>
Date: Wed, 10 Nov 2021 14:49:45 +0800
Subject: [PATCH] fix(replication): enhance the replication rule validation

Signed-off-by: chlins <chenyuzh@vmware.com>
---
 src/pkg/project/manager.go                    |  5 +++
 src/pkg/reg/adapter/harbor/base/adapter.go    |  2 +
 .../reg/adapter/harbor/base/adapter_test.go   | 44 +++++++++++++++++++
 3 files changed, 51 insertions(+)

diff --git a/src/pkg/project/manager.go b/src/pkg/project/manager.go
index b7ff44145b..443ddb9453 100644
--- a/src/pkg/project/manager.go
+++ b/src/pkg/project/manager.go
@@ -17,6 +17,7 @@ package project
 import (
 	"context"
 	"regexp"
+	"strings"
 
 	"github.com/goharbor/harbor/src/common/utils"
 	"github.com/goharbor/harbor/src/lib/errors"
@@ -105,6 +106,10 @@ func (m *manager) Get(ctx context.Context, idOrName interface{}) (*models.Projec
 	}
 	name, ok := idOrName.(string)
 	if ok {
+		// check white space in project name
+		if strings.Contains(name, " ") {
+			return nil, errors.BadRequestError(nil).WithMessage("invalid project name: '%s'", name)
+		}
 		return m.dao.GetByName(ctx, name)
 	}
 	return nil, errors.Errorf("invalid parameter: %v, should be ID(int64) or name(string)", idOrName)
diff --git a/src/pkg/reg/adapter/harbor/base/adapter.go b/src/pkg/reg/adapter/harbor/base/adapter.go
index 52ac8d8a50..21d5523759 100644
--- a/src/pkg/reg/adapter/harbor/base/adapter.go
+++ b/src/pkg/reg/adapter/harbor/base/adapter.go
@@ -224,6 +224,8 @@ func (a *Adapter) ListProjects(filters []*model.Filter) ([]*Project, error) {
 		names, ok := util.IsSpecificPathComponent(projectPattern)
 		if ok {
 			for _, name := range names {
+				// trim white space in project name
+				name = strings.TrimSpace(name)
 				project, err := a.Client.GetProject(name)
 				if err != nil {
 					return nil, err
diff --git a/src/pkg/reg/adapter/harbor/base/adapter_test.go b/src/pkg/reg/adapter/harbor/base/adapter_test.go
index e7b8fbe8da..3c54238996 100644
--- a/src/pkg/reg/adapter/harbor/base/adapter_test.go
+++ b/src/pkg/reg/adapter/harbor/base/adapter_test.go
@@ -251,3 +251,47 @@ func TestAbstractPublicMetadata(t *testing.T) {
 	require.Equal(t, 1, len(meta))
 	require.Equal(t, "true", meta["public"].(string))
 }
+
+func TestListProjects(t *testing.T) {
+	server := test.NewServer(
+		&test.RequestHandlerMapping{
+			Method:  http.MethodGet,
+			Pattern: "/api/projects",
+			Handler: func(w http.ResponseWriter, r *http.Request) {
+				w.WriteHeader(http.StatusOK)
+				w.Write([]byte(`[{"name": "p1"}, {"name": "p2"}]`))
+			},
+		},
+	)
+
+	defer server.Close()
+
+	registry := &model.Registry{
+		URL: server.URL,
+	}
+	adapter, err := New(registry)
+	require.Nil(t, err)
+
+	validPattern := "{p1,p2}/**"
+	// has " " in the p2 project name
+	invalidPattern := "{p1, p2}/**"
+	filters := []*model.Filter{
+		{
+			Type:  "name",
+			Value: validPattern,
+		},
+	}
+	projects, err := adapter.ListProjects(filters)
+	require.Nil(t, err)
+	require.Len(t, projects, 2)
+	require.Equal(t, "p1", projects[0].Name)
+	require.Equal(t, "p2", projects[1].Name)
+
+	// invalid pattern, should also work with trim white space in project name.
+	filters[0].Value = invalidPattern
+	_, err = adapter.ListProjects(filters)
+	require.Nil(t, err)
+	require.Len(t, projects, 2)
+	require.Equal(t, "p1", projects[0].Name)
+	require.Equal(t, "p2", projects[1].Name)
+}