Make allowedEndpoints a read-only array

This commit is contained in:
artrejo 2022-01-24 11:08:37 -08:00
parent 54cd7a32d8
commit dc543b5ae3
4 changed files with 20 additions and 68 deletions

View File

@ -339,10 +339,7 @@ export function createMongoCollectionWithProxy(
export function getFeatureEndpointOrDefault(feature: string): string {
const endpoint =
hasFlag(userContext.features.mongoProxyAPIs, feature) &&
validateEndpoint(
userContext.features.mongoProxyEndpoint,
allowedMongoProxyEndpoints.map((endpoint) => endpoint)
)
validateEndpoint(userContext.features.mongoProxyEndpoint, allowedMongoProxyEndpoints)
? userContext.features.mongoProxyEndpoint
: configContext.MONGO_BACKEND_ENDPOINT || configContext.BACKEND_ENDPOINT;

View File

@ -95,66 +95,31 @@ export function updateConfigContext(newContext: Partial<ConfigContext>): void {
return;
}
if (
!validateEndpoint(
newContext.ARM_ENDPOINT,
allowedArmEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.ARM_ENDPOINT, allowedArmEndpoints)) {
delete newContext.ARM_ENDPOINT;
}
if (
!validateEndpoint(
newContext.AAD_ENDPOINT,
allowedAadEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.AAD_ENDPOINT, allowedAadEndpoints)) {
delete newContext.AAD_ENDPOINT;
}
if (
!validateEndpoint(
newContext.EMULATOR_ENDPOINT,
allowedEmulatorEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.EMULATOR_ENDPOINT, allowedEmulatorEndpoints)) {
delete newContext.EMULATOR_ENDPOINT;
}
if (
!validateEndpoint(
newContext.GRAPH_ENDPOINT,
allowedGraphEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.GRAPH_ENDPOINT, allowedGraphEndpoints)) {
delete newContext.GRAPH_ENDPOINT;
}
if (
!validateEndpoint(
newContext.ARCADIA_ENDPOINT,
allowedArcadiaEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.ARCADIA_ENDPOINT, allowedArcadiaEndpoints)) {
delete newContext.ARCADIA_ENDPOINT;
}
if (
!validateEndpoint(
newContext.BACKEND_ENDPOINT,
allowedBackendEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.BACKEND_ENDPOINT, allowedBackendEndpoints)) {
delete newContext.BACKEND_ENDPOINT;
}
if (
!validateEndpoint(
newContext.MONGO_BACKEND_ENDPOINT,
allowedMongoBackendEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.MONGO_BACKEND_ENDPOINT, allowedMongoBackendEndpoints)) {
delete newContext.MONGO_BACKEND_ENDPOINT;
}
@ -162,21 +127,11 @@ export function updateConfigContext(newContext: Partial<ConfigContext>): void {
delete newContext.JUNO_ENDPOINT;
}
if (
!validateEndpoint(
newContext.hostedExplorerURL,
allowedHostedExplorerEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.hostedExplorerURL, allowedHostedExplorerEndpoints)) {
delete newContext.hostedExplorerURL;
}
if (
!validateEndpoint(
newContext.msalRedirectURI,
allowedMsalRedirectEndpoints.map((endpoint) => endpoint)
)
) {
if (!validateEndpoint(newContext.msalRedirectURI, allowedMsalRedirectEndpoints)) {
delete newContext.msalRedirectURI;
}

View File

@ -181,10 +181,7 @@ export default class Explorer {
// Override notebook server parameters from URL parameters
if (
userContext.features.notebookServerUrl &&
validateEndpoint(
userContext.features.notebookServerUrl,
allowedNotebookServerUrls.map((endpoint) => endpoint)
) &&
validateEndpoint(userContext.features.notebookServerUrl, allowedNotebookServerUrls) &&
userContext.features.notebookServerToken
) {
useNotebook.getState().setNotebookServerInfo({
@ -418,10 +415,7 @@ export default class Explorer {
useNotebook.getState().setConnectionInfo(connectionStatus);
useNotebook.getState().setNotebookServerInfo({
notebookServerEndpoint:
(validateEndpoint(
userContext.features.notebookServerUrl,
allowedNotebookServerUrls.map((endpoint) => endpoint)
) &&
(validateEndpoint(userContext.features.notebookServerUrl, allowedNotebookServerUrls) &&
userContext.features.notebookServerUrl) ||
connectionInfo.data.notebookServerUrl,
authToken: userContext.features.notebookServerToken || connectionInfo.data.notebookAuthToken,

View File

@ -1,8 +1,14 @@
import * as Logger from "../Common/Logger";
export function validateEndpoint(endpointToValidate: string | undefined, allowedEndpoints: string[]): boolean {
export function validateEndpoint(
endpointToValidate: string | undefined,
allowedEndpoints: ReadonlyArray<string>
): boolean {
try {
return validateEndpointInternal(endpointToValidate, allowedEndpoints);
return validateEndpointInternal(
endpointToValidate,
allowedEndpoints.map((e) => e)
);
} catch (reason) {
Logger.logError(`${endpointToValidate} not allowed`, "validateEndpoint");
Logger.logError(`${JSON.stringify(reason)}`, "validateEndpoint");