Move name validation code to core

2025-12-15 14:45:45 +09:00
parent bf6027f507
commit 5f03b55eb5
8 changed files with 194 additions and 289 deletions
--- a/src/server/sql/database_operations.rs
+++ b/src/server/sql/database_operations.rs
@@ -6,7 +6,8 @@ use sqlx::prelude::*;
 use serde::{Deserialize, Serialize};

 use crate::core::protocol::CompleteDatabaseNameResponse;
-use crate::core::protocol::request_validation::AuthorizationError;
+use crate::core::protocol::request_validation::validate_db_or_user_request;
+use crate::core::types::DbOrUser;
 use crate::core::types::MySQLDatabase;
 use crate::core::types::MySQLUser;
 use crate::{
@@ -18,10 +19,7 @@ use crate::{
            ListDatabasesResponse,
        },
    },
-    server::{
-        common::create_user_group_matching_regex,
-        input_sanitization::{quote_identifier, validate_name, validate_ownership_by_unix_user},
-    },
+    server::{common::create_user_group_matching_regex, sql::quote_identifier},
 };

 // NOTE: this function is unsafe because it does no input validation.
@@ -95,17 +93,9 @@ pub async fn create_databases(
    let mut results = BTreeMap::new();

    for database_name in database_names {
-        if let Err(err) = validate_name(&database_name)
-            .map_err(AuthorizationError::SanitizationError)
-            .map_err(CreateDatabaseError::AuthorizationError)
-        {
-            results.insert(database_name.to_owned(), Err(err));
-            continue;
-        }
-
-        if let Err(err) = validate_ownership_by_unix_user(&database_name, unix_user)
-            .map_err(AuthorizationError::OwnershipError)
-            .map_err(CreateDatabaseError::AuthorizationError)
+        if let Err(err) =
+            validate_db_or_user_request(&DbOrUser::Database(database_name.clone()), unix_user)
+                .map_err(CreateDatabaseError::AuthorizationError)
        {
            results.insert(database_name.to_owned(), Err(err));
            continue;
@@ -155,17 +145,9 @@ pub async fn drop_databases(
    let mut results = BTreeMap::new();

    for database_name in database_names {
-        if let Err(err) = validate_name(&database_name)
-            .map_err(AuthorizationError::SanitizationError)
-            .map_err(DropDatabaseError::AuthorizationError)
-        {
-            results.insert(database_name.to_owned(), Err(err));
-            continue;
-        }
-
-        if let Err(err) = validate_ownership_by_unix_user(&database_name, unix_user)
-            .map_err(AuthorizationError::OwnershipError)
-            .map_err(DropDatabaseError::AuthorizationError)
+        if let Err(err) =
+            validate_db_or_user_request(&DbOrUser::Database(database_name.clone()), unix_user)
+                .map_err(DropDatabaseError::AuthorizationError)
        {
            results.insert(database_name.to_owned(), Err(err));
            continue;
@@ -258,17 +240,9 @@ pub async fn list_databases(
    let mut results = BTreeMap::new();

    for database_name in database_names {
-        if let Err(err) = validate_name(&database_name)
-            .map_err(AuthorizationError::SanitizationError)
-            .map_err(ListDatabasesError::AuthorizationError)
-        {
-            results.insert(database_name.to_owned(), Err(err));
-            continue;
-        }
-
-        if let Err(err) = validate_ownership_by_unix_user(&database_name, unix_user)
-            .map_err(AuthorizationError::OwnershipError)
-            .map_err(ListDatabasesError::AuthorizationError)
+        if let Err(err) =
+            validate_db_or_user_request(&DbOrUser::Database(database_name.clone()), unix_user)
+                .map_err(ListDatabasesError::AuthorizationError)
        {
            results.insert(database_name.to_owned(), Err(err));
            continue;