Hardened Condition.to_string()

Kuadrant · Sep 1, 2022 · 2db3242 · 2db3242
1 parent c7dc9a7
commit 2db3242
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 13 deletions.
diff --git a/limitador-server/src/main.rs b/limitador-server/src/main.rs
@@ -466,7 +466,7 @@ fn create_config() -> (Configuration, String) {
             Arg::with_name("validate")
                 .long("validate")
                 .display_order(7)
-                .help("Validates the LIMITS_FILE and exits")
+                .help("Validates the LIMITS_FILE and exits"),
         )
         .subcommand(
             SubCommand::with_name("memory")
@@ -565,7 +565,13 @@ fn create_config() -> (Configuration, String) {
                 let parsed_limits: Result<Vec<Limit>, _> = serde_yaml::from_reader(f);
                 match parsed_limits {
                     Ok(limits) => {
-                        let output: Vec<http_api::LimitVO> = limits.iter().map(|l| l.into()).collect();
+
+                        if limitador::limit::check_deprecated_syntax_usages_and_reset() {
+                            eprintln!("Deprecated syntax for conditions corrected!\n")
+                        }
+
+                        let output: Vec<http_api::LimitVO> =
+                            limits.iter().map(|l| l.into()).collect();
                         match serde_yaml::to_string(&output) {
                             Ok(cfg) => {
                                 println!("{}", cfg);
@@ -577,23 +583,18 @@ fn create_config() -> (Configuration, String) {
                             }
                         }
                     }
-                    Err(e) => LimitadorServerError::ConfigFile(format!(
-                        "Couldn't parse: {}",
-                        e
-                    )),
+                    Err(e) => LimitadorServerError::ConfigFile(format!("Couldn't parse: {}", e)),
                 }
             }
             Err(e) => LimitadorServerError::ConfigFile(format!(
                 "Couldn't read file '{}': {}",
-                limits_file,
-                e
+                limits_file, e
             )),
         };
         eprintln!("Invalid file: {:?}", error);
         process::exit(1);
     }
 
-
     let storage = match matches.subcommand() {
         Some(("redis", sub)) => StorageConfiguration::Redis(RedisStorageConfiguration {
             url: sub.value_of("URL").unwrap().to_owned(),

diff --git a/limitador/src/limit.rs b/limitador/src/limit.rs
@@ -239,9 +239,14 @@ impl From<Condition> for String {
     fn from(condition: Condition) -> Self {
         let p = &condition.predicate;
         let predicate: String = p.clone().into();
+        let quotes = if condition.operand.contains('"') {
+            '\''
+        } else {
+            '"'
+        };
         format!(
-            "{} {} '{}'",
-            condition.var_name, predicate, condition.operand
+            "{} {} {}{}{}",
+            condition.var_name, predicate, quotes, condition.operand, quotes
         )
     }
 }
@@ -967,6 +972,6 @@ mod tests {
             operand: "ok".to_string(),
         };
         let result = serde_json::to_string(&condition).expect("Should serialize");
-        assert_eq!(result, r#""foobar == 'ok'""#.to_string());
+        assert_eq!(result, r#""foobar == \"ok\"""#.to_string());
     }
 }
diff --git a/limitador/src/storage/keys.rs b/limitador/src/storage/keys.rs
@@ -63,7 +63,7 @@ mod tests {
             vec!["app_id"],
         );
         assert_eq!(
-            "namespace:{example.com},counters_of_limit:{\"namespace\":\"example.com\",\"seconds\":60,\"conditions\":[\"req.method == 'GET'\"],\"variables\":[\"app_id\"]}",
+            "namespace:{example.com},counters_of_limit:{\"namespace\":\"example.com\",\"seconds\":60,\"conditions\":[\"req.method == \\\"GET\\\"\"],\"variables\":[\"app_id\"]}",
             key_for_counters_of_limit(&limit))
     }
 }