feat!: input validation #343
Conversation
| @@ -89,7 +89,7 @@ export function makePrivateKeySigner(privateKey: PrivateKeyBytes): Signer { | |||
| } | |||
|
|
|||
| export function assertSigner(signer: unknown): asserts signer is Signer { | |||
| if (typeof signer !== 'object' || signer === null) { | |||
| if (typeof signer !== 'object' || signer === null || Array.isArray(signer)) { | |||
There was a problem hiding this comment.
Can you please explain the use-case when the signer is an array?
There was a problem hiding this comment.
This is an assertion that Signer is not an array ;-) Because arrays are objects, so simple typeof signer !== 'object' won't catch that.
There was a problem hiding this comment.
It is strange for me why you check it shouldn't be array, you could check also then it is not a number, boolean, etc. but what if it is an array that has the below checked functions that we call only? Will the code not run successfully?
There was a problem hiding this comment.
Ehm, well technically you are right, but are you really suggesting that we should support this type of object?
const signer = []
signer.sign = () => {...}
signer.address = '...'Honestly, this looks evil to me, and that is the reason why Arrays (even though yes, they are technically object) are not allowed.
There was a problem hiding this comment.
we shouldn't support but I don't see why it is necessary to check, because it does not cause any failure
There was a problem hiding this comment.
I also don't think we need to support such array definition. That being said, the fact that we have such discussion indicates the code is confusing. Maybe this should be a different condition checking what the input SHOULD be and not what it SHOULD NOT be. So something like:
if (!(
typeof singer === `object`
typeof signer.sign === 'function' &&
typeof signer.address === 'string' &&
...
)) throw ...
Co-authored-by: Attila Gazso <agazso@gmail.com>
AuHau
force-pushed
the
feat/input-validation
branch
from
dc20db7
to
846a9a3
Compare
Well, then can I remove the |
| @@ -89,7 +89,7 @@ export function makePrivateKeySigner(privateKey: PrivateKeyBytes): Signer { | |||
| } | |||
|
|
|||
| export function assertSigner(signer: unknown): asserts signer is Signer { | |||
| if (typeof signer !== 'object' || signer === null) { | |||
| if (typeof signer !== 'object' || signer === null || Array.isArray(signer)) { | |||
There was a problem hiding this comment.
It is strange for me why you check it shouldn't be array, you could check also then it is not a number, boolean, etc. but what if it is an array that has the below checked functions that we call only? Will the code not run successfully?
| if (typeof options.tag !== 'number') { | ||
| throw new TypeError(`options.tag property in ${name} has to be number or undefined!`) | ||
| } | ||
|
|
||
| assertNonNegativeInteger(options.tag, 'options.tag') |
There was a problem hiding this comment.
the assertNonNegativeInteger already checks the value is whether a number so this condition runs twice. If we need some integers shouldn't be bigint, then I suggest that you should refactor the assertNonNegativeInteger that could only accept number as integer if its bigint: boolean parameter is false, or even better if you make a separate function for only number types which does the same.
|
|
||
| export function assertPssMessageHandler(value: unknown): asserts value is PssMessageHandler { | ||
| if (typeof value !== 'object' || value === null || Array.isArray(value)) { | ||
| throw new TypeError('PssMessageHandler has to be object!') |
| if (typeof topic !== 'string') { | ||
| throw new TypeError('topic has to be an string!') | ||
| } |
There was a problem hiding this comment.
Here the topic should be a 32 lengthed hex string without prefix, shouldn't it?
There was a problem hiding this comment.
I don't think so. This is a PSS topic which I think is different from Feed's topic.
There was a problem hiding this comment.
In what points are different? and why we don't distinguish feed topic from pss topic then?
There was a problem hiding this comment.
Honestly, I am not sure, but this is already confusing on Bee's side. Feed topic is advertised as hex string as per API reference while PSS's topic is advertised as generic string.
I am all in to clear this up, but I don't think this is the time for that. I would start from Bee side to clarify what is expected, update API reference and then we can tackle that on bee-js side.
There was a problem hiding this comment.
that's why I'm interested, because in swarm-cli we handle the PSS topics in the same way like the Feed topics.
There was a problem hiding this comment.
I agree that this is confusing on the Bee side and I opened an issue about it. It seems that the way how we handle PSS topics in swarm-cli is incorrect at the moment (opened and issue about it as well).
| if (typeof topic !== 'string') { | ||
| throw new TypeError('topic has to be an string!') | ||
| } |
There was a problem hiding this comment.
Here the topic should be a 32 lengthed hex string without prefix, shouldn't it?
Co-authored-by: nugaon <50576770+nugaon@users.noreply.github.com>
This reverts commit 9fa2189.
Closes #202 and closes #248