Skip to content
This repository has been archived by the owner on Dec 8, 2022. It is now read-only.

Commit

Permalink
[CAD-2176] errors endpoint doesn't validate poolId properly.
Browse files Browse the repository at this point in the history
  • Loading branch information
@ksaric
ksaric committed Nov 22, 2020
1 parent 9dd40f6 commit 3f7af77
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 26 deletions.
3 changes: 3 additions & 0 deletions smash-servant-types/smash-servant-types.cabal
View file
Expand Up @@ -43,6 +43,9 @@ library
, base >=4.7 && <5
, bytestring
, cardano-prelude
, cardano-api
, cardano-db-sync
, base16-bytestring
, persistent
, servant
, servant-server
Expand Down
65 changes: 39 additions & 26 deletions smash-servant-types/src/Cardano/SMASH/Types.hs
View file
Expand Up @@ -2,7 +2,6 @@
{-# LANGUAGE DerivingStrategies #-}
{-# LANGUAGE MultiParamTypeClasses #-}


module Cardano.SMASH.Types
( ApplicationUser (..)
, ApplicationUsers (..)
Expand Down Expand Up @@ -40,31 +39,36 @@ module Cardano.SMASH.Types

import Cardano.Prelude

import Control.Monad.Fail (fail)

import Data.Aeson (FromJSON (..), ToJSON (..),
object, withObject, (.:), (.=))
import qualified Data.Aeson as Aeson
import Data.Aeson.Encoding (unsafeToEncoding)
import qualified Data.Aeson.Types as Aeson
import Data.Time.Clock (UTCTime)
import qualified Data.Time.Clock.POSIX as Time
import Data.Time.Format (defaultTimeLocale, formatTime,
parseTimeM)

import Data.Swagger (NamedSchema (..),
ToParamSchema (..),
ToSchema (..))
import Data.Text.Encoding (encodeUtf8Builder)

import Servant (FromHttpApiData (..),
MimeUnrender (..), OctetStream)

import Control.Monad.Fail (fail)

import Data.Aeson (FromJSON (..), ToJSON (..),
object, withObject, (.:),
(.=))
import qualified Data.Aeson as Aeson
import Data.Aeson.Encoding (unsafeToEncoding)
import qualified Data.Aeson.Types as Aeson
import qualified Data.ByteString.Char8 as BSC
import Data.Time.Clock (UTCTime)
import qualified Data.Time.Clock.POSIX as Time
import Data.Time.Format (defaultTimeLocale, formatTime,
parseTimeM)

import Data.Swagger (NamedSchema (..),
ToParamSchema (..),
ToSchema (..))
import Data.Text.Encoding (encodeUtf8Builder)

import Servant (FromHttpApiData (..),
MimeUnrender (..),
OctetStream)

import Cardano.Api.Typed hiding (PoolId)
import Cardano.SMASH.DBSync.Db.Error
import Cardano.SMASH.DBSync.Db.Types

import qualified Data.ByteString.Lazy as BL
import qualified Data.Text.Encoding as E
import qualified Data.ByteString.Base16 as B16
import qualified Data.ByteString.Lazy as BL
import qualified Data.Text.Encoding as E

-- | The basic @Configuration@.
data Configuration = Configuration
Expand Down Expand Up @@ -135,10 +139,19 @@ checkIfUserValid (ApplicationUsers applicationUsers) applicationUser@(Applicatio
instance FromHttpApiData TickerName where
parseUrlPiece tickerName = Right $ TickerName tickerName

-- TODO(KS): Temporarily, validation!?
-- Currently deserializing from safe types, unwrapping and wrapping it up again.
-- The underlying DB representation is HEX.
instance FromHttpApiData PoolId where
parseUrlPiece poolId = Right $ PoolId poolId
--TODO: parse hex or bech32
parseUrlPiece poolId =
case pHexStakePoolId poolId of
Nothing -> Left "Unable to parse pool id. Wrong format."
Just poolId' -> Right . PoolId . decodeUtf8 . B16.encode . serialiseToRawBytes $ poolId'

where
-- e5cb8a89cabad2cb22ea85423bcbbe270f292be3dbe838948456d3ae
pHexStakePoolId :: Text -> Maybe (Hash StakePoolKey)
pHexStakePoolId =
deserialiseFromRawBytesHex (AsHash AsStakePoolKey) . BSC.pack . toS

instance ToSchema PoolMetadataHash where
declareNamedSchema _ =
Expand Down

0 comments on commit 3f7af77

Please sign in to comment.