[ISSUE 6334] : Add uri validation for regex and other operators.

shenyu-admin/src/main/java/org/apache/shenyu/admin/service/RuleService.java

@@ -28,10 +28,9 @@
 import org.apache.shenyu.admin.model.result.ConfigImportResult;
 import org.apache.shenyu.admin.model.vo.RuleVO;
 import org.apache.shenyu.admin.service.configs.ConfigsImportContext;
+import org.apache.shenyu.admin.validation.validator.UriConditionValidator;
 import org.apache.shenyu.common.dto.RuleData;
-import org.apache.shenyu.common.enums.OperatorEnum;
 import org.apache.shenyu.common.enums.ParamTypeEnum;
-import org.springframework.web.util.pattern.PathPatternParser;
 
 import java.util.List;
 
@@ -63,9 +62,9 @@ default int createOrUpdate(final RuleDTO ruleDTO) {
             final List<RuleConditionDTO> ruleConditions = ruleDTO.getRuleConditions();
             ruleConditions.stream()
                     .filter(conditionData -> ParamTypeEnum.URI.getName().equals(conditionData.getParamType()))
-                    .filter(conditionData -> OperatorEnum.PATH_PATTERN.getAlias().equals(conditionData.getOperator()))
-                    .map(RuleConditionDTO::getParamValue)
-                    .forEach(PathPatternParser.defaultInstance::parse);
+                    .forEach(conditionData -> {
+                        UriConditionValidator.validate(conditionData.getOperator(), conditionData.getParamValue());
+                    });
         } catch (Exception e) {
             throw new ShenyuAdminException("uri validation of Condition failed, please check.", e);
         }
@@ -91,7 +90,7 @@ default int createOrUpdate(final RuleDTO ruleDTO) {
     /**
      * delete rules by ids and namespaceId.
      *
-     * @param ids primary key.
+     * @param ids         primary key.
      * @param namespaceId namespaceId.
      * @return rows int
      */
@@ -171,7 +170,7 @@ default int createOrUpdate(final RuleDTO ruleDTO) {
      * Find by selector id and name rule do.
      *
      * @param selectorId selector id
-     * @param name rule name
+     * @param name       rule name
      * @return {@link RuleDO}
      */
     RuleDO findBySelectorIdAndName(String selectorId, String name);
@@ -188,17 +187,17 @@ default int createOrUpdate(final RuleDTO ruleDTO) {
      * Import data.
      *
      * @param namespace namespace
-     * @param ruleList rule list
-     * @param context import context
+     * @param ruleList  rule list
+     * @param context   import context
      * @return config import result
      */
     ConfigImportResult importData(String namespace, List<RuleDTO> ruleList, ConfigsImportContext context);
 
     /**
      * Enabled string by ids and namespaceId.
      *
-     * @param ids     the ids
-     * @param enabled the enabled
+     * @param ids         the ids
+     * @param enabled     the enabled
      * @param namespaceId the namespaceId.
      * @return the result
      */

shenyu-admin/src/main/java/org/apache/shenyu/admin/validation/validator/UriConditionValidator.java

@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shenyu.admin.validation.validator;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
+import java.util.function.Consumer;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shenyu.common.enums.OperatorEnum;
+import org.springframework.web.util.pattern.PathPatternParser;
+
+public class UriConditionValidator {
+
+    private static final Map<String, Consumer<String>> VALIDATOR_MAP = new HashMap<>();
+
+    static {
+        VALIDATOR_MAP.put(OperatorEnum.PATH_PATTERN.getAlias(),
+                PathPatternParser.defaultInstance::parse);
+        VALIDATOR_MAP.put(OperatorEnum.REGEX.getAlias(), Pattern::compile);
+
+        Consumer<String> commonPathValidator = value -> {
+            if (!value.startsWith("/")) {
+                throw new IllegalArgumentException("The URI must start with '/'");
+            }
+            if (StringUtils.containsAny(value, " ", "\t", "\n")) {
+                throw new IllegalArgumentException(
+                        "The URI cannot contain whitespaces. Current value: " + value);
+            }
+        };
+        VALIDATOR_MAP.put(OperatorEnum.EQ.getAlias(), commonPathValidator);
+        VALIDATOR_MAP.put(OperatorEnum.STARTS_WITH.getAlias(), commonPathValidator);
+        VALIDATOR_MAP.put(OperatorEnum.ENDS_WITH.getAlias(), commonPathValidator);
+    }
+
+    public static void validate(final String operator, final String value) {
+        if (StringUtils.isBlank(value)) {
+            throw new IllegalArgumentException("The URI condition value cannot be empty.");
+        }
+        Consumer<String> validator = VALIDATOR_MAP.get(operator);
+        if (Objects.nonNull(validator)) {
+            validator.accept(value);
+        } else {
+            throw new IllegalArgumentException("No such operator: " + operator);
+        }
+    }
+
+
+}