feat(validation): add custom validation rules for Git repository URLs and branches

- Introduced `ValidGitRepositoryUrl` and `ValidGitBranch` validation rules to ensure safe and valid input for Git repository URLs and branch names. - Updated relevant Livewire components and API controllers to utilize the new validation rules, enhancing security against command injection and invalid inputs. - Refactored existing validation logic to improve consistency and maintainability across the application.
2025-08-22 14:38:21 +02:00
parent 841e33bac0
commit 8408205955
9 changed files with 393 additions and 28 deletions
--- a/app/Livewire/Project/New/GithubPrivateRepository.php
+++ b/app/Livewire/Project/New/GithubPrivateRepository.php
@@ -7,6 +7,7 @@ use App\Models\GithubApp;
 use App\Models\Project;
 use App\Models\StandaloneDocker;
 use App\Models\SwarmDocker;
+use App\Rules\ValidGitBranch;
 use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Facades\Route;
 use Livewire\Component;
@@ -155,6 +156,21 @@ class GithubPrivateRepository extends Component
    public function submit()
    {
        try {
+            // Validate git repository parts and branch
+            $validator = validator([
+                'selected_repository_owner' => $this->selected_repository_owner,
+                'selected_repository_repo' => $this->selected_repository_repo,
+                'selected_branch_name' => $this->selected_branch_name,
+            ], [
+                'selected_repository_owner' => 'required|string|regex:/^[a-zA-Z0-9\-_]+$/',
+                'selected_repository_repo' => 'required|string|regex:/^[a-zA-Z0-9\-_\.]+$/',
+                'selected_branch_name' => ['required', 'string', new ValidGitBranch],
+            ]);
+
+            if ($validator->fails()) {
+                throw new \RuntimeException('Invalid repository data: '.$validator->errors()->first());
+            }
+
            $destination_uuid = $this->query['destination'];
            $destination = StandaloneDocker::where('uuid', $destination_uuid)->first();
            if (! $destination) {
@@ -171,8 +187,8 @@ class GithubPrivateRepository extends Component
            $application = Application::create([
                'name' => generate_application_name($this->selected_repository_owner.'/'.$this->selected_repository_repo, $this->selected_branch_name),
                'repository_project_id' => $this->selected_repository_id,
-                'git_repository' => "{$this->selected_repository_owner}/{$this->selected_repository_repo}",
-                'git_branch' => $this->selected_branch_name,
+                'git_repository' => str($this->selected_repository_owner)->trim()->toString().'/'.str($this->selected_repository_repo)->trim()->toString(),
+                'git_branch' => str($this->selected_branch_name)->trim()->toString(),
                'build_pack' => $this->build_pack,
                'ports_exposes' => $this->port,
                'publish_directory' => $this->publish_directory,