mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 17:59:23 -04:00
de3f8fca00
## Summary This PR limits `perPage` param to 100 in `findComments` API. ### Checklist - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: lcawl <lcawley@elastic.co> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
65 lines
2.4 KiB
TypeScript
65 lines
2.4 KiB
TypeScript
/*
|
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
* or more contributor license agreements. Licensed under the Elastic License
|
|
* 2.0; you may not use this file except in compliance with the Elastic License
|
|
* 2.0.
|
|
*/
|
|
|
|
import Boom from '@hapi/boom';
|
|
import { MAX_DOCS_PER_PAGE, MAX_COMMENTS_PER_PAGE } from '../../../common/constants';
|
|
import {
|
|
isCommentRequestTypeExternalReference,
|
|
isCommentRequestTypePersistableState,
|
|
} from '../../../common/utils/attachments';
|
|
import type { CommentRequest, FindCommentsQueryParams } from '../../../common/api';
|
|
import type { ExternalReferenceAttachmentTypeRegistry } from '../../attachment_framework/external_reference_registry';
|
|
import type { PersistableStateAttachmentTypeRegistry } from '../../attachment_framework/persistable_state_registry';
|
|
|
|
export const validateRegisteredAttachments = ({
|
|
query,
|
|
persistableStateAttachmentTypeRegistry,
|
|
externalReferenceAttachmentTypeRegistry,
|
|
}: {
|
|
query: CommentRequest;
|
|
persistableStateAttachmentTypeRegistry: PersistableStateAttachmentTypeRegistry;
|
|
externalReferenceAttachmentTypeRegistry: ExternalReferenceAttachmentTypeRegistry;
|
|
}) => {
|
|
if (
|
|
isCommentRequestTypeExternalReference(query) &&
|
|
!externalReferenceAttachmentTypeRegistry.has(query.externalReferenceAttachmentTypeId)
|
|
) {
|
|
throw Boom.badRequest(
|
|
`Attachment type ${query.externalReferenceAttachmentTypeId} is not registered.`
|
|
);
|
|
}
|
|
|
|
if (
|
|
isCommentRequestTypePersistableState(query) &&
|
|
!persistableStateAttachmentTypeRegistry.has(query.persistableStateAttachmentTypeId)
|
|
) {
|
|
throw Boom.badRequest(
|
|
`Attachment type ${query.persistableStateAttachmentTypeId} is not registered.`
|
|
);
|
|
}
|
|
};
|
|
|
|
export const validateFindCommentsPagination = (params?: FindCommentsQueryParams) => {
|
|
if (params?.page == null && params?.perPage == null) {
|
|
return;
|
|
}
|
|
|
|
const pageAsNumber = params.page ?? 0;
|
|
const perPageAsNumber = params.perPage ?? 0;
|
|
|
|
if (perPageAsNumber > MAX_COMMENTS_PER_PAGE) {
|
|
throw Boom.badRequest(
|
|
`The provided perPage value was too high. The maximum allowed perPage value is ${MAX_COMMENTS_PER_PAGE}.`
|
|
);
|
|
}
|
|
|
|
if (Math.max(pageAsNumber, pageAsNumber * perPageAsNumber) > MAX_DOCS_PER_PAGE) {
|
|
throw Boom.badRequest(
|
|
'The number of documents is too high. Paginating through more than 10,000 documents is not possible.'
|
|
);
|
|
}
|
|
};
|