Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce client-side validation on methods #293

Open
PattaFeuFeu opened this issue Oct 21, 2023 · 2 comments
Open

Introduce client-side validation on methods #293

PattaFeuFeu opened this issue Oct 21, 2023 · 2 comments
Labels
code quality Everything related to code quality good first issue Good for newcomers, low-hanging fruit

Comments

@PattaFeuFeu
Copy link
Collaborator

PattaFeuFeu commented Oct 21, 2023
edited
Loading

In #287 and #286, I started introducing client-side validation for some very easy to catch errors defined by the Mastodon documentation, such as “input length should only be 80 characters”, “input should not contain spaces”, “input should not contain #”, and so on.

We want to go through all existing methods (“methods” meaning the methods in bigbone/src/main/kotlin/social/bigbone/api/method) and check where it could make sense to add client-side validation.

For the client-side validation, we want to return IllegalArgumentExceptions. For easy ones, we should use Kotlin’s require and a message lambda that we pass.

Example:

fun blockDomain(
    domain: String
) {
    require(domain.isNotBlank()) { "domain must not be blank" }

For the slightly harder ones where we deal with optional parameters that may or may not be null, but if they’re non-null need to follow certain criteria, we write our own checks, such as:

if (range.limit != null && range.limit > QUERY_RESULT_LIMIT) {
    throw IllegalArgumentException(
        "limit defined in Range must not be higher than $QUERY_RESULT_LIMIT but was ${range.limit}"
    )
}

@PattaFeuFeu I think we should go through all methods and implement these checks everywhere where needed. Let's create a separate issue for this. Any objections?

Originally posted by @andregasser in #287 (comment)
@PattaFeuFeu PattaFeuFeu added good first issue Good for newcomers, low-hanging fruit hacktoberfest labels Oct 21, 2023
This was referenced Oct 21, 2023
Merged
Merged
PattaFeuFeu added a commit that referenced this issue Oct 29, 2023
@PattaFeuFeu
#293 Add client-side validation for scheduling date
8d81658
@PattaFeuFeu PattaFeuFeu mentioned this issue Oct 29, 2023
Merged
5 tasks
bocops pushed a commit that referenced this issue Oct 30, 2023
@PattaFeuFeu
Parse ISO 8601 date(time) strings as Instant (#312)
88b5a52 
* #311 - Parse ISO 8601 date(time) strings as Instant

* Add serialize test

* Add concept of precision to date time properties of entities

* Improve comparability by introducing valid and invalid PrecisionDateTime

* Use correct descriptor name

* Ensure that StartOfDay is serialized correctly

* Update kDoc

* Serialize invalid values as null

* Expect scheduledAt as Instant instead of as String

* Add last missing type replacements

* #293 Add client-side validation for scheduling date

* Remove erroneous kDoc
@andregasser andregasser added code quality Everything related to code quality and removed hacktoberfest labels Nov 2, 2023
@bocops
Copy link
Collaborator

bocops commented Nov 30, 2023
edited
Loading

Having seen this in some newly added methods, I wonder if we should really do this everywhere, especially in cases where the server would fail safely, anyway.

For example, any endpoint that accepts a limit parameter will already coerce the given limit to be within the valid range, so any request with an invalid limit value should never fail, but just return less results than expected. This might happen anyway even for a valid limit value (if there simply aren't more results to return), so a library user would need to check the number of returned results anyway.

If these allowed limits ever change, whether it is between Mastodon versions or even by individual instances being configured manually, our library could not be fully used on some instances unless updated.

I do think that this is a good thing to do for cases where we are sure that the request would fail with some 4xx response or at least lead to very unexpected results, like trying to schedule a post in the past or with a string that cannot be parsed into any valid timestamp - but I doubt we should do it all across the board.

@bocops bocops mentioned this issue Nov 30, 2023
Merged
8 tasks
@PattaFeuFeu
Copy link
Collaborator Author

For example, any endpoint that accepts a limit parameter will already coerce the given limit to be within the valid range,[…]

Oh, I did not know that! I thought it would fail with a higher limit. That was my whole reason for doing client-side validation: To fail the request before it goes over the network to save resources.

If that turns out to not be the case, I’m also in favour of rolling those checks back.

If these allowed limits ever change, whether it is between Mastodon versions or even by individual instances being configured manually, our library could not be fully used on some instances unless updated.

Yep, excellent point. I did think about that possibility from time to time but never talked about it. Good that you raise it!

@bocops bocops mentioned this issue Nov 30, 2023
Closed
@PattaFeuFeu PattaFeuFeu mentioned this issue Nov 30, 2023
Merged
5 tasks
@PattaFeuFeu PattaFeuFeu mentioned this issue Dec 17, 2023
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
code quality Everything related to code quality good first issue Good for newcomers, low-hanging fruit
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@andregasser @PattaFeuFeu @bocops