PIM: remove colon from valid peer UID character set (FDO #56436)

Using the UID as part of file names gets more problematic when allowing colons. Remove that character from the API and enforce the format in the source code.
2012-11-30 15:20:55 +01:00 · 2012-11-30 15:20:55 +01:00 · 43073081c0
commit 43073081c0
parent 7bfa3f63eb
2 changed files with 19 additions and 3 deletions
--- a/src/dbus/server/pim/manager.cpp
+++ b/src/dbus/server/pim/manager.cpp
@ -33,6 +33,8 @@
 #include <boost/scoped_ptr.hpp>
 #include <deque>

+#include <pcrecpp.h>
+
 SE_BEGIN_CXX

 static const char * const MANAGER_SERVICE = "org._01.pim.contacts";
@ -776,9 +778,18 @@ void Manager::initDatabases()
    m_folks->setDatabases(m_enabledEBooks);
 }

+static void checkPeerUID(const std::string &uid)
+{
+    const pcrecpp::RE re("[-a-z0-9]*");
+    if (!re.FullMatch(uid)) {
+        SE_THROW(StringPrintf("invalid peer uid: %s", uid.c_str()));
+    }
+}
+
 void Manager::setPeer(const boost::shared_ptr<GDBusCXX::Result0> &result,
                      const std::string &uid, const StringMap &properties)
 {
+    checkPeerUID(uid);
    runInSession(StringPrintf("@%s%s",
                              MANAGER_PREFIX,
                              uid.c_str()),
@ -959,6 +970,7 @@ Manager::PeersMap Manager::getAllPeers()
 void Manager::removePeer(const boost::shared_ptr<GDBusCXX::Result0> &result,
                         const std::string &uid)
 {
+    checkPeerUID(uid);
    runInSession(StringPrintf("@%s%s",
                              MANAGER_PREFIX,
                              uid.c_str()),
@ -1023,6 +1035,7 @@ void Manager::doRemovePeer(const boost::shared_ptr<Session> &session,
 void Manager::syncPeer(const boost::shared_ptr<GDBusCXX::Result0> &result,
                       const std::string &uid)
 {
+    checkPeerUID(uid);
    runInSession(StringPrintf("%s@%s%s",
                              MANAGER_LOCAL_CONFIG,
                              MANAGER_PREFIX,
@ -1060,6 +1073,8 @@ void Manager::doSyncPeer(const boost::shared_ptr<Session> &session,
 void Manager::stopSync(const boost::shared_ptr<GDBusCXX::Result0> &result,
                       const std::string &uid)
 {
+    checkPeerUID(uid);
+
    // Fully qualified peer config name. Only used for sync sessions
    // and thus good enough to identify them.
    std::string syncConfigName = StringPrintf("%s@%s%s",
--- a/src/dbus/server/pim/pim-manager-api.txt
+++ b/src/dbus/server/pim/pim-manager-api.txt
@ -34,9 +34,10 @@ that supports CardDAV or a phone with SyncML support.

 Peers are identified by a unique string ID. That ID needs to be
 assigned by the user of this API. The string must not be empty and may
-only contain characters a-z, 0-9, hyphen and colon. No other
-assumptions about its content are made. For example, the phone's
-Bluetooth MAC address could be used.
+only contain characters a-z, 0-9 and hyphen. No other assumptions
+about its content are made. For example, the phone's Bluetooth MAC
+address could be used after removing or replacing the colon and using
+lower case hex characters.

 For an entity that has more than one address book, multiple peers must
 be configured.