Add basic jsonschema validation

2025-09-13 07:19:07 +00:00 · 2023-10-09 23:17:17 +02:00 · 2023-10-09 23:17:17 +02:00 · 6850d134fb
commit 6850d134fb
parent 3fefb7ca7c
7 changed files with 126 additions and 0 deletions
--- a/internal/validation/schema.go
+++ b/internal/validation/schema.go
@ -0,0 +1,40 @@
+package validation
+
+import (
+	"embed"
+	"fmt"
+	"path/filepath"
+
+	"github.com/santhosh-tekuri/jsonschema/v5"
+)
+
+//go:embed schemas/*.schema.json
+var schemasFS embed.FS
+var schema *jsonschema.Schema
+
+func init() {
+	all, err := schemasFS.ReadDir("schemas")
+	if err != nil {
+		panic(fmt.Errorf("Reading Schemas: %w", err))
+	}
+
+	c := jsonschema.NewCompiler()
+
+	for _, f := range all {
+		data, err := schemasFS.Open(filepath.Join("schemas", f.Name()))
+		if err != nil {
+			panic(fmt.Errorf("Reading Schema: %w", err))
+		}
+		err = c.AddResource("https://nfsense.net/"+f.Name(), data)
+		if err != nil {
+			panic(fmt.Errorf("Adding Schema: %w", err))
+		}
+	}
+
+	s, err := c.Compile("https://nfsense.net/config.schema.json")
+	if err != nil {
+		panic(fmt.Errorf("Reading Schemas: %w", err))
+	}
+
+	schema = s
+}
--- a/internal/validation/schemas/config.schema.json
+++ b/internal/validation/schemas/config.schema.json
@ -0,0 +1,30 @@
+{
+    "$id": "https://nfsense.net/config.schema.json",
+    "title": "Config",
+    "type": "object",
+    "properties": {
+        "config_version": {
+            "type": "number"
+        },
+        "firewall": {
+            "type": ["number","string","boolean","object","array", "null"]
+        },
+        "object": {
+            "type": ["number","string","boolean","object","array", "null"]
+        },
+        "network": {
+            "type": ["number","string","boolean","object","array", "null"]
+        },
+        "service": {
+            "type": ["number","string","boolean","object","array", "null"]
+        },
+        "vpn": {
+            "type": ["number","string","boolean","object","array", "null"]
+        },
+        "system": {
+            "description": "System Settings",
+            "$ref": "https://nfsense.net/system.schema.json"
+        }
+    },
+    "required": ["config_version", "firewall", "object", "network", "service", "vpn", "system"]
+}
--- a/internal/validation/schemas/system.schema.json
+++ b/internal/validation/schemas/system.schema.json
@ -0,0 +1,26 @@
+{
+    "$id": "https://nfsense.net/system.schema.json",
+    "title": "System",
+    "type": "object",
+    "properties": {
+        "users": {
+            "type": "object",
+            "additionalProperties": {
+                "type": "object",
+                "properties": {
+                    "comment": {
+                        "type": "string"
+                    },
+                    "hash": {
+                        "type": "string"
+                    },
+                    "salt": {
+                        "type": "string"
+                    }
+                },
+            "required": ["hash", "salt"]
+            }
+        }
+    },
+    "required": ["users"]
+}
--- a/internal/validation/validation.go
+++ b/internal/validation/validation.go
@ -0,0 +1,22 @@
+package validation
+
+import (
+	"encoding/json"
+	"fmt"
+)
+
+func ValidateConfig(conf any) error {
+
+	// TODO find a better way validate config since jsonschema only takes a map[string]interface{}
+	data, err := json.Marshal(conf)
+	if err != nil {
+		panic(fmt.Errorf("Marshal Error: %w", err))
+	}
+	var clone any
+	err = json.Unmarshal(data, &clone)
+	if err != nil {
+		panic(fmt.Errorf("Unmarshal Error: %w", err))
+	}
+
+	return schema.Validate(clone)
+}