package validation import ( "fmt" "regexp" "strings" "unicode/utf8" ) // ValidationError represents a validation error with user-friendly message type ValidationError struct { Field string `json:"field"` Message string `json:"message"` Code string `json:"code"` } func (e ValidationError) Error() string { return fmt.Sprintf("validation error on field '%s': %s", e.Field, e.Message) } // ValidateFileHash validates a SHA-256 hash func ValidateFileHash(hash string) error { if hash == "" { return ValidationError{ Field: "hash", Message: "File hash is required", Code: "required", } } if len(hash) != 64 { return ValidationError{ Field: "hash", Message: "File hash must be exactly 64 characters long", Code: "invalid_length", } } // Check if it's valid hexadecimal matched, _ := regexp.MatchString("^[a-fA-F0-9]+$", hash) if !matched { return ValidationError{ Field: "hash", Message: "File hash must contain only hexadecimal characters (0-9, a-f)", Code: "invalid_format", } } return nil } // ValidateFileName validates a filename func ValidateFileName(filename string) error { if filename == "" { return ValidationError{ Field: "filename", Message: "Filename is required", Code: "required", } } if len(filename) > 255 { return ValidationError{ Field: "filename", Message: "Filename must be 255 characters or less", Code: "too_long", } } if !utf8.ValidString(filename) { return ValidationError{ Field: "filename", Message: "Filename must be valid UTF-8", Code: "invalid_encoding", } } // Check for dangerous characters dangerous := []string{"..", "/", "\\", ":", "*", "?", "\"", "<", ">", "|"} for _, char := range dangerous { if strings.Contains(filename, char) { return ValidationError{ Field: "filename", Message: fmt.Sprintf("Filename cannot contain '%s' character", char), Code: "invalid_character", } } } // Check for control characters for _, r := range filename { if r < 32 && r != 9 { // Allow tab but not other control chars return ValidationError{ Field: "filename", Message: "Filename cannot contain control characters", Code: "invalid_character", } } } return nil } // ValidateAccessLevel validates file access level func ValidateAccessLevel(level string) error { if level == "" { return ValidationError{ Field: "access_level", Message: "Access level is required", Code: "required", } } validLevels := []string{"public", "private"} for _, valid := range validLevels { if level == valid { return nil } } return ValidationError{ Field: "access_level", Message: "Access level must be either 'public' or 'private'", Code: "invalid_value", } } // ValidateNostrPubkey validates a Nostr public key func ValidateNostrPubkey(pubkey string) error { if pubkey == "" { return ValidationError{ Field: "pubkey", Message: "Public key is required", Code: "required", } } if len(pubkey) != 64 { return ValidationError{ Field: "pubkey", Message: "Public key must be exactly 64 characters long", Code: "invalid_length", } } // Check if it's valid hexadecimal matched, _ := regexp.MatchString("^[a-fA-F0-9]+$", pubkey) if !matched { return ValidationError{ Field: "pubkey", Message: "Public key must contain only hexadecimal characters (0-9, a-f)", Code: "invalid_format", } } return nil } // ValidateBunkerURL validates a NIP-46 bunker URL func ValidateBunkerURL(url string) error { if url == "" { return ValidationError{ Field: "bunker_url", Message: "Bunker URL is required", Code: "required", } } if !strings.HasPrefix(url, "bunker://") && !strings.HasPrefix(url, "nostrconnect://") { return ValidationError{ Field: "bunker_url", Message: "Bunker URL must start with 'bunker://' or 'nostrconnect://'", Code: "invalid_format", } } if len(url) > 1000 { return ValidationError{ Field: "bunker_url", Message: "Bunker URL is too long (max 1000 characters)", Code: "too_long", } } return nil } // ValidateFileSize validates file size against limits func ValidateFileSize(size int64, maxSize int64) error { if size <= 0 { return ValidationError{ Field: "file_size", Message: "File size must be greater than 0", Code: "invalid_value", } } if maxSize > 0 && size > maxSize { return ValidationError{ Field: "file_size", Message: fmt.Sprintf("File size (%d bytes) exceeds maximum allowed size (%d bytes)", size, maxSize), Code: "too_large", } } return nil } // SanitizeInput removes dangerous characters from user input func SanitizeInput(input string) string { // Remove null bytes and control characters except tab, newline, carriage return result := strings.Map(func(r rune) rune { if r == 0 || (r < 32 && r != 9 && r != 10 && r != 13) { return -1 } return r }, input) // Trim whitespace result = strings.TrimSpace(result) return result } // ValidateMultipleFields validates multiple fields and returns all errors func ValidateMultipleFields(validators map[string]func() error) []ValidationError { var errors []ValidationError for field, validator := range validators { if err := validator(); err != nil { if valErr, ok := err.(ValidationError); ok { errors = append(errors, valErr) } else { errors = append(errors, ValidationError{ Field: field, Message: err.Error(), Code: "validation_failed", }) } } } return errors } // FormatValidationErrors formats multiple validation errors into user-friendly message func FormatValidationErrors(errors []ValidationError) string { if len(errors) == 0 { return "" } if len(errors) == 1 { return errors[0].Message } var messages []string for _, err := range errors { messages = append(messages, fmt.Sprintf("• %s", err.Message)) } return fmt.Sprintf("Please fix the following issues:\n%s", strings.Join(messages, "\n")) }