RFC: Add IFileUploadValidator to mirror the pattern of the new validator classes #567
Conversation
ivarne
added
area/validation
ivarne
changed the title
ivarne
force-pushed
the
ivarne/fileUploadValidator
branch
from
685f204
to
86ba987
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
src/Altinn.App.Core/Features/Validation/Default/LegacyFileAnalyzerValidator.cs
Fixed
Show fixed
Hide fixed
| foreach (var validatorName in dataType.EnabledFileValidators) | ||
| { | ||
| var validator = _fileValidators.First(v => v.Id == validatorName); | ||
| var (success, issues) = await validator.Validate(dataType, fileAnalysisResults); | ||
| if (!success) | ||
| { | ||
| validationIssues.AddRange(issues); | ||
| } | ||
| } |
Check notice
Code scanning / CodeQL
Missed opportunity to use Select Note
ivarne
force-pushed
the
ivarne/fileUploadValidator
branch
from
86ba987
to
e3cec69
Compare
src/Altinn.App.Core/Features/FileAnalyzis/IFileAnalyserFactory.cs
Outdated
Show resolved
Hide resolved
| /// Implementation of <see cref="IFileUploadValidator"/> that uses the legacy | ||
| /// <see cref="IFileValidator"/> and <see cref="IFileAnalyser"/>. | ||
| /// </summary> | ||
| public class LegacyFileAnalyzerValidator : IFileUploadValidator |
There was a problem hiding this comment.
I think this should be internal and sealed? This was meant to bridge the migration to the the new interfaces right, so we have some expectations from the behavior here?
There was a problem hiding this comment.
I just followed previous practice. Having this internal would make it more awkward for users to unregister this implementation from the DI container, and they would have to do it in a way that does not cause compiler warnings if this implementation is removed. I don't have a strong opinion either way.
There was a problem hiding this comment.
Should users be able to unregister this? I thought it was needed to still support the file analyzer abstraction
There was a problem hiding this comment.
I don't see any reason why we should actively prevent users from unregistering anything and replace it with their own interface implementation.
I also can't find any realistic scenario when you'd actually need to unregister this service, but a contrived example might be if you had a badly behaved IFileAnalyser in a package that should not be constructed for uploads to all DataTypes, but only the ones where it is actually used. A quick fix would be to replace this implementation that inject IEnumerable<IFileAnalysr> with one that fetches from IServiceProvider only when it is actually required.
There was a problem hiding this comment.
It doesn't prevent unregistering though. My impression from previous discussions was that we would be more intentional about type accessibility going forward, and that any modification to public types is a breaking change. That's what I was considering here when reviewing, and so if I consider the tradeoffs between the ergonomics of unregistering and including this as a public API I personally am more worried about adding another public type
src/Altinn.App.Core/Features/Validation/Default/LegacyFileAnalyzerValidator.cs
Outdated
Show resolved
Hide resolved
| "Error while running validator {validatorName} on {dataType} for instance {instanceId}", | ||
| v.GetType().Name, | ||
| dataType.Id, | ||
| instance.Id |
Check failure
Code scanning / CodeQL
Log entries created from user input High
| "Start running validator {validatorName} on {dataType} for instance {instanceId}", | ||
| v.GetType().Name, | ||
| dataType.Id, | ||
| instance.Id |
Check failure
Code scanning / CodeQL
Log entries created from user input High
|
|
Some service owners has asked for validation of uploaded files. Since we decided to use a new approach for the new validation classes, I think it would make sense to provide a new interface
IFileUploadValidatorto provide a way that follows the same patterns as the new validation interfaces to validate file uploads.Description
IFileValidatorandIFileAnalyserare registered in custom fields on theDataTypeobject in applicationmetadata.json. All the other new validation interfaces uses a different pattern where the validator has aDataType/TaskIdfield to configure when it should be executed.This PR:
IFileUploadValidatorinterface to match the new validation interfaces (including language parameter)LegacyFileAnalyzerValidatorthat ensuresIFileValidator/IFileAnalysercontinue to work in a backwards compatible way.ValidationService/ValidationFactory.Related Issue(s)
Verification
Documentation