chore: addressing next batch of comments

Author: d-jeffery

pkg/java/src/main/java/dev/openfga/language/validation/ValidationOptions.java

@@ -2,8 +2,8 @@
 
 public class ValidationOptions {
 
-    private static final String DEFAULT_TYPE_PATTERN = "^[^:#@\\s]{1,254}$";
-    private static final String DEFAULT_RELATION_PATTERN = "^[^:#@\\s]{1,50}$";
+    private static final String DEFAULT_TYPE_PATTERN = "^[^:#@\\*\\s]{1,254}$";
+    private static final String DEFAULT_RELATION_PATTERN = "^[^:#@\\*\\s]{1,50}$";
 
     private String typePattern = DEFAULT_TYPE_PATTERN;
     private String relationPattern = DEFAULT_RELATION_PATTERN;

pkg/js/validator/validate-rules.ts

@@ -2,14 +2,14 @@ export const Rules = {
   type: "[^:#@\\*\\s]{1,254}",
   relation: "[^:#@\\*\\s]{1,50}",
   condition: "[^\\*\\s]{2,256}",
-  object: "[^\\s]{2,256}",
   id: "[^#:\\*\\s]+",
+  object: "[^\\s]{2,256}",
 };
 
 export const Validate = {
   // An Object is composed of a type and identifier (e.g. 'document:1')
   object: (object: string): boolean => {
-    return validateFieldValue(`^${Rules.type}:${Rules.id}$`, object);
+    return validateFieldValue(`^${Rules.type}:${Rules.id}$`, object) && validateFieldValue(`^${Rules.object}$`, object);
   },
   // Relation reference
   relation: (relation: string): boolean => {
@@ -21,7 +21,10 @@ export const Validate = {
   },
   // User is composed of type and identifier (e.g. 'group:engineering')
   userObject: (userObject: string): boolean => {
-    return validateFieldValue(`^${Rules.type}:${Rules.id}$`, userObject);
+    return (
+      validateFieldValue(`^${Rules.type}:${Rules.id}$`, userObject) &&
+      validateFieldValue(`^${Rules.object}$`, userObject)
+    );
   },
   // User is composed of type, and a wildcard (e.g. 'group:*')
   userWildcard: (userWildcard: string): boolean => {

pkg/js/validator/validate-store.ts

@@ -164,23 +164,49 @@ function mapTuple(tuple: TupleKey): RelationReference {
   };
 }
 
+function parseObjectString(object: string): { type: string; id: string } {
+  const result = object.split(":");
+  return { type: result[0], id: result[1] };
+}
+
+function parseUserString(user: string): {
+  type: string;
+  id: string | undefined;
+  relation: string | undefined;
+  wildcard: boolean;
+} {
+  const result = user.split(":");
+  const type = result[0];
+
+  if (result[1] === "*") {
+    return { type, id: undefined, relation: undefined, wildcard: true };
+  }
+
+  if (result[1].includes("#")) {
+    const [id, relation] = result[1].split("#");
+    return { type, id, relation, wildcard: false };
+  }
+
+  return { type, id: result[1], relation: undefined, wildcard: false };
+}
+
 // Validation for Types
 
 function validateTypes(tuple: TupleKey, types: string[], instancePath: string): boolean {
   const errors = [];
 
-  const user = tuple.user.split(":")[0];
+  const userType = parseUserString(tuple.user).type;
 
   // Ensure valid type of user
-  if (!types.includes(user)) {
-    errors.push(invalidType(user, types, instancePath + "/user"));
+  if (!types.includes(userType)) {
+    errors.push(invalidType(userType, types, instancePath + "/user"));
   }
 
-  const object = tuple.object.split(":")[0];
+  const objectType = parseObjectString(tuple.object).type;
 
   // Ensure valid type of object
-  if (!types.includes(object)) {
-    errors.push(invalidType(object, types, instancePath + "/object"));
+  if (!types.includes(objectType)) {
+    errors.push(invalidType(objectType, types, instancePath + "/object"));
   }
 
   // Report all errors
@@ -198,22 +224,26 @@ function validateRelation(tuple: TupleKey, typeDefs: TypeDefinition[], instanceP
   // Check if relation exists on given type
   let doesExistOnType = false;
   if (tuple.user.includes("#")) {
-    const user = tuple.user.split(":")[0];
-    const userRelation = tuple.user.split("#")[1];
+    const userResult = parseUserString(tuple.user);
     for (const typeDef of typeDefs) {
-      if (typeDef && typeDef.type === user && typeDef.relations?.[userRelation]) {
+      if (
+        typeDef &&
+        typeDef.type === userResult.type &&
+        userResult.relation &&
+        typeDef.relations?.[userResult.relation]
+      ) {
         doesExistOnType = true;
         break;
       }
     }
 
-    if (!doesExistOnType) {
-      errors.push(relationMustExistOnType(userRelation, user, instancePath + "/user"));
+    if (!doesExistOnType && userResult.relation) {
+      errors.push(relationMustExistOnType(userResult.relation, userResult.type, instancePath + "/user"));
     }
   }
 
   // Check if relation exists on given object
-  const objectType = tuple.object.split(":")[0];
+  const objectType = parseObjectString(tuple.object).type;
   let doesExistOnObject = false;
   for (const typeDef of typeDefs) {
     if (typeDef && typeDef.type === objectType && typeDef.relations?.[tuple.relation]) {
@@ -256,7 +286,7 @@ function validateTypeRestrictions(
   validateTuple.errors = validateTuple.errors || [];
 
   const mappedTuple = mapTuple(tuple);
-  const type = tuple.object.split(":")[0];
+  const type = parseObjectString(tuple.object).type;
   const foundType = typeDefs.filter((t) => t.type === type)[0];
   const userTypes = foundType?.metadata?.relations?.[tuple.relation].directly_related_user_types;
 
@@ -349,7 +379,7 @@ const validateTuple: SchemaValidateFunction = function (
 // Validate the type field for check and list_objects
 function validateUserField(model: AuthorizationModel, types: string[], userField: string, instancePath: string) {
   const errors = [];
-  const foundType = userField.split(":")[0];
+  const foundType = parseUserString(userField).type;
 
   // Ensure valid type
   if (!types.includes(foundType)) {
@@ -434,11 +464,11 @@ function validateCheck(
 
   if (checkTest.object && isStringValue(checkTest.object)) {
     const checkObject = checkTest.object;
-    const object = checkObject.split(":")[0];
+    const objectType = parseObjectString(checkObject).type;
 
     // Ensure valid type of object
-    if (!types.includes(object)) {
-      objectErrors.push(invalidTypeUser(object, types, instancePath + "/object"));
+    if (!types.includes(objectType)) {
+      objectErrors.push(invalidTypeUser(objectType, types, instancePath + "/object"));
     }
 
     if (!objectErrors.length) {
@@ -447,7 +477,7 @@ function validateCheck(
       }
     }
 
-    objectErrors.push(...validateAssertionField(model, object, checkTest.assertions, instancePath));
+    objectErrors.push(...validateAssertionField(model, objectType, checkTest.assertions, instancePath));
   }
 
   const context = checkTest.context;
@@ -520,11 +550,11 @@ function validateListUsers(
   if (listUsers && isStringValue(listUsers.object)) {
     const listUserObj = listUsers.object;
 
-    const object = listUserObj.split(":")[0];
+    const objectType = parseObjectString(listUserObj).type;
 
     // Ensure valid type of object
-    if (!types.includes(object)) {
-      errors.push(invalidTypeUser(object, types, instancePath + "/object"));
+    if (!types.includes(objectType)) {
+      errors.push(invalidTypeUser(objectType, types, instancePath + "/object"));
     }
 
     if (!errors.length) {