fix: reject invalid thing and group names (#1655)

aws-greengrass · Aug 22, 2024 · e9ba36e · e9ba36e
1 parent 104d579
commit e9ba36e
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 0 deletions.
diff --git a/src/main/java/com/aws/greengrass/easysetup/GreengrassSetup.java b/src/main/java/com/aws/greengrass/easysetup/GreengrassSetup.java
@@ -515,6 +515,13 @@ private String peekArg() {
     }
 
     void provision(Kernel kernel) throws IOException, DeviceConfigurationException {
+        if (thingName.contains(":")) {
+            throw new RuntimeException("Thing name cannot contain colon characters");
+        }
+        if (!Utils.isEmpty(thingGroupName) && thingGroupName.contains(":")) {
+            throw new RuntimeException("Thing group name cannot contain colon characters");
+        }
+
         outStream.printf("Provisioning AWS IoT resources for the device with IoT Thing Name: [%s]...%n", thingName);
         // handle endpoints provided by external config
         String iotDataEndpoint  = Coerce.toString(kernel.getConfig().find(SERVICES_NAMESPACE_TOPIC,

diff --git a/src/test/java/com/aws/greengrass/easysetup/GreengrassSetupTest.java b/src/test/java/com/aws/greengrass/easysetup/GreengrassSetupTest.java
@@ -25,6 +25,7 @@
 import org.junit.jupiter.params.provider.Arguments;
 import org.junit.jupiter.params.provider.CsvSource;
 import org.junit.jupiter.params.provider.MethodSource;
+import org.junit.jupiter.params.provider.ValueSource;
 import org.mockito.Answers;
 import org.mockito.ArgumentCaptor;
 import org.mockito.Mock;
@@ -40,6 +41,7 @@
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.hasItems;
+import static org.hamcrest.Matchers.is;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.mockito.ArgumentMatchers.any;
@@ -487,4 +489,42 @@ void GIVEN_setup_script_WHEN_trusted_plugin_provided_THEN_jar_copied_to_trusted_
         greengrassSetup.performSetup();
         assertTrue(Files.exists(mockTrustedDirectory.resolve(Utils.namePart(pluginJarPath.toString()))));
     }
+
+    @ParameterizedTest
+    @ValueSource(strings = {"group:", "group:1", "group:1:"})
+    void GIVEN_invalid_thing_group_name_WHEN_script_is_used_THEN_error(String groupName, ExtensionContext context) {
+        ignoreExceptionUltimateCauseOfType(context, IOException.class);
+        Kernel realKernel = new Kernel();
+        greengrassSetup =
+                new GreengrassSetup(System.out, System.err, deviceProvisioningHelper, platform, kernel, "--config",
+                        "mock_config_path", "--root", "mock_root", "--thing-name", "mock_thing_name",
+                        "--thing-group-name", groupName, "--thing-policy-name", "mock_thing_policy_name",
+                        "--tes-role-name", "mock_tes_role_name", "--tes-role-alias-name", "mock_tes_role_alias_name",
+                        "--provision", "--aws-region","us-east-1", "-ss", "false");
+        Exception e = assertThrows(RuntimeException.class, () -> {
+            greengrassSetup.parseArgs();
+            greengrassSetup.performSetup();
+        });
+        realKernel.shutdown();
+        assertThat(e.getMessage(), is("Thing group name cannot contain colon characters"));
+    }
+
+    @ParameterizedTest
+    @ValueSource(strings = {"thing:", "thing:1", "thing:1:"})
+    void GIVEN_invalid_thing_name_WHEN_script_is_used_THEN_error(String thingName, ExtensionContext context) {
+        ignoreExceptionUltimateCauseOfType(context, IOException.class);
+        Kernel realKernel = new Kernel();
+        greengrassSetup =
+                new GreengrassSetup(System.out, System.err, deviceProvisioningHelper, platform, kernel, "--config",
+                        "mock_config_path", "--root", "mock_root", "--thing-name", thingName,
+                        "--thing-group-name", "group", "--thing-policy-name", "mock_thing_policy_name",
+                        "--tes-role-name", "mock_tes_role_name", "--tes-role-alias-name", "mock_tes_role_alias_name",
+                        "--provision", "--aws-region","us-east-1", "-ss", "false");
+        Exception e = assertThrows(RuntimeException.class, () -> {
+            greengrassSetup.parseArgs();
+            greengrassSetup.performSetup();
+        });
+        realKernel.shutdown();
+        assertThat(e.getMessage(), is("Thing name cannot contain colon characters"));
+    }
 }