From 967eec9db48b7d32720da09ea44c28d7a25c4e45 Mon Sep 17 00:00:00 2001 From: andrewwallacespeckle <139135120+andrewwallacespeckle@users.noreply.github.com> Date: Wed, 12 Feb 2025 15:50:02 +0000 Subject: [PATCH] Sanitize model names in server (#3970) --- packages/frontend-2/lib/projects/helpers/models.ts | 1 + .../server/modules/core/graph/resolvers/models.ts | 13 ++++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/packages/frontend-2/lib/projects/helpers/models.ts b/packages/frontend-2/lib/projects/helpers/models.ts index 2f71f6f69..775b50834 100644 --- a/packages/frontend-2/lib/projects/helpers/models.ts +++ b/packages/frontend-2/lib/projects/helpers/models.ts @@ -22,5 +22,6 @@ export function sanitizeModelName(name: string): string { return name .split('/') .map((part) => part.trim()) + .filter((part) => part.length > 0) .join('/') } diff --git a/packages/server/modules/core/graph/resolvers/models.ts b/packages/server/modules/core/graph/resolvers/models.ts index 1d74bad0a..1c274552d 100644 --- a/packages/server/modules/core/graph/resolvers/models.ts +++ b/packages/server/modules/core/graph/resolvers/models.ts @@ -310,6 +310,17 @@ export = { ctx.resourceAccessRules ) const projectDB = await getProjectDbClient({ projectId: args.input.projectId }) + + // Sanitize model name by trimming spaces around slashes + const sanitizedInput = { + ...args.input, + name: args.input.name + .split('/') + .map((part) => part.trim()) + .filter((part) => part.length > 0) + .join('/') + } + const createBranchAndNotify = createBranchAndNotifyFactory({ getStreamBranchByName: getStreamBranchByNameFactory({ db: projectDB }), createBranch: createBranchFactory({ db: projectDB }), @@ -318,7 +329,7 @@ export = { publish }) }) - return await createBranchAndNotify(args.input, ctx.userId!) + return await createBranchAndNotify(sanitizedInput, ctx.userId!) }, async update(_parent, args, ctx) { await authorizeResolver(