Initial cloud-services repo - gateway service + pkg modules

2026-01-30 23:14:52 -05:00
commit fbb820d7b3
1037 changed files with 171318 additions and 0 deletions
--- a/pkg/validator/pg_order_by.go
+++ b/pkg/validator/pg_order_by.go
@@ -0,0 +1,27 @@
+package validator
+
+import (
+	"regexp"
+	"strings"
+
+	"github.com/go-playground/validator/v10"
+)
+
+// This allows just one order by
+func validateSqlOrderBy(fl validator.FieldLevel) bool {
+	// ensure ORDER BY query section is valid
+	// only letters and numbers
+	// this will prevent the sql injection test from sending an error
+	// because it sets the ORDER BY of a query to
+	// "CASE WHEN (‘1’=’1’) THEN vin ELSE year END asc"
+	strings := strings.Split(fl.Field().String(), " ")
+	ex := regexp.MustCompile(`^[a-zA-Z0-9_]*$`)
+	for _, val := range strings {
+		ok := ex.MatchString(val)
+		if !ok {
+			return false
+		}
+	}
+
+	return true
+}