diff --git a/packages/twenty-server/src/metadata/decorators/is-valid-name.decorator.ts b/packages/twenty-server/src/metadata/decorators/is-valid-name.decorator.ts new file mode 100644 index 0000000000..8bb2ac60de --- /dev/null +++ b/packages/twenty-server/src/metadata/decorators/is-valid-name.decorator.ts @@ -0,0 +1,24 @@ +import { + registerDecorator, + ValidationOptions, + ValidationArguments, +} from 'class-validator'; + +export function IsValidName(validationOptions?: ValidationOptions) { + return function (object: object, propertyName: string) { + registerDecorator({ + name: 'IsValidName', + target: object.constructor, + propertyName: propertyName, + options: validationOptions, + validator: { + validate(value: any) { + return /^(?!(?:not|or|and)$)[^'\"\\;.=*/]+$/.test(value); + }, + defaultMessage(args: ValidationArguments) { + return `${args.property} has failed the name validation check`; + }, + }, + }); + }; +} diff --git a/packages/twenty-server/src/metadata/field-metadata/dtos/field-metadata.dto.ts b/packages/twenty-server/src/metadata/field-metadata/dtos/field-metadata.dto.ts index 5c77c74888..2b3ffa7e0d 100644 --- a/packages/twenty-server/src/metadata/field-metadata/dtos/field-metadata.dto.ts +++ b/packages/twenty-server/src/metadata/field-metadata/dtos/field-metadata.dto.ts @@ -34,6 +34,7 @@ import { FieldMetadataType } from 'src/metadata/field-metadata/field-metadata.en import { BeforeDeleteOneField } from 'src/metadata/field-metadata/hooks/before-delete-one-field.hook'; import { IsFieldMetadataDefaultValue } from 'src/metadata/field-metadata/validators/is-field-metadata-default-value.validator'; import { IsFieldMetadataOptions } from 'src/metadata/field-metadata/validators/is-field-metadata-options.validator'; +import { IsValidName } from 'src/metadata/decorators/is-valid-name.decorator'; registerEnumType(FieldMetadataType, { name: 'FieldMetadataType', @@ -74,6 +75,7 @@ export class FieldMetadataDTO< @IsString() @IsNotEmpty() @Field() + @IsValidName() name: string; @IsString() diff --git a/packages/twenty-server/src/metadata/object-metadata/dtos/create-object.input.ts b/packages/twenty-server/src/metadata/object-metadata/dtos/create-object.input.ts index ce3e534fab..7691925307 100644 --- a/packages/twenty-server/src/metadata/object-metadata/dtos/create-object.input.ts +++ b/packages/twenty-server/src/metadata/object-metadata/dtos/create-object.input.ts @@ -3,6 +3,7 @@ import { Field, HideField, InputType } from '@nestjs/graphql'; import { BeforeCreateOne } from '@ptc-org/nestjs-query-graphql'; import { IsNotEmpty, IsOptional, IsString, IsUUID } from 'class-validator'; +import { IsValidName } from 'src/metadata/decorators/is-valid-name.decorator'; import { BeforeCreateOneObject } from 'src/metadata/object-metadata/hooks/before-create-one-object.hook'; @InputType() @@ -11,11 +12,13 @@ export class CreateObjectInput { @IsString() @IsNotEmpty() @Field() + @IsValidName() nameSingular: string; @IsString() @IsNotEmpty() @Field() + @IsValidName() namePlural: string; @IsString() diff --git a/packages/twenty-server/src/metadata/object-metadata/dtos/update-object.input.ts b/packages/twenty-server/src/metadata/object-metadata/dtos/update-object.input.ts index bccc49ea29..444a053202 100644 --- a/packages/twenty-server/src/metadata/object-metadata/dtos/update-object.input.ts +++ b/packages/twenty-server/src/metadata/object-metadata/dtos/update-object.input.ts @@ -3,6 +3,7 @@ import { Field, InputType } from '@nestjs/graphql'; import { BeforeUpdateOne } from '@ptc-org/nestjs-query-graphql'; import { IsBoolean, IsOptional, IsString, IsUUID } from 'class-validator'; +import { IsValidName } from 'src/metadata/decorators/is-valid-name.decorator'; import { BeforeUpdateOneObject } from 'src/metadata/object-metadata/hooks/before-update-one-object.hook'; @InputType() @@ -21,11 +22,13 @@ export class UpdateObjectInput { @IsString() @IsOptional() @Field({ nullable: true }) + @IsValidName() nameSingular?: string; @IsString() @IsOptional() @Field({ nullable: true }) + @IsValidName() namePlural?: string; @IsString()