MF - 1590 - Fix fetching list of users with a zero limit (#1594)

* Add max and min limit size Signed-off-by: 0x6f736f646f <blackd0t@protonmail.com> * Format Signed-off-by: 0x6f736f646f <blackd0t@protonmail.com> * Format Signed-off-by: 0x6f736f646f <blackd0t@protonmail.com> Co-authored-by: Dušan Borovčanin <dusan.borovcanin@mainflux.com>
2022-05-09 23:23:19 +03:00 · 2022-05-09 23:23:19 +03:00 · d30e6bad3c
parent c8f841f8f3
commit d30e6bad3c
2 changed files with 17 additions and 0 deletions
--- a/internal/apiutil/errors.go
+++ b/internal/apiutil/errors.go
@ -27,6 +27,9 @@ var (
 	// ErrNameSize indicates that name size exceeds the max.
 	ErrNameSize = errors.New("invalid name size")

+	// ErrEmailSize indicates that email size exceeds the max.
+	ErrEmailSize = errors.New("invalid email size")
+
 	// ErrLimitSize indicates that an invalid limit.
 	ErrLimitSize = errors.New("invalid limit size")

--- a/users/api/requests.go
+++ b/users/api/requests.go
@ -8,6 +8,11 @@ import (
 	"github.com/mainflux/mainflux/users"
 )

+const (
+	maxLimitSize = 100
+	maxEmailSize = 1024
+)
+
 type userReq struct {
 	user users.User
 }
@ -49,6 +54,15 @@ func (req listUsersReq) validate() error {
 	if req.token == "" {
 		return apiutil.ErrBearerToken
 	}
+
+	if req.limit > maxLimitSize || req.limit < 1 {
+		return apiutil.ErrLimitSize
+	}
+
+	if len(req.email) > maxEmailSize {
+		return apiutil.ErrEmailSize
+	}
+
 	return nil
 }