stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

up
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
AOC Guard CI / aoc-guard (push) Has been cancelled
Details
AOC Guard CI / aoc-verify (push) Has been cancelled
Details
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Details
Export Center CI / export-ci (push) Has been cancelled
Details
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
Details
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Details
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Details
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Details
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Details
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Details
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Details
Signals CI & Image / signals-ci (push) Has been cancelled
Details
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Details
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Details

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-13 00:20:26 +02:00
parent e1f1bef4c1
commit 564df71bfb
2376 changed files with 334389 additions and 328032 deletions
Download Patch File Download Diff File Expand all files Collapse all files

220
src/Notify/StellaOps.Notify.WebService/Options/NotifyWebServiceOptionsValidator.cs
View File

@@ -1,119 +1,119 @@
using System;
using System.Linq;
namespace StellaOps.Notify.WebService.Options;
internal static class NotifyWebServiceOptionsValidator
{
public static void Validate(NotifyWebServiceOptions options)
{
ArgumentNullException.ThrowIfNull(options);
ValidateStorage(options.Storage);
ValidateAuthority(options.Authority);
ValidateApi(options.Api);
}
private static void ValidateStorage(NotifyWebServiceOptions.StorageOptions storage)
{
ArgumentNullException.ThrowIfNull(storage);
var driver = storage.Driver ?? string.Empty;
using System;
using System.Linq;
namespace StellaOps.Notify.WebService.Options;
internal static class NotifyWebServiceOptionsValidator
{
public static void Validate(NotifyWebServiceOptions options)
{
ArgumentNullException.ThrowIfNull(options);
ValidateStorage(options.Storage);
ValidateAuthority(options.Authority);
ValidateApi(options.Api);
}
private static void ValidateStorage(NotifyWebServiceOptions.StorageOptions storage)
{
ArgumentNullException.ThrowIfNull(storage);
var driver = storage.Driver ?? string.Empty;
if (!string.Equals(driver, "postgres", StringComparison.OrdinalIgnoreCase))
{
throw new InvalidOperationException($"Unsupported storage driver '{storage.Driver}'. Only 'postgres' is supported after cutover.");
}
}
private static void ValidateAuthority(NotifyWebServiceOptions.AuthorityOptions authority)
{
ArgumentNullException.ThrowIfNull(authority);
if (authority.Enabled)
{
if (string.IsNullOrWhiteSpace(authority.Issuer))
{
throw new InvalidOperationException("notify:authority:issuer must be provided when authority is enabled.");
}
if (authority.Audiences is null || authority.Audiences.Count == 0)
{
throw new InvalidOperationException("notify:authority:audiences must include at least one value.");
}
}
private static void ValidateAuthority(NotifyWebServiceOptions.AuthorityOptions authority)
{
ArgumentNullException.ThrowIfNull(authority);
if (authority.Enabled)
{
if (string.IsNullOrWhiteSpace(authority.Issuer))
{
throw new InvalidOperationException("notify:authority:issuer must be provided when authority is enabled.");
}
if (authority.Audiences is null || authority.Audiences.Count == 0)
{
throw new InvalidOperationException("notify:authority:audiences must include at least one value.");
}
if (string.IsNullOrWhiteSpace(authority.AdminScope)
|| string.IsNullOrWhiteSpace(authority.OperatorScope)
|| string.IsNullOrWhiteSpace(authority.ViewerScope))
{
throw new InvalidOperationException("notify:authority admin, operator, and viewer scopes must be configured.");
}
}
else
{
if (string.IsNullOrWhiteSpace(authority.DevelopmentSigningKey) || authority.DevelopmentSigningKey.Length < 32)
{
throw new InvalidOperationException("notify:authority:developmentSigningKey must be at least 32 characters when authority is disabled.");
}
}
}
private static void ValidateApi(NotifyWebServiceOptions.ApiOptions api)
{
ArgumentNullException.ThrowIfNull(api);
if (!api.BasePath.StartsWith("/", StringComparison.Ordinal))
{
throw new InvalidOperationException("notify:api:basePath must start with '/'.");
}
if (!api.InternalBasePath.StartsWith("/", StringComparison.Ordinal))
{
throw new InvalidOperationException("notify:api:internalBasePath must start with '/'.");
}
if (string.IsNullOrWhiteSpace(api.TenantHeader))
{
throw new InvalidOperationException("notify:api:tenantHeader must be provided.");
}
ValidateRateLimits(api.RateLimits);
}
private static void ValidateRateLimits(NotifyWebServiceOptions.RateLimitOptions rateLimits)
{
ArgumentNullException.ThrowIfNull(rateLimits);
ValidatePolicy(rateLimits.DeliveryHistory, "notify:api:rateLimits:deliveryHistory");
ValidatePolicy(rateLimits.TestSend, "notify:api:rateLimits:testSend");
static void ValidatePolicy(NotifyWebServiceOptions.RateLimitPolicyOptions options, string prefix)
{
ArgumentNullException.ThrowIfNull(options);
if (!options.Enabled)
{
return;
}
if (options.TokenLimit <= 0)
{
throw new InvalidOperationException($"{prefix}:tokenLimit must be positive when enabled.");
}
if (options.TokensPerPeriod <= 0)
{
throw new InvalidOperationException($"{prefix}:tokensPerPeriod must be positive when enabled.");
}
if (options.ReplenishmentPeriodSeconds <= 0)
{
throw new InvalidOperationException($"{prefix}:replenishmentPeriodSeconds must be positive when enabled.");
}
if (options.QueueLimit < 0)
{
throw new InvalidOperationException($"{prefix}:queueLimit cannot be negative.");
}
}
}
}
}
}
else
{
if (string.IsNullOrWhiteSpace(authority.DevelopmentSigningKey) || authority.DevelopmentSigningKey.Length < 32)
{
throw new InvalidOperationException("notify:authority:developmentSigningKey must be at least 32 characters when authority is disabled.");
}
}
}
private static void ValidateApi(NotifyWebServiceOptions.ApiOptions api)
{
ArgumentNullException.ThrowIfNull(api);
if (!api.BasePath.StartsWith("/", StringComparison.Ordinal))
{
throw new InvalidOperationException("notify:api:basePath must start with '/'.");
}
if (!api.InternalBasePath.StartsWith("/", StringComparison.Ordinal))
{
throw new InvalidOperationException("notify:api:internalBasePath must start with '/'.");
}
if (string.IsNullOrWhiteSpace(api.TenantHeader))
{
throw new InvalidOperationException("notify:api:tenantHeader must be provided.");
}
ValidateRateLimits(api.RateLimits);
}
private static void ValidateRateLimits(NotifyWebServiceOptions.RateLimitOptions rateLimits)
{
ArgumentNullException.ThrowIfNull(rateLimits);
ValidatePolicy(rateLimits.DeliveryHistory, "notify:api:rateLimits:deliveryHistory");
ValidatePolicy(rateLimits.TestSend, "notify:api:rateLimits:testSend");
static void ValidatePolicy(NotifyWebServiceOptions.RateLimitPolicyOptions options, string prefix)
{
ArgumentNullException.ThrowIfNull(options);
if (!options.Enabled)
{
return;
}
if (options.TokenLimit <= 0)
{
throw new InvalidOperationException($"{prefix}:tokenLimit must be positive when enabled.");
}
if (options.TokensPerPeriod <= 0)
{
throw new InvalidOperationException($"{prefix}:tokensPerPeriod must be positive when enabled.");
}
if (options.ReplenishmentPeriodSeconds <= 0)
{
throw new InvalidOperationException($"{prefix}:replenishmentPeriodSeconds must be positive when enabled.");
}
if (options.QueueLimit < 0)
{
throw new InvalidOperationException($"{prefix}:queueLimit cannot be negative.");
}
}
}
}