Skip to content

Commit 414cbb8

Browse files
BarthelemyBarthelemy
committed
CCDB: Sanitize the path and object name
1 parent 6e5167b commit 414cbb8

1 file changed

Lines changed: 17 additions & 4 deletions

File tree

CCDB/src/CcdbApi.cxx

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,20 @@ void CcdbApi::init(std::string host)
4848
curlInit();
4949
}
5050

51+
/**
52+
* Keep only the alphanumeric characters plus '_' plus '/' from the string passed in argument.
53+
* @param objectName
54+
* @return a new string following the rule enounced above.
55+
*/
56+
std::string sanitizeObjectName(const std::string& objectName)
57+
{
58+
string tmpObjectName = objectName;
59+
tmpObjectName.erase(std::remove_if(tmpObjectName.begin(), tmpObjectName.end(),
60+
[]( auto const& c ) -> bool {return (!std::isalnum(c) && c!='_' && c!='/'); } ),
61+
tmpObjectName.end());
62+
return tmpObjectName;
63+
}
64+
5165
void CcdbApi::store(TObject* rootObject, std::string path, std::map<std::string, std::string> metadata,
5266
long startValidityTimestamp, long endValidityTimestamp)
5367
{
@@ -67,18 +81,17 @@ void CcdbApi::store(TObject* rootObject, std::string path, std::map<std::string,
6781
cout << "End of Validity not set, start of validity plus 1 year used." << endl;
6882
sanitizedEndValidityTimestamp = getFutureTimestamp(60 * 60 * 24 * 365);
6983
}
70-
string fullUrl = getFullUrlForStorage(path, metadata, sanitizedStartValidityTimestamp, sanitizedEndValidityTimestamp);
84+
string sanitizedPath = sanitizeObjectName(path);
85+
string fullUrl = getFullUrlForStorage(sanitizedPath, metadata, sanitizedStartValidityTimestamp, sanitizedEndValidityTimestamp);
7186

7287
// Curl preparation
7388
CURL* curl;
7489
struct curl_httppost* formpost = nullptr;
7590
struct curl_httppost* lastptr = nullptr;
7691
struct curl_slist* headerlist = nullptr;
7792
static const char buf[] = "Expect:";
78-
// todo : what is the correct file name ?
7993
string objectName = string(rootObject->GetName());
80-
utils::trim(objectName);
81-
string tmpFileName = objectName + "_" + getTimestampString(getCurrentTimestamp()) + ".root";
94+
string tmpFileName = sanitizeObjectName(objectName) + "_" + getTimestampString(getCurrentTimestamp()) + ".root";
8295
curl_formadd(&formpost,
8396
&lastptr,
8497
CURLFORM_COPYNAME, "send",

0 commit comments

Comments
 (0)