U hIV@sdZddlZddlZddlZddlmZddlmZddl m Z ddZ dd Z d d Zd d ZddZddZddZddZddZddZddZddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-Zd.d/Z d0d1Z!d2d3Z"d4d5Z#d6d7Z$d8d9Z%d:d;Z&dS)"\']z javascript:zdata:zfile:z+URL contains potentially malicious content.N)rr_urllibparseurlparseschemehostnamelower startswithendswithresearch IGNORECASE)value url_validatorparsedZsuspicious_patternspatternr9/var/www/html/StreamProcessor/src/apps/core/validators.pyvalidate_hls_url s,      rc ssttddkr$ttddr^ddddd g}tfd d |Ds^ttd d ddddddddg }tfdd |DrttdtdkrttddS)z Validate file path for security and format. Args: value (str): File path to validate Raises: ValidationError: If path is invalid or insecure zFile path cannot be empty.z..z(Path traversal attempts are not allowed./z/tmp/z /var/tmp/z /opt/streams/z/data/streams/z /app/media/c3s|]}|VqdSN)r).0prefixrrr Zsz%validate_file_path..z.Absolute paths must be in allowed directories.<>"'&|;`$c3s|]}|kVqdSrr)rcharrrrr _sz&File path contains invalid characters.iz+File path is too long (max 500 characters).N)rrranylen)rZallowed_prefixesZsuspicious_charsrrrvalidate_file_path?s$       r-cCs<t||dr|d}dtj|kr8ttddS)z Validate directory path for security and format. Args: value (str): Directory path to validate Raises: ValidationError: If path is invalid or insecure r.z+Path appears to be a file, not a directory.N)r-rrstripospathbasenamerrrrrrvalidate_directory_pathgs   r3cs0t|tsttddfdd |dS)z Validate JSON configuration for notification channels. Args: value (dict): Configuration dictionary to validate Raises: ValidationError: If configuration is invalid z*Configuration must be a valid JSON object.cst|trP|D]:\}}td|s8ttd|||d|qnJt|trtd|tj r|ttd|td|rttd|dS)N^[a-zA-Z_][a-zA-Z0-9_]*$zInvalid configuration key: r..check_suspicious_contentN)r4)r8r9rrrrr@rvalidate_json_configuration}s  rBcCsddg}|D]:}||kr*ttd|||s ttd|dq |d}td|shttdt|d}td|sttd d S) z Validate Telegram notification configuration. Args: config (dict): Telegram configuration Raises: ValidationError: If configuration is invalid bot_tokenchat_idMissing required field: Field  cannot be emptyz^\d+:[A-Za-z0-9_-]+$z"Invalid Telegram bot token format.z^-?\d+$z Invalid Telegram chat ID format.N)rrrr;r<)configrequired_fieldsfieldrCrDrrrvalidate_telegram_configs     rKc Csddddg}|D]:}||kr.ttd|||sttd|dq|d}td|slttd z2t|d}d |krd ksnttd Wn$ttfk rttd YnXddlm}|}z||dWn"tk rttdYnXdS)z Validate email notification configuration. Args: config (dict): Email configuration Raises: ValidationError: If configuration is invalid smtp_hostZ smtp_portusernamepasswordrErFrGz^[a-zA-Z0-9.-]+$zInvalid SMTP host format.iz&SMTP port must be between 1 and 65535.z"SMTP port must be a valid integer.r)EmailValidatorzInvalid email address format.N) rrrr;int ValueError TypeErrordjango.core.validatorsrP)rHrIrJrLportrPZemail_validatorrrrvalidate_email_configs*     rVcCs6ddg}|D]:}||kr*ttd|||s ttd|dq t}z||dWn tk r~ttdYnXddd d g}|d|krttd d |d |kr2|d }t|tsttd|D]L\}}t|trt|tsttd| dkrttd|dqdS)z Validate webhook notification configuration. Args: config (dict): Webhook configuration Raises: ValidationError: If configuration is invalid urlmethodrErFrGzInvalid webhook URL format.GETPOSTPUTPATCHzHTTP method must be one of: , headersz$Headers must be a valid JSON object.z(Header names and values must be strings.)hostzcontent-lengthzHeader z is not allowed.N) rrrupperjoinr8r9r:r<r)rHrIrJrZallowed_methodsr^ header_name header_valuerrrvalidate_webhook_configs.       rdcCs|r |sttdtd|tjr4ttdtd|rLttdtd|}|D]*}|}td|s\ttd|q\t|d krttd d S) z Validate notification template content for security. Args: value (str): Template content to validate Raises: ValidationError: If template contains unsafe content z!Template content cannot be empty.r6z0Template contains potentially malicious content.r7z3Template contains potentially dangerous characters.z\{\{([^}]+)\}\}r5zInvalid template variable: iz3Template content is too long (max 5000 characters).N) striprrrrrfindallr;r,)rZ template_varsvarrrrvalidate_template_contents        rhcCs@t|ttfsttdd|kr.dksi"ViDiiwizSample rate must be one of: r]z Hz.N)rprrramapr<)rZ valid_ratesrrrvalidate_sample_rates rcCs.t|d|krdks*nttddS)z Validate audio channel count. Args: value (int): Number of audio channels Raises: ValidationError: If channel count is invalid rOz'Audio channels must be between 1 and 8.Nrrrrrrvalidate_audio_channelss rcCs@t|ttfsttdd|kr.dksSlug can only contain lowercase letters, numbers, and hyphens.-z'Slug cannot start or end with a hyphen.z--z(Slug cannot contain consecutive hyphens.2z.Slug must be between 3 and 50 characters long.N)rrrr;rrr,rrrrvalidate_slug_formats      rcCsz|r |sttd|}td|r8ttdtd|rPttddt|krhdksvnttdd S) z Validate name format for display purposes. Args: value (str): Name to validate Raises: ValidationError: If name format is invalid zName cannot be empty.z[<>]zName cannot contain HTML tags.[\x00-\x1f\x7f]z'Name cannot contain control characters.rtz/Name must be between 2 and 100 characters long.N)rerrrrr,rrrrvalidate_name_format1s      rcCs<t|tsttdd|kr*dks8nttddS)z Validate priority value. Args: value (int): Priority value Raises: ValidationError: If priority is invalid zPriority must be an integer.rOrvz"Priority must be between 1 and 10.Nrorrrrvalidate_priorityMs  rcCsR|sttdtd|s(ttddt|kr@dksNnttddS)z Validate event type format. Args: value (str): Event type to validate Raises: ValidationError: If event type is invalid zEvent type cannot be empty.z^[a-z][a-z0-9_]*$zREvent type must be in snake_case format (lowercase letters, numbers, underscores).rrz4Event type must be between 3 and 50 characters long.N)rrrr;r,rrrrvalidate_event_type^s    rcCsPt|ddddddg}tj|d}||krLttdd |d S) z Validate image file path and format. Args: value (str): Image file path to validate Raises: ValidationError: If path or format is invalid z.jpgz.jpegz.pngz.bmpz.tiffz.webprOz.Image file must have one of these extensions: r]N)r-r0r1splitextrrrra)rZvalid_extensionsfile_extrrrvalidate_image_file_pathts rcCsDt|ts|Stdd|}tdd|}ddl}||}|S)z Sanitize user input for safe storage and display. Args: value (str): Input to sanitize Returns: str: Sanitized input rr4z\s+ rN)r8r<rsubrehtmlescape)rrrrrsanitize_user_inputs  rc st|tsttdd fdd |D]\}}||q,ddl}z&||}t|dkrlttdWn$tt fk rttd YnXdS) z Validate context data for templates and notifications. Args: context (dict): Context data to validate Raises: ValidationError: If context data is invalid zContext must be a dictionary.r4cs|r|d|n|}td|s4ttd|t|trt|dkr\ttd|td|tjr~ttd|nt|t r| D]\}}|||qnht|t rt |D](\}}t|tt frd|||qn*t|t tttdfsttd |dS) Nr.r5zInvalid context key: izContext value too long: zrr1 current_pathZ nested_key nested_valueiitemvalidate_context_valuerrrs"     z5validate_context_data..validate_context_valuerNi'z%Context data is too large (max 10KB).z'Context data must be JSON serializable.)r4) r8r9rrr:jsondumpsr,rSrR)contextr>rrZ context_jsonrrrvalidate_context_datas     r)'__doc__rr0 urllib.parser django.core.exceptionsrrTrdjango.utils.translationrrrr-r3rBrKrVrdrhrmrnrprsrurwr~rrrrrrrrrrrrrrrrsB   2(#).!