Fix: Autocomplete validation

[thewahome]

Overview

Fixes #2688
Fixes #2461

Demo

These functionalities are disabled as long as the validation flags the URL as invalid

• running a query
• fetching permissions for a query
• showing snippets

Notes

Walking through the resources ensures that we have a working model for the validator to go through. This guarantees that we are working off a known set of resources .
All queries that do not match a known path created by combining segments in the resource tree are marked as invalid which we can validate with certainity

The ABNF rules in the ODATA ABNF repository are documentation intended for human readers. They are not intended for generating a ready-to-use URL parser..

Testing Instructions

• Spin up GE
• Write something crazy on the URL
• Watch for Permissions / snippets / run query

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[calebkiage]

I don't think it's wise to disable features if validation fails. There will be false positives that might make the application unusable. It is also worth noting that even the metadata isn't accurate at this point.

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[darrelmiller]

@calebkiage I don't think this is going to be a concern. The vast majority of imprecision in our metadata is due to us missing restrictions not because of incorrect restrictions.

[calebkiage]

@darrelmiller, my suggestion was to disable the submit button only if:

• The request is not HTTPS
• The request is not to a known graph host

Other validations (e.g. unknown path segment) would show a warning and disable permissions and snippets requests but still allow sending the request. The server would return a 404 anyway.

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://jolly-sand-0ac78c710-2811.centralus.azurestaticapps.net

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information