add validation for name and description for model model group and connector resources (#3805)

* add validation for name and description for model model group and connector resources

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

* addressing comment, added a common method in utils to remove code redundnancy

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

* making more flexible the regex pattern

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

* removing restriction of 1000 characters

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

* addressing comments

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

* fixing unit test messages

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

* fixing unit test assertion

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

* adding a generic way so that we can check for optional or required field too

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

---------

Signed-off-by: Dhrubo Saha <dhrubo@amazon.com>

Author: dhrubo-os

common/src/main/java/org/opensearch/ml/common/transport/connector/MLCreateConnectorRequest.java

@@ -6,18 +6,22 @@
 package org.opensearch.ml.common.transport.connector;
 
 import static org.opensearch.action.ValidateActions.addValidationError;
+import static org.opensearch.ml.common.utils.StringUtils.validateFields;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.UncheckedIOException;
+import java.util.HashMap;
+import java.util.Map;
 
 import org.opensearch.action.ActionRequest;
 import org.opensearch.action.ActionRequestValidationException;
 import org.opensearch.core.common.io.stream.InputStreamStreamInput;
 import org.opensearch.core.common.io.stream.OutputStreamStreamOutput;
 import org.opensearch.core.common.io.stream.StreamInput;
 import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.ml.common.utils.FieldDescriptor;
 
 import lombok.Builder;
 import lombok.Getter;
@@ -38,12 +42,14 @@ public MLCreateConnectorRequest(StreamInput in) throws IOException {
 
     @Override
     public ActionRequestValidationException validate() {
-        ActionRequestValidationException exception = null;
         if (mlCreateConnectorInput == null) {
-            exception = addValidationError("ML Connector input can't be null", exception);
+            return addValidationError("ML Connector input can't be null", null);
         }
+        Map<String, FieldDescriptor> fieldsToValidate = new HashMap<>();
+        fieldsToValidate.put("Model connector name", new FieldDescriptor(mlCreateConnectorInput.getName(), true));
+        fieldsToValidate.put("Model connector description", new FieldDescriptor(mlCreateConnectorInput.getDescription(), false));
 
-        return exception;
+        return validateFields(fieldsToValidate);
     }
 
     @Override

common/src/main/java/org/opensearch/ml/common/transport/connector/MLUpdateConnectorRequest.java

@@ -6,11 +6,14 @@
 package org.opensearch.ml.common.transport.connector;
 
 import static org.opensearch.action.ValidateActions.addValidationError;
+import static org.opensearch.ml.common.utils.StringUtils.validateFields;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.UncheckedIOException;
+import java.util.HashMap;
+import java.util.Map;
 
 import org.opensearch.action.ActionRequest;
 import org.opensearch.action.ActionRequestValidationException;
@@ -19,6 +22,7 @@
 import org.opensearch.core.common.io.stream.StreamInput;
 import org.opensearch.core.common.io.stream.StreamOutput;
 import org.opensearch.core.xcontent.XContentParser;
+import org.opensearch.ml.common.utils.FieldDescriptor;
 
 import lombok.Builder;
 import lombok.Getter;
@@ -57,8 +61,12 @@ public ActionRequestValidationException validate() {
 
         if (updateContent == null) {
             exception = addValidationError("Update connector content can't be null", exception);
+        } else {
+            Map<String, FieldDescriptor> fieldsToValidate = new HashMap<>();
+            fieldsToValidate.put("Model connector name", new FieldDescriptor(updateContent.getName(), false));
+            fieldsToValidate.put("Model connector description", new FieldDescriptor(updateContent.getDescription(), false));
+            exception = validateFields(fieldsToValidate);
         }
-
         return exception;
     }
 

common/src/main/java/org/opensearch/ml/common/transport/model/MLUpdateModelRequest.java

@@ -6,18 +6,22 @@
 package org.opensearch.ml.common.transport.model;
 
 import static org.opensearch.action.ValidateActions.addValidationError;
+import static org.opensearch.ml.common.utils.StringUtils.validateFields;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.UncheckedIOException;
+import java.util.HashMap;
+import java.util.Map;
 
 import org.opensearch.action.ActionRequest;
 import org.opensearch.action.ActionRequestValidationException;
 import org.opensearch.core.common.io.stream.InputStreamStreamInput;
 import org.opensearch.core.common.io.stream.OutputStreamStreamOutput;
 import org.opensearch.core.common.io.stream.StreamInput;
 import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.ml.common.utils.FieldDescriptor;
 
 import lombok.AccessLevel;
 import lombok.Builder;
@@ -44,12 +48,13 @@ public MLUpdateModelRequest(StreamInput in) throws IOException {
 
     @Override
     public ActionRequestValidationException validate() {
-        ActionRequestValidationException exception = null;
         if (updateModelInput == null) {
-            exception = addValidationError("Update Model Input can't be null", exception);
+            return addValidationError("Update Model Input can't be null", null);
         }
-
-        return exception;
+        Map<String, FieldDescriptor> fieldsToValidate = new HashMap<>();
+        fieldsToValidate.put("Model Name", new FieldDescriptor(updateModelInput.getName(), false));
+        fieldsToValidate.put("Model Description", new FieldDescriptor(updateModelInput.getDescription(), false));
+        return validateFields(fieldsToValidate);
     }
 
     @Override

common/src/main/java/org/opensearch/ml/common/transport/model_group/MLRegisterModelGroupRequest.java

@@ -6,18 +6,22 @@
 package org.opensearch.ml.common.transport.model_group;
 
 import static org.opensearch.action.ValidateActions.addValidationError;
+import static org.opensearch.ml.common.utils.StringUtils.validateFields;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.UncheckedIOException;
+import java.util.HashMap;
+import java.util.Map;
 
 import org.opensearch.action.ActionRequest;
 import org.opensearch.action.ActionRequestValidationException;
 import org.opensearch.core.common.io.stream.InputStreamStreamInput;
 import org.opensearch.core.common.io.stream.OutputStreamStreamOutput;
 import org.opensearch.core.common.io.stream.StreamInput;
 import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.ml.common.utils.FieldDescriptor;
 
 import lombok.AccessLevel;
 import lombok.Builder;
@@ -44,12 +48,15 @@ public MLRegisterModelGroupRequest(StreamInput in) throws IOException {
 
     @Override
     public ActionRequestValidationException validate() {
-        ActionRequestValidationException exception = null;
         if (registerModelGroupInput == null) {
-            exception = addValidationError("Model meta input can't be null", exception);
+            return addValidationError("Model group input can't be null", null);
         }
 
-        return exception;
+        Map<String, FieldDescriptor> fieldsToValidate = new HashMap<>();
+        fieldsToValidate.put("Model group name", new FieldDescriptor(registerModelGroupInput.getName(), true));
+        fieldsToValidate.put("Model group description", new FieldDescriptor(registerModelGroupInput.getDescription(), false));
+
+        return validateFields(fieldsToValidate);
     }
 
     @Override

common/src/main/java/org/opensearch/ml/common/transport/model_group/MLUpdateModelGroupRequest.java

@@ -6,18 +6,22 @@
 package org.opensearch.ml.common.transport.model_group;
 
 import static org.opensearch.action.ValidateActions.addValidationError;
+import static org.opensearch.ml.common.utils.StringUtils.validateFields;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.UncheckedIOException;
+import java.util.HashMap;
+import java.util.Map;
 
 import org.opensearch.action.ActionRequest;
 import org.opensearch.action.ActionRequestValidationException;
 import org.opensearch.core.common.io.stream.InputStreamStreamInput;
 import org.opensearch.core.common.io.stream.OutputStreamStreamOutput;
 import org.opensearch.core.common.io.stream.StreamInput;
 import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.ml.common.utils.FieldDescriptor;
 
 import lombok.AccessLevel;
 import lombok.Builder;
@@ -44,12 +48,15 @@ public MLUpdateModelGroupRequest(StreamInput in) throws IOException {
 
     @Override
     public ActionRequestValidationException validate() {
-        ActionRequestValidationException exception = null;
         if (updateModelGroupInput == null) {
-            exception = addValidationError("Update Model group input can't be null", exception);
+            return addValidationError("Update Model group input can't be null", null);
         }
 
-        return exception;
+        Map<String, FieldDescriptor> fieldsToValidate = new HashMap<>();
+        fieldsToValidate.put("Model group name", new FieldDescriptor(updateModelGroupInput.getName(), false));
+        fieldsToValidate.put("Model group description", new FieldDescriptor(updateModelGroupInput.getDescription(), false));
+
+        return validateFields(fieldsToValidate);
     }
 
     @Override

common/src/main/java/org/opensearch/ml/common/transport/register/MLRegisterModelRequest.java

@@ -6,18 +6,22 @@
 package org.opensearch.ml.common.transport.register;
 
 import static org.opensearch.action.ValidateActions.addValidationError;
+import static org.opensearch.ml.common.utils.StringUtils.validateFields;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.UncheckedIOException;
+import java.util.HashMap;
+import java.util.Map;
 
 import org.opensearch.action.ActionRequest;
 import org.opensearch.action.ActionRequestValidationException;
 import org.opensearch.core.common.io.stream.InputStreamStreamInput;
 import org.opensearch.core.common.io.stream.OutputStreamStreamOutput;
 import org.opensearch.core.common.io.stream.StreamInput;
 import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.ml.common.utils.FieldDescriptor;
 
 import lombok.AccessLevel;
 import lombok.Builder;
@@ -44,12 +48,15 @@ public MLRegisterModelRequest(StreamInput in) throws IOException {
 
     @Override
     public ActionRequestValidationException validate() {
-        ActionRequestValidationException exception = null;
         if (registerModelInput == null) {
-            exception = addValidationError("ML input can't be null", exception);
+            return addValidationError("ML input can't be null", null);
         }
 
-        return exception;
+        Map<String, FieldDescriptor> fieldsToValidate = new HashMap<>();
+        fieldsToValidate.put("Model name", new FieldDescriptor(registerModelInput.getModelName(), true));
+        fieldsToValidate.put("Model description", new FieldDescriptor(registerModelInput.getDescription(), false));
+
+        return validateFields(fieldsToValidate);
     }
 
     @Override

common/src/main/java/org/opensearch/ml/common/utils/FieldDescriptor.java

@@ -0,0 +1,24 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.opensearch.ml.common.utils;
+
+public class FieldDescriptor {
+    private final String value;
+    private final boolean required;
+
+    public FieldDescriptor(String value, boolean required) {
+        this.value = value;
+        this.required = required;
+    }
+
+    public String getValue() {
+        return value;
+    }
+
+    public boolean isRequired() {
+        return required;
+    }
+}

common/src/main/java/org/opensearch/ml/common/utils/StringUtils.java

@@ -5,6 +5,8 @@
 
 package org.opensearch.ml.common.utils;
 
+import static org.opensearch.action.ValidateActions.addValidationError;
+
 import java.nio.ByteBuffer;
 import java.nio.charset.StandardCharsets;
 import java.security.AccessController;
@@ -28,6 +30,7 @@
 import org.json.JSONException;
 import org.json.JSONObject;
 import org.opensearch.OpenSearchParseException;
+import org.opensearch.action.ActionRequestValidationException;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.JsonNode;
@@ -60,6 +63,12 @@ public class StringUtils {
         + "      return input;"
         + "\n    }\n";
 
+    // Regex allows letters, digits, spaces, hyphens, underscores, and dots.
+    private static final Pattern SAFE_INPUT_PATTERN = Pattern.compile("^[\\p{L}\\p{N}\\s.,!?():@\\-_'\"]*$");
+
+    public static final String SAFE_INPUT_DESCRIPTION =
+        "can only contain letters, numbers, whitespace, and basic punctuation (.,!?():@-_'\")";
+
     public static final Gson gson;
 
     static {
@@ -497,4 +506,51 @@ public static String hashString(String input) {
         }
     }
 
+    /**
+     * Validates a map of fields to ensure that their values only contain allowed characters.
+     * <p>
+     * Allowed characters are: letters, digits, spaces, underscores (_), hyphens (-), dots (.), and colons (:).
+     * If a value does not comply, a validation error is added.
+     *
+     * @param fields A map where the key is the field name (used for error messages) and the value is the text to validate.
+     * @return An {@link ActionRequestValidationException} containing all validation errors, or {@code null} if all fields are valid.
+     */
+    public static ActionRequestValidationException validateFields(Map<String, FieldDescriptor> fields) {
+        ActionRequestValidationException exception = null;
+
+        for (Map.Entry<String, FieldDescriptor> entry : fields.entrySet()) {
+            String key = entry.getKey();
+            FieldDescriptor descriptor = entry.getValue();
+            String value = descriptor.getValue();
+
+            if (descriptor.isRequired()) {
+                if (!isSafeText(value)) {
+                    String reason = (value == null || value.isBlank()) ? "is required and cannot be null or blank" : SAFE_INPUT_DESCRIPTION;
+                    exception = addValidationError(key + " " + reason, exception);
+                }
+            } else {
+                if (value != null && !value.isBlank() && !matchesSafePattern(value)) {
+                    exception = addValidationError(key + " " + SAFE_INPUT_DESCRIPTION, exception);
+                }
+            }
+        }
+
+        return exception;
+    }
+
+    /**
+     * Checks if the input is safe (non-null, non-blank, matches safe character set).
+     *
+     * @param value The input string to validate
+     * @return true if input is safe, false otherwise
+     */
+    public static boolean isSafeText(String value) {
+        return value != null && !value.isBlank() && matchesSafePattern(value);
+    }
+
+    // Just checks pattern
+    public static boolean matchesSafePattern(String value) {
+        return SAFE_INPUT_PATTERN.matcher(value).matches();
+    }
+
 }