[Feature] Validate directory patterns

[matthewchivers]

Summary

Add validation for directory patterns to detect and prevent invalid or potentially dangerous path characters. This feature would provide error-checking for paths specified in configuration files, reducing the risk of errors or security vulnerabilities due to special characters in paths.

Motivation

Currently, directory patterns allow users to specify paths without validation. This leaves room for potential issues, such as unintentional relative paths (..), forward or backward slashes (/, \), and other special characters that may cause errors or introduce security concerns. Adding path validation will:

• Enhance Security: Prevent potential security issues, such as directory traversal vulnerabilities, by flagging disallowed characters.
• Reduce Errors: Catch invalid paths early to avoid runtime errors, improving reliability.
• Improve User Experience: Provide clear error messages when problematic characters are detected, guiding users to correct path configurations.

Proposed Solution

Implement a validation function within the path-handling logic that checks directory patterns for the following characters:

• .. (preventing unintended relative paths)
• / and \ (handling platform-specific directory separators)
• Any other potentially problematic characters, as needed

When an invalid character is detected, the program should:

1. Display an error message specifying the character and location in the pattern.
2. Suggest allowed characters to help the user correct the pattern? (maybe)

Example Configuration Check:

Given the following configuration:

directory_pattern: "../{{ .Now | date \"2006\" }}/{{ .Now | date \"01\" }}/scrum"

The program would output:

Error: Invalid character .. found in directory pattern. Relative paths are not allowed

Alternatives Considered

1. Allowing All Characters with Warnings:

   • Pros: Provides flexibility for advanced users.
   • Cons: Still allows potential security issues; may be confusing if users miss warnings.

Additional Context

• Cross-Platform Considerations: Platform-specific characters may need to be accounted for (e.g., : on Windows).
• User Configuration Guidance: Documentation can highlight allowed and disallowed characters to aid users.
• Related Issue: https://github.com/matthewchivers/dodl/issues/30

Checklist

• [x] I have checked existing issues to ensure this feature has not been requested.
• [x] I have considered the potential impact on existing functionality.

[matthewchivers]

PR #35 closes this issue as it adds path validation 👍