target · arurao · Jul 10, 2019 · Jun 3, 2019 · Jun 3, 2019 · Jun 3, 2019
diff --git a/alert/legacysearch.go b/alert/legacysearch.go
@@ -87,7 +87,7 @@ func (db *DB) LegacySearch(ctx context.Context, opts *LegacySearchOptions) ([]Al
 		validate.Range("Limit", opts.Limit, 15, 50),
 		validate.Range("Offset", opts.Offset, 0, 1000000),
 		validate.OneOf("SortBy", opts.SortBy, SortByID, SortByStatus, SortByCreatedTime, SortBySummary, SortByServiceName),
-		validate.Text("Search", opts.Search, 0, 250),
+		validate.Search("Search", opts.Search),
 	)
 	if opts.FavoriteServicesOnlyUserID != "" {
 		err = validate.Many(err, validate.UUID("FavoriteServicesOnlyUserID", opts.FavoriteServicesOnlyUserID))

diff --git a/alert/search.go b/alert/search.go
@@ -95,7 +95,7 @@ func (opts renderData) Normalize() (*renderData, error) {
 	}
 
 	err := validate.Many(
-		validate.Text("Search", opts.Search, 0, search.MaxQueryLen),
+		validate.Search("Search", opts.Search),
 		validate.Range("Limit", opts.Limit, 0, search.MaxResults),
 		validate.Range("Status", len(opts.Status), 0, 3),
 		validate.ManyUUID("Services", opts.Services, 50),

diff --git a/escalation/search.go b/escalation/search.go
@@ -62,7 +62,7 @@ func (opts renderData) Normalize() (*renderData, error) {
 	}
 
 	err := validate.Many(
-		validate.Text("Search", opts.Search, 0, search.MaxQueryLen),
+		validate.Search("Search", opts.Search),
 		validate.Range("Limit", opts.Limit, 0, search.MaxResults),
 		validate.ManyUUID("Omit", opts.Omit, 50),
 	)

diff --git a/label/search.go b/label/search.go
@@ -103,7 +103,7 @@ func (opts renderData) Normalize() (*renderData, error) {
 	}
 
 	err := validate.Many(
-		validate.Text("Search", opts.Search, 0, search.MaxQueryLen),
+		validate.Search("Search", opts.Search),
 		validate.Range("Limit", opts.Limit, 0, search.MaxResults),
 		validate.Range("Omit", len(opts.Omit), 0, 50),
 	)

diff --git a/schedule/rotation/search.go b/schedule/rotation/search.go
@@ -95,7 +95,7 @@ func (opts renderData) Normalize() (*renderData, error) {
 	}
 
 	err := validate.Many(
-		validate.Text("Search", opts.Search, 0, search.MaxQueryLen),
+		validate.Search("Search", opts.Search),
 		validate.Range("Limit", opts.Limit, 0, search.MaxResults),
 		validate.ManyUUID("Omit", opts.Omit, 50),
 	)

diff --git a/schedule/search.go b/schedule/search.go
@@ -94,7 +94,7 @@ func (opts renderData) Normalize() (*renderData, error) {
 		opts.Limit = search.DefaultMaxResults
 	}
 	err := validate.Many(
-		validate.Text("Search", opts.Search, 0, search.MaxQueryLen),
+		validate.Search("Search", opts.Search),
 		validate.Range("Limit", opts.Limit, 0, search.MaxResults),
 		validate.ManyUUID("Omit", opts.Omit, 50),
 	)

diff --git a/service/legacysearch.go b/service/legacysearch.go
@@ -77,7 +77,7 @@ func (db *DB) LegacySearch(ctx context.Context, opts *LegacySearchOptions) ([]Se
 		return nil, err
 	}
 
-	err = validate.Text("Search", opts.Search, 0, 250)
+	err = validate.Search("Search", opts.Search)
 	if opts.FavoritesOnly || opts.FavoritesFirst || opts.FavoritesUserID != "" {
 		err = validate.Many(err, validate.UUID("FavoritesUserID", opts.FavoritesUserID))
 	}

diff --git a/service/search.go b/service/search.go
@@ -137,7 +137,7 @@ func (opts renderData) Normalize() (*renderData, error) {
 	}
 
 	err := validate.Many(
-		validate.Text("Search", opts.Search, 0, search.MaxQueryLen),
+		validate.Search("Search", opts.Search),
 		validate.Range("Limit", opts.Limit, 0, search.MaxResults),
 		validate.ManyUUID("Omit", opts.Omit, 50),
 	)

diff --git a/timezone/search.go b/timezone/search.go
@@ -63,7 +63,7 @@ func (opts renderData) Normalize() (*renderData, error) {
 	}
 
 	err := validate.Many(
-		validate.Text("Search", opts.Search, 0, search.MaxQueryLen),
+		validate.Search("Search", opts.Search),
 		validate.Range("Limit", opts.Limit, 0, search.MaxResults),
 		validate.Range("Omit", len(opts.Omit), 0, 50),
 	)

diff --git a/user/search.go b/user/search.go
@@ -63,7 +63,7 @@ func (opts renderData) Normalize() (*renderData, error) {
 	}
 
 	err := validate.Many(
-		validate.Text("Search", opts.Search, 0, search.MaxQueryLen),
+		validate.Search("Search", opts.Search),
 		validate.Range("Limit", opts.Limit, 0, search.MaxResults),
 		validate.ManyUUID("Omit", opts.Omit, 50),
 	)

diff --git a/validation/validate/search.go b/validation/validate/search.go
@@ -0,0 +1,30 @@
+package validate
+
+import (
+	"unicode"
+
+	"github.com/target/goalert/validation"
+)
+
+// Search will validate a search body. It ensures that the field
+// consists of valid unicode code-points, and does not exceed max of 255 characters.
+// If body is empty, the input is considered valid.
+func Search(fname, body string) error {
+	if body == "" {
+		return nil
+	}
+
+	r := []rune(body)
+
+	if len(r) > 255 {
+		return validation.NewFieldError(fname, "cannot exceed 255 characters")
+	}
+
+	for _, c := range r {
+		if !unicode.IsPrint(c) && c != '\t' && c != '\n' {
+			return validation.NewFieldError(fname, "only printable characters allowed")
+		}
+	}
+
+	return nil
+}