func validateSpec()

in oracle/controllers/databasecontroller/database_controller.go [359:396]

• 34 lines of code
• 15 McCabe index (conditional complexity)

func validateSpec(db *v1alpha1.Database) error {
	// Currently only support validate db spec for user credentials.
	// no sensitive information is logged underlying.
	if (db.Spec.AdminPassword != "") && (db.Spec.AdminPasswordGsmSecretRef != nil) {
		return fmt.Errorf("resources/validateSpec: invalid database admin password spec; you can only specify either admin_password or adminPasswordGsmSecretRef")
	}
	for _, u := range db.Spec.Users {
		if (u.Password != "") && (u.GsmSecretRef != nil) {
			return fmt.Errorf("resources/validateSpec: invalid database user password spec for user %q; you can only specify either password or GsmSecretRef", u.Name)
		}
	}

	if _, err := sql.Identifier(db.Spec.Name); err != nil {
		return fmt.Errorf("resources/validateSpec: pdb name is not valid: %w", err)
	}
	if db.Spec.AdminPassword != "" {
		if _, err := sql.Identifier(db.Spec.AdminPassword); err != nil {
			return fmt.Errorf("resources/validateSpec: admin_password is not valid: %w", err)
		}
	}
	for _, u := range db.Spec.Users {
		if _, err := sql.ObjectName(u.Name); err != nil {
			return fmt.Errorf("resources/validateSpec: invalid user %q: %w", u.Name, err)
		}
		if u.Password != "" {
			if _, err := sql.Identifier(u.Password); err != nil {
				return fmt.Errorf("resources/validateSpec: password for user %q is not valid: %w", u.Name, err)
			}
		}
		for _, privilege := range u.Privileges {
			if !sql.IsPrivilege(string(privilege)) {
				return fmt.Errorf("resources/validateSpec: invalid privilege %q for user %q", privilege, u.Name)
			}
		}
	}

	return nil
}