From 7df9144fbf55d4fff25243aa45dce9568dfa3a60 Mon Sep 17 00:00:00 2001
From: Todd <github@quaddi.com>
Date: Fri, 19 Apr 2024 07:49:11 -0700
Subject: [PATCH] Fix typos in request validation errors for aliases (#4671)

* Fix typos in request validation errors for aliases

* Add format validation for destination id field.
---
 .../handlers/aliases/alias_service.go         | 14 +++++++---
 .../handlers/aliases/alias_service_test.go    | 26 ++++++++++++++++++-
 2 files changed, 36 insertions(+), 4 deletions(-)

diff --git a/internal/daemon/controller/handlers/aliases/alias_service.go b/internal/daemon/controller/handlers/aliases/alias_service.go
index 17d685aca1..04eb0a8ae6 100644
--- a/internal/daemon/controller/handlers/aliases/alias_service.go
+++ b/internal/daemon/controller/handlers/aliases/alias_service.go
@@ -588,12 +588,16 @@ func validateCreateRequest(req *pbs.CreateAliasRequest) error {
 		if !strings.EqualFold(req.GetItem().GetType(), aliasTypeTarget) {
 			badFields[globals.TypeField] = "This field is required. Current supported values are 'target'."
 		}
+		if req.GetItem().GetDestinationId().GetValue() != "" &&
+			!handlers.ValidId(handlers.Id(req.GetItem().GetDestinationId().GetValue()), globals.TcpTargetPrefix, globals.SshTargetPrefix) {
+			badFields[globals.DestinationIdField] = "Incorrectly formatted identifier."
+		}
 		if req.GetItem().GetTargetAliasAttributes().GetAuthorizeSessionArguments().GetHostId() != "" {
 			if req.GetItem().GetDestinationId().GetValue() == "" {
-				badFields[globals.DestinationIdField] = "This field is required when 'attributes.authorize_sesion_arguments.host_id' is specified."
+				badFields[globals.DestinationIdField] = "This field is required when 'attributes.authorize_session_arguments.host_id' is specified."
 			}
 			if !handlers.ValidId(handlers.Id(req.GetItem().GetTargetAliasAttributes().GetAuthorizeSessionArguments().GetHostId()), globals.StaticHostPrefix, globals.PluginHostPrefix) {
-				badFields["host_id"] = "Incorrectly formatted identifier."
+				badFields["attributes.authorize_session_arguments.host_id"] = "Incorrectly formatted identifier."
 			}
 		}
 		return badFields
@@ -606,9 +610,13 @@ func validateUpdateRequest(req *pbs.UpdateAliasRequest) error {
 		if handlers.MaskContains(req.GetUpdateMask().GetPaths(), "value") && req.GetItem().GetValue() == "" {
 			badFields["value"] = "This field is required."
 		}
+		if req.GetItem().GetDestinationId().GetValue() != "" &&
+			!handlers.ValidId(handlers.Id(req.GetItem().GetDestinationId().GetValue()), globals.TcpTargetPrefix, globals.SshTargetPrefix) {
+			badFields[globals.DestinationIdField] = "Incorrectly formatted identifier."
+		}
 		if req.GetItem().GetTargetAliasAttributes().GetAuthorizeSessionArguments().GetHostId() != "" &&
 			!handlers.ValidId(handlers.Id(req.GetItem().GetTargetAliasAttributes().GetAuthorizeSessionArguments().GetHostId()), globals.StaticHostPrefix, globals.PluginHostPrefix) {
-			badFields["host_id"] = "Incorrectly formatted identifier."
+			badFields["attributes.authorize_session_arguments.host_id"] = "Incorrectly formatted identifier."
 		}
 		return badFields
 	}, globals.TargetAliasPrefix)
diff --git a/internal/daemon/controller/handlers/aliases/alias_service_test.go b/internal/daemon/controller/handlers/aliases/alias_service_test.go
index cf6e461d69..6a37609512 100644
--- a/internal/daemon/controller/handlers/aliases/alias_service_test.go
+++ b/internal/daemon/controller/handlers/aliases/alias_service_test.go
@@ -777,6 +777,16 @@ func TestCreate(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "Alias to poorly formatted target id",
+			req: &pbs.CreateAliasRequest{Item: &pb.Alias{
+				Type:          "target",
+				ScopeId:       scope.Global.String(),
+				Value:         "target-assigned.valid.alias",
+				DestinationId: wrapperspb.String("this is not a valid target id"),
+			}},
+			errContains: `Incorrectly formatted identifier.`,
+		},
 		{
 			name: "Alias to existing target with static host id",
 			req: &pbs.CreateAliasRequest{Item: &pb.Alias{
@@ -870,7 +880,7 @@ func TestCreate(t *testing.T) {
 					},
 				},
 			}},
-			errContains: `This field is required when 'attributes.authorize_sesion_arguments.host_id' is specified.`,
+			errContains: `This field is required when 'attributes.authorize_session_arguments.host_id' is specified.`,
 		},
 		{
 			name: "improperly formatted host id",
@@ -1203,6 +1213,20 @@ func TestUpdate(t *testing.T) {
 				},
 			},
 		},
+		{
+			name:    "Update destination id",
+			scopeId: og.GetScopeId(),
+			req: &pbs.UpdateAliasRequest{
+				UpdateMask: &field_mask.FieldMask{
+					Paths: []string{"destination_id"},
+				},
+				Item: &pb.Alias{
+					Name:          wrapperspb.String("ignored"),
+					DestinationId: wrapperspb.String("invalid format for targets"),
+				},
+			},
+			err: handlers.ApiErrorWithCode(codes.InvalidArgument),
+		},
 		{
 			name:    "unset value",
 			scopeId: og.GetScopeId(),