From 0d17ba679e7872e6b85ab6ead2b80851919a1e27 Mon Sep 17 00:00:00 2001
From: shirady <57721533+shirady@users.noreply.github.com>
Date: Sun, 18 Feb 2024 13:42:29 +0200
Subject: [PATCH] NSFS | NC | Prevent adding additional properties (bucket
 schema)

Signed-off-by: shirady <57721533+shirady@users.noreply.github.com>
---
 src/manage_nsfs/nsfs_schema_utils.js                 |  7 +++++++
 .../test_nc_nsfs_bucket_schema_validation.test.js    | 12 +++---------
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/manage_nsfs/nsfs_schema_utils.js b/src/manage_nsfs/nsfs_schema_utils.js
index 7abbcec9d5..62e4e650d4 100644
--- a/src/manage_nsfs/nsfs_schema_utils.js
+++ b/src/manage_nsfs/nsfs_schema_utils.js
@@ -1,6 +1,7 @@
 /* Copyright (C) 2023 NooBaa */
 'use strict';
 
+const _ = require('lodash');
 const RpcError = require('../rpc/rpc_error');
 const { default: Ajv } = require('ajv');
 const ajv = new Ajv({ verbose: true, allErrors: true });
@@ -21,6 +22,12 @@ const bucket_schema = require('../server/system_services/schemas/nsfs_bucket_sch
 const account_schema = require('../server/system_services/schemas/nsfs_account_schema');
 const nsfs_config_schema = require('../server/system_services/schemas/nsfs_config_schema');
 
+_.each(common_api.definitions, schema => {
+    schema_utils.strictify(schema, {
+        additionalProperties: false
+    });
+});
+
 schema_utils.strictify(bucket_schema, {
     additionalProperties: false
 });
diff --git a/src/test/unit_tests/jest_tests/test_nc_nsfs_bucket_schema_validation.test.js b/src/test/unit_tests/jest_tests/test_nc_nsfs_bucket_schema_validation.test.js
index b9e0b86800..79f1f385ae 100644
--- a/src/test/unit_tests/jest_tests/test_nc_nsfs_bucket_schema_validation.test.js
+++ b/src/test/unit_tests/jest_tests/test_nc_nsfs_bucket_schema_validation.test.js
@@ -96,9 +96,7 @@ describe('schema validation NC NSFS bucket', () => {
             assert_validation(bucket_data, reason, message);
         });
 
-        // GAP - this test should have passing
-        // currently we can properties to s3_policy which are not part of the schema
-        it.skip('bucket with my_id inside s3_policy', () => {
+        it('bucket with my_id inside s3_policy', () => {
             const bucket_data = get_bucket_data();
             bucket_data.s3_policy = bucket_policy1; // added
             bucket_data.s3_policy.my_id = '123'; // this is not part of the schema
@@ -108,9 +106,7 @@ describe('schema validation NC NSFS bucket', () => {
             assert_validation(bucket_data, reason, message);
         });
 
-        // GAP - this test should have passing
-        // currently we can properties to encryption which are not part of the schema
-        it.skip('bucket with my_id inside encryption', () => {
+        it('bucket with my_id inside encryption', () => {
             const bucket_data = get_bucket_data();
             bucket_data.encryption = encryption1; // added
             bucket_data.encryption.my_id = '123'; // this is not part of the schema
@@ -120,9 +116,7 @@ describe('schema validation NC NSFS bucket', () => {
             assert_validation(bucket_data, reason, message);
         });
 
-        // GAP - this test should have passing
-        // currently we can properties to website which are not part of the schema
-        it.skip('bucket with my_id inside website', () => {
+        it('bucket with my_id inside website', () => {
             const bucket_data = get_bucket_data();
             bucket_data.website = website1; // added
             bucket_data.website.my_id = '123'; // this is not part of the schema