1. Forum
  2. Usenet
  3. COMP.LANG.JAVA.PROGRAMMER

  • Sonarlint regex

    From e.d.programmer@gmail.com@21:1/5 to All on Fri Feb 10 08:48:06 2023
    My app is passing in a user id. We're hard coding 4 users.
    user01
    user03
    user05
    user07
    We have validation that the user passed in is one of these.
    private void validateUser(String userId) {
    if (!userId.matches("(user0)[1|3|5|7]")) {
    throw new SecurityException("Invalid user");
    }
    }
    This seems to work but Sonarlint flags the regex string with "Remove duplicates in this character class". Is there a better way to write the same thing?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Eric Sosman@21:1/5 to e.d.pro...@gmail.com on Fri Feb 10 09:50:13 2023
    On Friday, February 10, 2023 at 11:48:12 AM UTC-5, e.d.pro...@gmail.com wrote:
    My app is passing in a user id. We're hard coding 4 users.
    user01
    user03
    user05
    user07
    We have validation that the user passed in is one of these.
    private void validateUser(String userId) {
    if (!userId.matches("(user0)[1|3|5|7]")) {
    throw new SecurityException("Invalid user");
    }
    }
    This seems to work but Sonarlint flags the regex string with "Remove duplicates in this character class". Is there a better way to write the same thing?

    First, try logging in as "user0|". Then ponder what happens. Then lose the "|" characters.
    (You may also want to lose the "(" and ")", as they seem purposeless.)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From e.d.programmer@gmail.com@21:1/5 to All on Fri Feb 10 10:22:00 2023
    if (!userId.matches("(user0)[1|3|5|7]")) {
    throw new SecurityException("Invalid user");
    }
    }
    This seems to work but Sonarlint flags the regex string with "Remove duplicates in this character class". Is there a better way to write the same thing?
    First, try logging in as "user0|". Then ponder what happens. Then lose the "|" characters.
    (You may also want to lose the "(" and ")", as they seem purposeless.)
    I see. I don't know who came up with that. Apparently the | was supposed to mean "or" but that's already the purpose of the [].
    regex101 says the () makes a capturing group which matches the characters literally (case sensitive), apparently it does the same thing without the () but doesn't call it a capturing group.
    so just .matches("user0[1357]")

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?Q?Arne_Vajh=c3=b8j?=@21:1/5 to e.d.pro...@gmail.com on Fri Feb 10 16:37:02 2023
    On 2/10/2023 1:22 PM, e.d.pro...@gmail.com wrote:
    if (!userId.matches("(user0)[1|3|5|7]")) { throw new
    SecurityException("Invalid user"); } } This seems to work but
    Sonarlint flags the regex string with "Remove duplicates in this
    character class". Is there a better way to write the same thing?
    First, try logging in as "user0|". Then ponder what happens. Then
    lose the "|" characters. (You may also want to lose the "(" and
    ")", as they seem purposeless.)
    I see. I don't know who came up with that. Apparently the | was
    supposed to mean "or" but that's already the purpose of the [].
    regex101 says the () makes a capturing group which matches the
    characters literally (case sensitive), apparently it does the same
    thing without the () but doesn't call it a capturing group. so just .matches("user0[1357]")

    "user0[1357]" puts the entire username in group 0

    "(user0)[1357]" puts the entire username in group 0
    and "user0" in group 1 which does not make sense

    "user(0[1357])" puts the entire username in group 0
    and "0x" in group 1 which in some contexts could make sense

    Arne

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)