cratestack-core 0.4.4

Rust-native schema-first framework for typed HTTP APIs, generated clients, and backend services.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

//! Field-level validators.
//!
//! Standalone helpers invoked from generated `validate` methods on
//! Create / Update input structs. Each returns `Ok(())` on success or
//! a redacted [`CoolError::Validation`] whose public message names
//! the field but never echoes the rejected value (so PII does not
//! leak via 422 bodies).

use crate::Decimal;
use crate::error::CoolError;

#[cfg(test)]
mod tests;

pub fn validate_length(
    field: &'static str,
    value: &str,
    min: Option<usize>,
    max: Option<usize>,
) -> Result<(), CoolError> {
    let len = value.chars().count();
    if let Some(min) = min
        && len < min
    {
        return Err(CoolError::Validation(format!(
            "field '{field}' length {len} is below minimum {min}",
        )));
    }
    if let Some(max) = max
        && len > max
    {
        return Err(CoolError::Validation(format!(
            "field '{field}' length {len} exceeds maximum {max}",
        )));
    }
    Ok(())
}

pub fn validate_range_i64(
    field: &'static str,
    value: i64,
    min: Option<i64>,
    max: Option<i64>,
) -> Result<(), CoolError> {
    if let Some(min) = min
        && value < min
    {
        return Err(CoolError::Validation(format!(
            "field '{field}' is below minimum {min}",
        )));
    }
    if let Some(max) = max
        && value > max
    {
        return Err(CoolError::Validation(format!(
            "field '{field}' exceeds maximum {max}",
        )));
    }
    Ok(())
}

/// Decimal-typed `@range` enforcement. The parser accepts integer
/// bounds (`@range(min: 0, max: 100)`) on both Int and Decimal
/// fields; the i64 bounds are promoted to Decimal here so monetary
/// fields can declare the same shape as integer counters. Banks
/// routinely write things like `amount Decimal @range(min: 0)` to
/// forbid negative amounts at the framework layer — without this,
/// the validator silently no-ops and out-of-range values reach the
/// database.
pub fn validate_range_decimal(
    field: &'static str,
    value: &Decimal,
    min: Option<i64>,
    max: Option<i64>,
) -> Result<(), CoolError> {
    if let Some(min) = min {
        let bound = Decimal::from(min);
        if *value < bound {
            return Err(CoolError::Validation(format!(
                "field '{field}' is below minimum {min}",
            )));
        }
    }
    if let Some(max) = max {
        let bound = Decimal::from(max);
        if *value > bound {
            return Err(CoolError::Validation(format!(
                "field '{field}' exceeds maximum {max}",
            )));
        }
    }
    Ok(())
}

/// Pragmatic email check: requires exactly one `@`, non-empty local
/// and domain parts, at least one `.` in the domain, and no
/// whitespace. Not a full RFC 5322 grammar — that grammar admits
/// forms (quoted local parts, IP literals) banks rarely accept
/// anyway. Reject early; let real KYC flows do deeper validation.
pub fn validate_email(field: &'static str, value: &str) -> Result<(), CoolError> {
    let trimmed = value.trim();
    if trimmed.is_empty()
        || trimmed.chars().any(char::is_whitespace)
        || trimmed.chars().filter(|c| *c == '@').count() != 1
    {
        return Err(CoolError::Validation(format!(
            "field '{field}' is not a valid email address",
        )));
    }
    let (local, domain) = trimmed.split_once('@').unwrap();
    if local.is_empty() || domain.is_empty() || !domain.contains('.') {
        return Err(CoolError::Validation(format!(
            "field '{field}' is not a valid email address",
        )));
    }
    Ok(())
}

pub fn validate_uri(field: &'static str, value: &str) -> Result<(), CoolError> {
    if url::Url::parse(value).is_err() {
        return Err(CoolError::Validation(format!(
            "field '{field}' is not a valid URI",
        )));
    }
    Ok(())
}

/// ISO 4217 currency codes are 3 ASCII uppercase letters. We do not
/// enforce the registered set here — that table churns and is
/// downstream policy. Banks typically pin allowed currencies via a
/// separate allow-list anyway.
pub fn validate_iso4217(field: &'static str, value: &str) -> Result<(), CoolError> {
    if value.len() != 3 || !value.chars().all(|c| c.is_ascii_uppercase()) {
        return Err(CoolError::Validation(format!(
            "field '{field}' must be a 3-letter uppercase ISO 4217 code",
        )));
    }
    Ok(())
}