Prevent illegal ArangoDB Collection/Graph names

[jjnesbitt]

When creating a table/network in Multinet, we don't currently check the supplied names for their validity against Arango's naming conventions. Due to this, it's currently possible to supply an invalid name, and cause a 500 error to occur when collection/graph creation is attempted.

We should instead enforce a regex constraint on these names. One way to do this would be at the serializer level, creating a custom RegexField for table and network names. Another is to create a RegexValidator, which can be attached to the name field on tables and networks. That would require calling full_clean before saving each object though, and might not lead to a great API surface, but would enforce these constraints before saving to the database. Perhaps both could be used.

[waxlamp]

Why not enforce this at creation time instead of serialization (I may not be understanding the problem properly).

[jjnesbitt]

Why not enforce this at creation time instead of serialization (I may not be understanding the problem properly).

In either case, creation with an invalid name can be done with the model directly, as calling model.full_clean before calling model.save is required to trigger the validation. When done at the serializer level, the serializer will prevent creation (because the request will immediately return), as well as provide a useful error message from the API. If validation is only done on the model itself, we wouldn't have a good error message to show the user.

I think in either case we should do validation in the serializer. However I'm not sure if it's worthwhile to also do this check upon model creation, as that would provide marginally better protection against this, but will probably also increase the complexity of creating a table/network.

[waxlamp]

Thanks for the explainer. If you want to expound upon the tradeoffs, an RFC might be a good venue for it.