13

I am working on an API. For a better developer experience, I would like to report back to the user any easily-found issue with params. My code validates strings, integers, booleans, iso8601 dates, and domain specific list of values. I am looking into a way to validate if a string is a valid UUID. I am looking into possible options to do it.

Improve this question
3
  • 1
    You could validate the format of the uuid with a regex. See stackoverflow.com/questions/7680771/… Commented Nov 27, 2017 at 10:35
  • PostgreSQL adapter has some validation for UUID you can check the implementation and can use in your model. github.com/rails/rails/blob/master/activerecord/lib/… Commented Nov 27, 2017 at 10:40
  • thanks @NarenSisodiya, I should have mentioned in the question that the validation is not acting directly on the attribute of the class, therefore I am not sure how I could use it. In addition, our rails project is using Sequel. The hint to underlying regex is useful though. Commented Nov 27, 2017 at 12:33

6 Answers 6

Reset to default
18

Based on the prevalent suggestion to use regex: 

def validate_uuid_format(uuid)
  uuid_regex = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/
  return true if uuid_regex.match?(uuid.to_s.downcase)

  log_and_raise_error("Given argument is not a valid UUID: '#{format_argument_output(uuid)}'")
end

Please note that, this only checks if a string adheres to a 8-4-4-4-12 format and ignores any version checks.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Make sure your regex is looking for valid UUIDs only.
9

Although my answer will slightly restrict the generality of the question, I hope that it is still interesting enough. This restriction is the assumption that you instantiate a new object based on the set of parameters that you want to check, start validation and then return the errors object unless nil.

# params[:lot] = { material_id: [SOME STRING], maybe: more_attributes }
lot = Lot.new params[:lot]
lot.valid?

This way you use Rails' built-in validation mechanisms. However, as of May 2020 there still does not seem to be native support for validating the format of an attribute as a UUID. With native, I mean something along the lines of:

# models/lot.rb
# material_id is of type string, as per db/schema.rb
validates :material_id,
  uuid: true

Typing this in Rails 6.0.3 one gets:

ArgumentError (Unknown validator: 'UuidValidator')

The key to validating attributes as a UUID therefore is to generate a UuidValidator class and to make sure that Rails' internals find and use it naturally.

Inspired by the solution that Doug Puchalski of coderwall.com has suggested, in combination with the Rails API docs, I came up with this solution:

# lib/uuid_validator.rb
class UuidValidator < ActiveModel::EachValidator
  def validate_each(record, attribute, value)
    unless value =~ /\A[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\z/i
      msg = options[:message] || "is not a valid UUID"
      record.errors.add(attribute, msg)
    end
  end
end

Now, assume that you instantiate a new Lot instance and erronously assign an integer as foreign key to material_id:

lot = Lot.new({material_id: 1})
lot.material_id
=> "1" # note the auto type cast based on schema definition
lot.valid?
=> false
lot.errors.messages
=> {:material_id=>["is not a valid UUID"]}
# now, assign a valid uuid to material_id
lot.material_id = SecureRandom.uuid
=> "8c0f2f01-8f8e-4e83-a2a0-f5dd2e63fc33"
lot.valid?
=> true

Important:
As soon as you change the data type of your attribute to uuid,

# db/schema.rb
create_table "lots", id: false, force: :cascade do |t|
  #t.string "material_id"
  t.uuid "material_id"
end

Rails 6 will automatically only accept valid uuids for assigns to material_id. When trying to assing anything but a vaild UUID string, it will instead fail graciously:

lot = Lot.new
# trying to assign an integer...
lot.material_id({material_id: 1})
# results in gracious failure
=> nil
# the same is true for 'nearly valid' UUID strings, note the four last chars
lot.material_id = "44ab2cc4-f9e5-45c9-a08d-de6a98c0xxxx"
=> nil

However, you will still get the correct validation response:

lot.valid?
=> false
lot.errors.messages
=> {:material_id=>["is not a valid UUID"]}
Improve this answer

3 Comments

Do you know more about the mechanism used to fail gracefully with nil on invalid UUID? This is causing me some issue now and would like to understand more about which part of the code is responsible for this behavior.
@DavidRevelo no, at the moment I do not. However, the right starting point to dig into the Rails source code surely is the "valid?" method. You can find the definition of the method by asking an instance for it with my_model_instance.method(:valid?).source_location. Then navigate to the source code and follow through from there.
It appears that in Rails 7, the UUID graceful failure type applies to the create!, save!, and update! methods on ActiveModel as well; the UuidValidator approach is no longer viable, and will not cause .valid? to return false nor errors to be updated.
8

In case you need to verify parameter before passing it to Postgres - it is enough to check that string follows 8-4-4-4-12 hexadecimal format.

Short check for parameter:

uuid.to_s.match /^\h{8}-(\h{4}-){3}\h{12}$/

In human words:

  • 8 hexadecimal characters
  • 3 groups by 4 hexadecimal characters
  • 12 hexadecimal characters

UPD: added begin/end of line matching to regex as per @electr0sheep suggestion

Improve this answer

2 Comments

This was close for what I needed. I like the simplicity, but it will match as long as any substring is a UUID. To check that a string is exactly a UUID with no leading or trailing characters, I believe you can use uuid.to_s.match(/\A\h{8}-(\h{4}-){3}\h{12}\z/). \A matches the beginning of the string and \z matches the end of the string, and does not ignore a trailing \n. ruby-doc.org/3.3.0/…
A minor tweak here using a non-capturing group for the three quartets: /\A\h{8}-(?:\h{4}-){3}\h{12}\z/. It avoids storing the unnecessarily captured data.
3

Use https://github.com/dpep/rspec-uuid :

gem 'rspec-uuid'

Then just test if it is uuid:

it { expect(user_uuid).to be_a_uuid }

Or, you can check for a specific UUID version:

it { expect(user_uuid).to be_a_uuid(version: 4) }
Improve this answer

Comments

3

You can use the rubygem uuid(56+ M downloads) .validate class method.

# result is true or nil
result = UUID.validate(potentially_uuid_string)

See https://www.rubydoc.info/gems/uuid/2.3.1/UUID#validate-class_method

Please note that it matches against several UUID formats.

Improve this answer

3 Comments

Can you give an example how to apply it, instead of just a link?
It's a simple class method which returns a boolean: UUID.validate(my_string). (post edited)
"Native" implies its part of the Ruby standard library. UUID is not part of Ruby. You're linking a gem here that provides this class on top of Ruby.
-3

validate it using regular expression matcher, depends which version of UUID you are validating against. I am sure there are plenty resource out there for each UUID version's regular expression pattern.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.