Improve regex to catch forbidden bucket names

#64

app/api/dependencies.py

@@ -254,7 +254,7 @@ async def get_current_bucket(
     bucket : clowmdb.models.Bucket
         Bucket with the given name.
     """
-    bucket = await CRUDBucket.get(db, bucket_name.split(":")[-1])
+    bucket = await CRUDBucket.get(db, bucket_name)
     if bucket is None:
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Bucket not found")
     return bucket

app/main.py

@@ -63,7 +63,9 @@ if settings.OTLP_GRPC_ENDPOINT is not None and len(settings.OTLP_GRPC_ENDPOINT)
         return await request_validation_exception_handler(request, exc)
 
 
-FastAPIInstrumentor.instrument_app(app, excluded_urls="health", tracer_provider=trace.get_tracer_provider())
+FastAPIInstrumentor.instrument_app(
+    app, excluded_urls="health,docs,openapi.json", tracer_provider=trace.get_tracer_provider()
+)
 
 # CORS Settings for the API
 app.add_middleware(

app/schemas/bucket.py

@@ -4,7 +4,7 @@ from typing import Optional
 from clowmdb.models import Bucket
 from pydantic import BaseModel, ConfigDict, Field, field_validator
 
-ip_regex = re.compile(r"^((2(5[0-5]|[0-4]\d)|[01]?\d{1,2})\.){3}(2(5[0-5]|[0-4]\d)|[01]?\d{1,2})$")
+ip_like_regex = re.compile(r"^(\d+\.){3}\d+$")
 
 
 class _BaseBucket(BaseModel):
@@ -18,7 +18,8 @@ class _BaseBucket(BaseModel):
         description="Name of the bucket",
         min_length=3,
         max_length=63,
-        pattern=r"^[a-z\d][a-z\d.-]{1,61}[a-z\d]$",
+        pattern=r"^([a-z0-9](?:[a-z0-9-]*[a-z0-9])?.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$",
+        # https://docs.ceph.com/en/latest/radosgw/s3/bucketops/#constraints
     )
     description: str = Field(
         ...,
@@ -31,7 +32,7 @@ class _BaseBucket(BaseModel):
     @field_validator("name")
     @classmethod
     def name_is_not_an_ip_address(cls, name: str) -> str:
-        if ip_regex.search(name):
+        if ip_like_regex.search(name):
             raise ValueError("no IP address as bucket name")
         return name