( value: string | null | undefined, allowedValues: readonly T[], paramName = 'value' )
| 335 | * ``` |
| 336 | */ |
| 337 | export function validateEnum<T extends string>( |
| 338 | value: string | null | undefined, |
| 339 | allowedValues: readonly T[], |
| 340 | paramName = 'value' |
| 341 | ): ValidationResult { |
| 342 | if (value === null || value === undefined || value === '') { |
| 343 | return { |
| 344 | isValid: false, |
| 345 | error: `${paramName} is required`, |
| 346 | } |
| 347 | } |
| 348 | |
| 349 | if (!allowedValues.includes(value as T)) { |
| 350 | logger.warn('Value not in allowed list', { |
| 351 | paramName, |
| 352 | value, |
| 353 | allowedValues, |
| 354 | }) |
| 355 | return { |
| 356 | isValid: false, |
| 357 | error: `${paramName} must be one of: ${allowedValues.join(', ')}`, |
| 358 | } |
| 359 | } |
| 360 | |
| 361 | return { isValid: true, sanitized: value } |
| 362 | } |
| 363 | |
| 364 | /** |
| 365 | * Validates a hostname to prevent SSRF attacks |
no test coverage detected