fix(orc8r): Sanitizing user input on N/W creation

[jahid-wavelabs]

Fixes security issues #159

Summary

The current implementation includes sanitization of network inputs through the use of predefined allowedNetworkTypes. To enhance clarity and efficiency, this modification involves removing the reference to data.networkType from the else section.

Test Plan

This change was validated manually by deliberately sending a web-inject script. The testing process confirmed that the input is effectively filtered, and the system appropriately responds with an error.

[github-actions]

Thanks for opening a PR! 💯

A couple initial guidelines

• All commits must be signed off. This is enforced by PR DCO check.
• All PR titles must follow the semantic commits format. This is enforced by PR Check Title Or Commit Message.

Howto

• Reviews. The "Reviewers" listed for this PR are the Magma maintainers who will shepherd it.
• Checks. All required CI checks must pass before merge.
• Merge. Once approved and passing CI checks, use the ready2merge label to indicate the maintainers can merge your PR.

More info

Please take a moment to read through the Magma project's

• Contributing Conventions for norms around contributed code

If this is your first Magma PR, also consider reading

• Developer Onboarding for onboarding as a new Magma developer
• Development Workflow for guidance on your first PR
• CI Checks for points of contact for failing or flaky CI checks
• Code Review Process for information on requesting reviews and contacting maintainers

[github-actions]

✔️ The Semantic PR check ended with status success. See instructions on formatting your commit and pull request titles.

[github-actions]

🚫 [eslint] <prettier/prettier> _{reported by reviewdog 🐶}
Replace ⏎············.status(400)⏎············.send(Unsupported·network·type})⏎············ with .status(400).send(Unsupported·network·type})

Suggested change

	res
	.status(400)
	.send(`Unsupported network type ${data.networkType}`)
	.send(`Unsupported network type}`)
	.end();
	res.status(400).send(`Unsupported network type}`).end();

[github-actions]

🚫 [eslint] <prettier/prettier> _{reported by reviewdog 🐶}
Replace ⏎············.status(400)⏎············.send(Unsupported·network·type)⏎············ with .status(400).send(Unsupported·network·type)

Suggested change

	res
	.status(400)
	.send(`Unsupported network type ${data.networkType}`)
	.send(`Unsupported network type`)
	.end();
	res.status(400).send(`Unsupported network type`).end();

[github-actions]

🚫 [eslint] <@typescript-eslint/array-type> _{reported by reviewdog 🐶}
Array type using 'T[]' is forbidden. Use 'Array' instead.

Suggested change

	const allowedNetworkTypes: typeof data["networkType"][] = [LTE, FEG_LTE, CWF, FEG];
	const allowedNetworkTypes: Array<typeof data["networkType"]> = [LTE, FEG_LTE, CWF, FEG];

[github-actions]

🚫 [eslint] <prettier/prettier> _{reported by reviewdog 🐶}
Replace "networkType"][]·=·[LTE,·FEG_LTE,·CWF,·FEG with 'networkType'][]·=·[⏎········LTE,⏎········FEG_LTE,⏎········CWF,⏎········FEG,⏎······

Suggested change

	const allowedNetworkTypes: typeof data["networkType"][] = [LTE, FEG_LTE, CWF, FEG];
	const allowedNetworkTypes: typeof data['networkType'][] = [
	LTE,
	FEG_LTE,
	CWF,
	FEG,
	];

[github-actions]

🚫 [eslint] <prettier/prettier> _{reported by reviewdog 🐶}
Replace (data.networkType) with data.networkType

Suggested change

	if (!allowedNetworkTypes.includes((data.networkType))) {
	if (!allowedNetworkTypes.includes(data.networkType)) {

[github-actions]

🚫 [eslint] <prettier/prettier> _{reported by reviewdog 🐶}
Replace LTE,·FEG_LTE,·CWF,·FEG with ⏎········LTE,⏎········FEG_LTE,⏎········CWF,⏎········FEG,⏎······

Suggested change

	const allowedNetworkTypes: Array<typeof data['networkType']> = [LTE, FEG_LTE, CWF, FEG];
	const allowedNetworkTypes: Array<typeof data['networkType']> = [
	LTE,
	FEG_LTE,
	CWF,
	FEG,
	];