diff --git a/app/concerns/mdm/workspace/boundary_range.rb b/app/concerns/mdm/workspace/boundary_range.rb index 9470f2fb717d..bb415079b55d 100644 --- a/app/concerns/mdm/workspace/boundary_range.rb +++ b/app/concerns/mdm/workspace/boundary_range.rb @@ -54,6 +54,16 @@ def boundary_must_be_ip_range unless valid_ip_or_range?(range) errors.add(:boundary, "must be a valid IP range") end + + if range.match?(/\A(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\s*-\s*(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\z/) + start_ip, end_ip = range.split('-').map(&:strip) + if start_ip.split('.')[0..2] == end_ip.split('.')[0..2] + last_octet_end = end_ip.split('.').last + errors.add(:boundary, "'#{range}' should be in the format '#{start_ip}-#{last_octet_end}'") + else + errors.add(:boundary, "'#{range}' start and end IPs must be in the same subnet") + end + end end end end diff --git a/spec/models/mdm/workspace_spec.rb b/spec/models/mdm/workspace_spec.rb index 900d9d436f1c..0788700f2582 100644 --- a/spec/models/mdm/workspace_spec.rb +++ b/spec/models/mdm/workspace_spec.rb @@ -56,6 +56,36 @@ expect(workspace.errors[:boundary]).to include(error) end end + + context 'with invalid IP or range format' do + let(:boundary) do + '192.168.0.1-192.168.0.2' + end + + let(:start_ip) do + '192.168.0.1' + end + + let(:last_octet_end) do + '2' + end + + it 'should record error that boundary must be a valid IP range and in the correct format' do + expect(workspace).not_to be_valid + expect(workspace.errors[:boundary]).to include("'#{boundary}' should be in the format '#{start_ip}-#{last_octet_end}'") + end + end + + context 'with IPs from different subnets' do + let(:boundary) do + '192.168.0.1-192.169.0.2' + end + + it 'should record error that boundary must be a valid IP range and in the same subnet' do + expect(workspace).not_to be_valid + expect(workspace.errors[:boundary]).to include("'#{boundary}' start and end IPs must be in the same subnet") + end + end end context 'when the workspace is not network limited' do