feat: validate rules length after parsing

4 files changed, 11 insertions, 21 deletions

diff --git a/internal/redirects/matching.go b/internal/redirects/matching.go
index fb879e4f..913cb359 100644
--- a/internal/redirects/matching.go
+++ b/internal/redirects/matching.go
@@ -100,10 +100,6 @@ func matchesRule(rule *netlifyRedirects.Rule, path string) (bool, string) {
 //
 // If no rule matches, this function returns `nil` and an empty string
 func (r *Redirects) match(path string) (*netlifyRedirects.Rule, string) {
-	if validateRedirectsFile(r) != nil {
-		return nil, ""
-	}
-
 	for i := range r.rules {
 		// assign rule to a new var to prevent the following gosec error
 		// G601: Implicit memory aliasing in for loop
diff --git a/internal/redirects/redirects.go b/internal/redirects/redirects.go
index fafeaf4b..d214c64d 100644
--- a/internal/redirects/redirects.go
+++ b/internal/redirects/redirects.go
@@ -55,7 +55,7 @@ var (
 	errUnsupportedStatus               = errors.New("status not supported")
 	errNoForce                         = errors.New("force! not supported")
 	errTooManyPathSegments             = fmt.Errorf("url path cannot contain more than %d forward slashes", maxPathSegments)
-	errTooManyRules                    = fmt.Errorf("_redirects file may not contain more than %d rules", maxRuleCount)
+	errTooManyRules                    = fmt.Errorf("_redirects file contains more than the maximum %d rules, so no rules will be processed", maxRuleCount)
 	regexpPlaceholder                  = regexp.MustCompile(`(?i)/:[a-z]+`)
 )
 
@@ -73,10 +73,6 @@ func (r *Redirects) Status() string {
 	messages := make([]string, 0, len(r.rules)+1)
 	messages = append(messages, fmt.Sprintf("%d rules", len(r.rules)))
 
-	if err := validateRedirectsFile(r); err != nil {
-		messages = append(messages, fmt.Sprintf("error: %s", err.Error()))
-	}
-
 	for i, rule := range r.rules {
 		if err := validateRule(rule); err != nil {
 			messages = append(messages, fmt.Sprintf("rule %d: error: %s", i+1, err.Error()))
@@ -136,5 +132,9 @@ func ParseRedirects(ctx context.Context, root vfs.Root) *Redirects {
 		return &Redirects{error: errFailedToParseConfig}
 	}
 
+	if len(redirectRules) > maxRuleCount {
+		return &Redirects{error: errTooManyRules}
+	}
+
 	return &Redirects{rules: redirectRules}
 }
diff --git a/internal/redirects/redirects_test.go b/internal/redirects/redirects_test.go
index 6ae141f5..113d2252 100644
--- a/internal/redirects/redirects_test.go
+++ b/internal/redirects/redirects_test.go
@@ -201,6 +201,12 @@ func TestRedirectsParseRedirects(t *testing.T) {
 			expectedRules: 0,
 			expectedErr:   errFailedToParseConfig.Error(),
 		},
+		{
+			name:          "Too many redirect rules",
+			redirectsFile: strings.Repeat("/goto.html /target.html 301\n", maxRuleCount+1),
+			expectedRules: 0,
+			expectedErr:   errTooManyRules.Error(),
+		},
 	}
 
 	for _, tt := range tests {
diff --git a/internal/redirects/validations.go b/internal/redirects/validations.go
index 7c6d8089..1af5c5c5 100644
--- a/internal/redirects/validations.go
+++ b/internal/redirects/validations.go
@@ -89,15 +89,3 @@ func validateRule(r netlifyRedirects.Rule) error {
 
 	return nil
 }
-
-// validateRedirectsFile runs rules on the _redirects file as a whole.
-// Returns `nil` if no errors are found.
-// Does not run rule-specific validations - this is
-// handled by `validateRule` instead.
-func validateRedirectsFile(r *Redirects) error {
-	if len(r.rules) > maxRuleCount {
-		return errTooManyRules
-	}
-
-	return nil
-}