✨ : add server-side validation for modules

gaia-app · Aug 30, 2019 · 48b5969 · 48b5969
1 parent d814b76
commit 48b5969
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 4 deletions.
diff --git a/src/main/java/io/codeka/gaia/modules/bo/TerraformModule.java b/src/main/java/io/codeka/gaia/modules/bo/TerraformModule.java
@@ -4,6 +4,8 @@
 import io.codeka.gaia.teams.bo.User;
 import org.springframework.data.mongodb.core.mapping.DBRef;
 
+import javax.validation.Valid;
+import javax.validation.constraints.NotBlank;
 import java.math.BigDecimal;
 import java.util.ArrayList;
 import java.util.List;
@@ -12,18 +14,22 @@ public class TerraformModule {
 
     private String id;
 
+    @NotBlank
     private String gitRepositoryUrl;
 
     private String gitBranch;
 
     private String directory;
 
+    @Valid
     private List<TerraformVariable> variables = new ArrayList<>();
 
+    @NotBlank
     private String name;
 
     private String description;
 
+    @NotBlank
     private String cliVersion;
 
     @DBRef

diff --git a/src/main/java/io/codeka/gaia/modules/bo/TerraformVariable.java b/src/main/java/io/codeka/gaia/modules/bo/TerraformVariable.java
@@ -1,10 +1,13 @@
 package io.codeka.gaia.modules.bo;
 
+import javax.validation.constraints.NotBlank;
+
 /**
  * Represents a module variable
  */
 public class TerraformVariable {
 
+    @NotBlank
     private String name;
 
     private String description;

diff --git a/src/main/java/io/codeka/gaia/modules/controller/ModuleRestController.java b/src/main/java/io/codeka/gaia/modules/controller/ModuleRestController.java
@@ -7,6 +7,7 @@
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.web.bind.annotation.*;
 
+import javax.validation.Valid;
 import java.util.List;
 
 /**
@@ -23,7 +24,7 @@ public ModuleRestController(TerraformModuleRepository moduleRepository) {
         this.moduleRepository = moduleRepository;
     }
 
-    @GetMapping("")
+    @GetMapping
     public List<TerraformModule> findAllModules(User user){
         if(user.isAdmin()){
             return moduleRepository.findAll();
@@ -41,7 +42,7 @@ public TerraformModule findModule(@PathVariable String id, User user){
 
     @Secured("ROLE_ADMIN")
     @PutMapping("/{id}")
-    public TerraformModule saveModule(@PathVariable String id, @RequestBody TerraformModule module){
+    public TerraformModule saveModule(@PathVariable String id, @RequestBody @Valid TerraformModule module){
         return moduleRepository.save(module);
     }
 

diff --git a/src/test/java/io/codeka/gaia/modules/controller/ModuleRestControllerIT.java b/src/test/java/io/codeka/gaia/modules/controller/ModuleRestControllerIT.java
@@ -96,18 +96,40 @@ void findModule_shouldReturnModulesOfOtherTeams_forAdmin() throws Exception {
     void saveModule_shouldNotBeAccessible_forStandardUsers() throws Exception {
         mockMvc.perform(put("/api/modules/test")
                 .contentType(MediaType.APPLICATION_JSON)
-                .content("{\"name\":\"module-test\"}"))
+                .content("{\"name\":\"module-test\", \"cliVersion\": \"0.12.0\", \"gitRepositoryUrl\": \"https://github.com/juwit/terraform-docker-mongo.git\"}"))
                 .andExpect(status().isForbidden());
     }
 
     @Test
     void saveModule_shouldBeAccessible_forAdmin() throws Exception {
         mockMvc.perform(put("/api/modules/test")
                 .contentType(MediaType.APPLICATION_JSON)
-                .content("{\"name\":\"module-test\"}"))
+                .content("{\"name\":\"module-test\", \"cliVersion\": \"0.12.0\", \"gitRepositoryUrl\": \"https://github.com/juwit/terraform-docker-mongo.git\"}"))
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.id", notNullValue()))
                 .andExpect(jsonPath("$.name", is("module-test")));
     }
 
+    @Test
+    void saveModule_shouldValidateModuleContent_forBlankFields() throws Exception {
+        mockMvc.perform(put("/api/modules/stacks")
+                .contentType(MediaType.APPLICATION_JSON)
+                // empty module
+                .content("{}"))
+                .andExpect(status().isBadRequest())
+                .andExpect(jsonPath("$.message", containsString("name must not be blank")))
+                .andExpect(jsonPath("$.message", containsString("cliVersion must not be blank")))
+                .andExpect(jsonPath("$.message", containsString("gitRepositoryUrl must not be blank")));
+    }
+
+    @Test
+    void saveModule_shouldValidateModuleVariables_forBlankFields() throws Exception {
+        mockMvc.perform(put("/api/modules/stacks")
+                .contentType(MediaType.APPLICATION_JSON)
+                // empty variable name
+                .content("{\"variables\":[{\"name\":\"  \"}]}"))
+                .andExpect(status().isBadRequest())
+                .andExpect(jsonPath("$.message", containsString("variables[0].name must not be blank")));
+    }
+
 }