Skip to content

Commit

Permalink
Fixing some missing JPA entities' validation
Browse files Browse the repository at this point in the history
  • Loading branch information
ilgrosso committed Oct 22, 2018
1 parent 30286d9 commit 36fb466
Show file tree
Hide file tree
Showing 18 changed files with 300 additions and 70 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
import org.apache.syncope.client.enduser.SyncopeEnduserSession;
import org.apache.syncope.client.enduser.annotations.Resource;
import org.apache.syncope.client.enduser.util.UserRequestValidator;
import org.apache.syncope.client.enduser.util.Validation;
import org.apache.syncope.common.lib.SyncopeClientException;
import org.apache.syncope.common.lib.to.AttrTO;
import org.apache.syncope.common.lib.to.MembershipTO;
Expand Down Expand Up @@ -81,7 +81,7 @@ protected ResourceResponse newResourceResponse(final Attributes attributes) {
LOG.trace("Request is [{}]", userTO);

// check if request is compliant with customization form rules
if (UserRequestValidator.compliant(userTO,
if (Validation.isCompliant(userTO,
SyncopeEnduserApplication.get().getCustomFormAttributes(), true)) {

// 1. membership attributes management
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
import org.apache.syncope.client.enduser.SyncopeEnduserSession;
import org.apache.syncope.client.enduser.annotations.Resource;
import org.apache.syncope.client.enduser.model.CustomAttributesInfo;
import org.apache.syncope.client.enduser.util.UserRequestValidator;
import org.apache.syncope.client.enduser.util.Validation;
import org.apache.syncope.common.lib.AnyOperations;
import org.apache.syncope.common.lib.EntityTOUtils;
import org.apache.syncope.common.lib.patch.UserPatch;
Expand Down Expand Up @@ -70,7 +70,7 @@ protected ResourceResponse newResourceResponse(final IResource.Attributes attrib
SyncopeEnduserApplication.get().getCustomFormAttributes();

// check if request is compliant with customization form rules
if (UserRequestValidator.compliant(userTO, customFormAttributes, false)) {
if (Validation.isCompliant(userTO, customFormAttributes, false)) {
// 1. membership attributes management
Set<AttrTO> membAttrs = new HashSet<>();
userTO.getPlainAttrs().stream().
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,5 +43,6 @@ public static String generate(final String input) {
}

private SaltGenerator() {
// private constructor for static utility class
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -30,14 +30,13 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public final class UserRequestValidator {
public final class Validation {

private static final Logger LOG = LoggerFactory.getLogger(UserRequestValidator.class);
private static final Logger LOG = LoggerFactory.getLogger(Validation.class);

private UserRequestValidator() {
}

public static boolean compliant(final UserTO userTO, final Map<String, CustomAttributesInfo> customFormAttributes,
public static boolean isCompliant(
final UserTO userTO,
final Map<String, CustomAttributesInfo> customFormAttributes,
final boolean checkDefaultValues) {

if (customFormAttributes == null || customFormAttributes.isEmpty()) {
Expand Down Expand Up @@ -68,7 +67,6 @@ private static boolean validateAttributes(final Map<String, AttrTO> attrMap,
}
return compliant;
});

}

public static boolean validateSteps(final CustomTemplateInfo customTemplateInfo) {
Expand All @@ -92,4 +90,7 @@ private static boolean isValid(final AttrTO attrTO, final CustomAttribute custom
: true;
}

private Validation() {
// private constructor for static utility class
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
import org.junit.jupiter.api.Test;
import org.springframework.core.io.ClassPathResource;

public class UserRequestValidatorTest {
public class ValidationTest {

private AttrTO attrTO(String schemaKey, String... values) {
return new AttrTO.Builder().schema(schemaKey).values(values).build();
Expand All @@ -58,41 +58,40 @@ public void testCompliant() throws IOException {
"customTemplate.json").getFile(), CustomTemplateInfo.class);

// not allowed because of presence of notAllowed attribute
assertFalse(UserRequestValidator.compliant(userTO, customFormAttributes, true));
assertFalse(Validation.isCompliant(userTO, customFormAttributes, true));

// remove notAllowed attribute and make it compliant
userTO.getPlainAttrs().remove(notAllowed);
assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, true));
assertTrue(Validation.isCompliant(userTO, customFormAttributes, true));

// firstname must have only one defaultValue
userTO.getPlainAttr("firstname").get().getValues().add("notAllowedFirstnameValue");
assertFalse(UserRequestValidator.compliant(userTO, customFormAttributes, true));
assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, false));
assertFalse(Validation.isCompliant(userTO, customFormAttributes, true));
assertTrue(Validation.isCompliant(userTO, customFormAttributes, false));

// clean
userTO.getPlainAttr("firstname").get().getValues().remove("notAllowedFirstnameValue");

// virtual
AttrTO virtualdata = attrTO("virtualdata", "defaultVirtualData");
userTO.getVirAttrs().add(virtualdata);
assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, true));
assertTrue(Validation.isCompliant(userTO, customFormAttributes, true));

// with empty form is compliant by definition
assertTrue(UserRequestValidator.compliant(userTO, new HashMap<>(), true));
assertTrue(Validation.isCompliant(userTO, new HashMap<>(), true));

// check wizard steps
// only "credentials", "plainSchemas" and "finish" steps must be visible
assertTrue(UserRequestValidator.validateSteps(customTemplate));
assertTrue(Validation.validateSteps(customTemplate));

assertTrue(UserRequestValidator.validateStep("credentials", customTemplate));
assertTrue(UserRequestValidator.validateStep("plainSchemas", customTemplate));
assertTrue(UserRequestValidator.validateStep("finish", customTemplate));
assertTrue(Validation.validateStep("credentials", customTemplate));
assertTrue(Validation.validateStep("plainSchemas", customTemplate));
assertTrue(Validation.validateStep("finish", customTemplate));

assertFalse(UserRequestValidator.validateStep("test", customTemplate));
assertFalse(UserRequestValidator.validateStep("resources", customTemplate));
assertFalse(UserRequestValidator.validateStep("virtualSchemas", customTemplate));
assertFalse(UserRequestValidator.validateStep("derivedSchemas", customTemplate));
assertFalse(UserRequestValidator.validateStep("groups", customTemplate));
assertFalse(Validation.validateStep("test", customTemplate));
assertFalse(Validation.validateStep("resources", customTemplate));
assertFalse(Validation.validateStep("virtualSchemas", customTemplate));
assertFalse(Validation.validateStep("derivedSchemas", customTemplate));
assertFalse(Validation.validateStep("groups", customTemplate));
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,11 @@
import javax.validation.constraints.NotNull;
import org.apache.syncope.core.persistence.api.entity.policy.Policy;
import org.apache.syncope.core.persistence.jpa.entity.AbstractGeneratedKeyEntity;
import org.apache.syncope.core.persistence.jpa.validation.entity.PolicyCheck;

@Entity
@Inheritance(strategy = InheritanceType.TABLE_PER_CLASS)
@PolicyCheck
public abstract class AbstractPolicy extends AbstractGeneratedKeyEntity implements Policy {

private static final long serialVersionUID = -5844833125843247458L;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,4 +41,8 @@ public void initialize(final A annotation) {
protected final String getTemplate(final EntityViolationType type, final String message) {
return type.name() + ";" + message;
}

protected boolean isHtml(final String text) {
return text != null && (text.indexOf('<') != -1 || text.indexOf('>') != -1);
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.syncope.core.persistence.jpa.validation.entity;

import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

import javax.validation.Constraint;
import javax.validation.Payload;

@Target({ ElementType.TYPE })
@Retention(RetentionPolicy.RUNTIME)
@Constraint(validatedBy = AnyTypeClassValidator.class)
@Documented
public @interface AnyTypeClassCheck {

String message() default "{org.apache.syncope.core.persistence.validation.anytypeclass}";

Class<?>[] groups() default {};

Class<? extends Payload>[] payload() default {};
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.syncope.core.persistence.jpa.validation.entity;

import javax.validation.ConstraintValidatorContext;
import org.apache.syncope.common.lib.types.EntityViolationType;
import org.apache.syncope.core.persistence.api.entity.AnyTypeClass;

public class AnyTypeClassValidator extends AbstractValidator<AnyTypeClassCheck, AnyTypeClass> {

@Override
public boolean isValid(final AnyTypeClass anyTypeClass, final ConstraintValidatorContext context) {
context.disableDefaultConstraintViolation();

boolean isValid = true;

if (isHtml(anyTypeClass.getKey())) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
addPropertyNode("key").addConstraintViolation();

isValid = false;
}

return isValid;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -27,32 +27,41 @@
public class AnyTypeValidator extends AbstractValidator<AnyTypeCheck, AnyType> {

@Override
public boolean isValid(final AnyType object, final ConstraintValidatorContext context) {
public boolean isValid(final AnyType anyType, final ConstraintValidatorContext context) {
context.disableDefaultConstraintViolation();

boolean isValid;
switch (object.getKind()) {
boolean isValid = true;

if (isHtml(anyType.getKey())) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
addPropertyNode("key").addConstraintViolation();

isValid = false;
}

boolean nameKindMatch;
switch (anyType.getKind()) {
case USER:
isValid = AnyTypeKind.USER.name().equalsIgnoreCase(object.getKey());
nameKindMatch = AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey());
break;

case GROUP:
isValid = AnyTypeKind.GROUP.name().equalsIgnoreCase(object.getKey());
nameKindMatch = AnyTypeKind.GROUP.name().equalsIgnoreCase(anyType.getKey());
break;

case ANY_OBJECT:
default:
isValid = !AnyTypeKind.USER.name().equalsIgnoreCase(object.getKey())
&& !AnyTypeKind.GROUP.name().equalsIgnoreCase(object.getKey())
&& !SyncopeConstants.REALM_ANYTYPE.equalsIgnoreCase(object.getKey());
nameKindMatch = !AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey())
&& !AnyTypeKind.GROUP.name().equalsIgnoreCase(anyType.getKey())
&& !SyncopeConstants.REALM_ANYTYPE.equalsIgnoreCase(anyType.getKey());
}

if (!isValid) {
if (!nameKindMatch) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidAnyType, "Name / kind mismatch")).
addPropertyNode("name").addConstraintViolation();
}

return isValid;
return isValid && nameKindMatch;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,18 @@ public class ConnInstanceValidator extends AbstractValidator<ConnInstanceCheck,

@Override
public boolean isValid(final ConnInstance connInstance, final ConstraintValidatorContext context) {
context.disableDefaultConstraintViolation();

boolean isValid = true;

if (isHtml(connInstance.getDisplayName())) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidName, "Invalid display name")).
addPropertyNode("displayName").addConstraintViolation();

isValid = false;
}

try {
URIUtils.buildForConnId(connInstance.getLocation());
} catch (Exception e) {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.syncope.core.persistence.jpa.validation.entity;

import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

import javax.validation.Constraint;
import javax.validation.Payload;

@Target({ ElementType.TYPE })
@Retention(RetentionPolicy.RUNTIME)
@Constraint(validatedBy = PolicyValidator.class)
@Documented
public @interface PolicyCheck {

String message() default "{org.apache.syncope.core.persistence.validation.policy}";

Class<?>[] groups() default {};

Class<? extends Payload>[] payload() default {};
}
Loading

0 comments on commit 36fb466

Please sign in to comment.