From: Sanjay Dalal Date: Wed, 17 Feb 2010 21:24:46 +0000 (+0000) Subject: CSPACE-787 changes suggested during the review CSPACE-886 X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=df60e95a6a074dee6429067c0298e1507796e139;p=tmp%2Fjakarta-migration.git CSPACE-787 changes suggested during the review CSPACE-886 CSPACE-1010 added email validation (partial checkin) test collectionobject account security M collectionobject/service/src/main/java/org/collectionspace/services/collectionobject/nuxeo/CollectionObjectValidatorHandler.java M account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java --- diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java index 487175f15..f6336ba38 100644 --- a/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java +++ b/services/account/service/src/main/java/org/collectionspace/services/account/storage/AccountValidatorHandler.java @@ -50,6 +50,8 @@ package org.collectionspace.services.account.storage; import java.util.List; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import org.collectionspace.services.account.AccountsCommon; import org.collectionspace.services.common.context.ServiceContext; import org.collectionspace.services.common.document.DocumentHandler.Action; @@ -74,29 +76,51 @@ public class AccountValidatorHandler implements ValidatorHandler { } try { AccountsCommon account = (AccountsCommon) ctx.getInput(); - String msg = "validate() "; + StringBuilder msgBldr = new StringBuilder("validate() "); boolean invalid = false; List tl = account.getTenant(); if (tl == null || tl.size() == 0) { - msg += " missing tenant information!"; + msgBldr.append("\ntenant : missing information!"); invalid = true; } if (action.equals(Action.CREATE)) { //create specific validation here - if (account.getUserId() == null || "".equals(account.getUserId())) { + if (account.getScreenName() == null || account.getScreenName().isEmpty()) { invalid = true; - msg += " userId is missing"; + msgBldr.append("\nscreenName : missing"); + } + if (account.getUserId() == null || account.getUserId().isEmpty()) { + invalid = true; + msgBldr.append("\nuserId : missing"); + } + if (account.getEmail() == null || account.getEmail().isEmpty()) { + invalid = true; + msgBldr.append("\nemail : missing"); + } else { + if (invalidEmail(account.getEmail(), msgBldr)) { + invalid = true; + } } } else if (action.equals(Action.UPDATE)) { //update specific validation here + if (account.getScreenName() != null && account.getScreenName().isEmpty()) { + invalid = true; + msgBldr.append("\nscreenName : cannot be changed!"); + } if (account.getPassword() != null - && (account.getUserId() == null || "".equals(account.getUserId()))) { + && (account.getUserId() == null || account.getUserId().isEmpty())) { invalid = true; - msg += " userId is needed with password"; + msgBldr.append("\npassword : userId is needed"); + } + if (account.getEmail() != null) { + if (invalidEmail(account.getEmail(), msgBldr)) { + invalid = true; + } } } if (invalid) { + String msg = msgBldr.toString(); logger.error(msg); throw new InvalidDocumentException(msg); } @@ -106,4 +130,15 @@ public class AccountValidatorHandler implements ValidatorHandler { throw new InvalidDocumentException(e); } } + + private boolean invalidEmail(String email, StringBuilder msgBldr) { + boolean invalid = false; + Pattern p = Pattern.compile("^[_A-Za-z0-9-]+(\\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\\.[A-Za-z0-9-]+)*(\\.[_A-Za-z0-9-]+)"); + Matcher m = p.matcher(email); + if (!m.find()) { + invalid = true; + msgBldr.append("\nemail : invalid " + email); + } + return invalid; + } } diff --git a/services/collectionobject/service/src/main/java/org/collectionspace/services/collectionobject/nuxeo/CollectionObjectValidatorHandler.java b/services/collectionobject/service/src/main/java/org/collectionspace/services/collectionobject/nuxeo/CollectionObjectValidatorHandler.java index a8a8730ea..492de0df4 100644 --- a/services/collectionobject/service/src/main/java/org/collectionspace/services/collectionobject/nuxeo/CollectionObjectValidatorHandler.java +++ b/services/collectionobject/service/src/main/java/org/collectionspace/services/collectionobject/nuxeo/CollectionObjectValidatorHandler.java @@ -76,11 +76,11 @@ public class CollectionObjectValidatorHandler implements ValidatorHandler { MultipartServiceContext mctx = (MultipartServiceContext) ctx; CollectionobjectsCommon co = (CollectionobjectsCommon) mctx.getInputPart(mctx.getCommonPartLabel(), CollectionobjectsCommon.class); - String msg = ""; + StringBuilder msgBldr = new StringBuilder("validate()"); boolean invalid = false; if (co.getObjectNumber() == null || co.getObjectNumber().isEmpty()) { invalid = true; - msg += "objectNumber is missing!"; + msgBldr.append("\nobjectNumber : missing"); } if(action.equals(Action.CREATE)) { //create specific validation here @@ -89,6 +89,7 @@ public class CollectionObjectValidatorHandler implements ValidatorHandler { } if (invalid) { + String msg = msgBldr.toString(); logger.error(msg); throw new InvalidDocumentException(msg); }