You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@unomi.apache.org by jk...@apache.org on 2022/01/06 14:31:37 UTC
[unomi] branch master updated: UNOMI-543: add validation on importConfigId for ImportConfigurationServiceEndPoint (#375)
This is an automated email from the ASF dual-hosted git repository.
jkevan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/unomi.git
The following commit(s) were added to refs/heads/master by this push:
new 855ee91 UNOMI-543: add validation on importConfigId for ImportConfigurationServiceEndPoint (#375)
855ee91 is described below
commit 855ee915fe3fc87742c1801ff1d63f14cd410bc3
Author: kevan Jahanshahi <ke...@jahia.com>
AuthorDate: Thu Jan 6 15:31:30 2022 +0100
UNOMI-543: add validation on importConfigId for ImportConfigurationServiceEndPoint (#375)
---
extensions/router/router-rest/pom.xml | 5 +++++
.../unomi/router/rest/ImportConfigurationServiceEndPoint.java | 6 +++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/extensions/router/router-rest/pom.xml b/extensions/router/router-rest/pom.xml
index b3fc379..a2a1d65 100644
--- a/extensions/router/router-rest/pom.xml
+++ b/extensions/router/router-rest/pom.xml
@@ -85,6 +85,11 @@
<artifactId>osgi.cmpn</artifactId>
<scope>provided</scope>
</dependency>
+ <dependency>
+ <groupId>javax.validation</groupId>
+ <artifactId>validation-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
</dependencies>
</project>
\ No newline at end of file
diff --git a/extensions/router/router-rest/src/main/java/org/apache/unomi/router/rest/ImportConfigurationServiceEndPoint.java b/extensions/router/router-rest/src/main/java/org/apache/unomi/router/rest/ImportConfigurationServiceEndPoint.java
index a21404b..ad943e9 100644
--- a/extensions/router/router-rest/src/main/java/org/apache/unomi/router/rest/ImportConfigurationServiceEndPoint.java
+++ b/extensions/router/router-rest/src/main/java/org/apache/unomi/router/rest/ImportConfigurationServiceEndPoint.java
@@ -20,6 +20,7 @@ import org.apache.cxf.jaxrs.ext.multipart.Attachment;
import org.apache.cxf.jaxrs.ext.multipart.Multipart;
import org.apache.cxf.rs.security.cors.CrossOriginResourceSharing;
import org.apache.unomi.api.services.ConfigSharingService;
+import org.apache.unomi.api.utils.ValidationPattern;
import org.apache.unomi.router.api.ImportConfiguration;
import org.apache.unomi.router.api.RouterConstants;
import org.apache.unomi.router.api.services.ImportExportConfigurationService;
@@ -30,6 +31,8 @@ import org.slf4j.LoggerFactory;
import javax.jws.WebMethod;
import javax.jws.WebService;
+import javax.validation.constraints.NotNull;
+import javax.validation.constraints.Pattern;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
@@ -106,7 +109,8 @@ public class ImportConfigurationServiceEndPoint extends AbstractConfigurationSer
@Path("/oneshot")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
- public Response processOneshotImportConfigurationCSV(@Multipart(value = "importConfigId") String importConfigId, @Multipart(value = "file") Attachment file) {
+ public Response processOneshotImportConfigurationCSV(@Multipart(value = "importConfigId") @NotNull @Pattern(regexp = "^[a-zA-Z0-9_.\\-]{1,255}$") String importConfigId,
+ @Multipart(value = "file") Attachment file) {
try {
java.nio.file.Path path = Paths.get(configSharingService.getProperty(RouterConstants.IMPORT_ONESHOT_UPLOAD_DIR) + importConfigId + ".csv");
Files.deleteIfExists(path);