You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2018/10/22 07:02:22 UTC
[2/3] syncope git commit: Fixing some missing JPA entities' validation
Fixing some missing JPA entities' validation
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/b25a8834
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/b25a8834
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/b25a8834
Branch: refs/heads/2_1_X
Commit: b25a8834db2cc7ea45707a1218e85e0475684270
Parents: f863108
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Fri Oct 19 13:26:52 2018 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Mon Oct 22 08:59:36 2018 +0200
----------------------------------------------------------------------
.../resources/UserSelfCreateResource.java | 4 +-
.../resources/UserSelfUpdateResource.java | 4 +-
.../client/enduser/util/SaltGenerator.java | 1 +
.../enduser/util/UserRequestValidator.java | 95 -------------------
.../syncope/client/enduser/util/Validation.java | 96 +++++++++++++++++++
.../enduser/util/UserRequestValidatorTest.java | 98 --------------------
.../client/enduser/util/ValidationTest.java | 98 ++++++++++++++++++++
.../jpa/entity/policy/AbstractPolicy.java | 2 +
.../validation/entity/AbstractValidator.java | 4 +
.../validation/entity/AnyTypeClassCheck.java | 41 ++++++++
.../entity/AnyTypeClassValidator.java | 43 +++++++++
.../jpa/validation/entity/AnyTypeValidator.java | 31 ++++---
.../entity/ConnInstanceValidator.java | 10 ++
.../jpa/validation/entity/PolicyCheck.java | 41 ++++++++
.../jpa/validation/entity/PolicyValidator.java | 40 ++++++++
.../jpa/validation/entity/RealmValidator.java | 9 +-
.../entity/RelationshipTypeValidator.java | 19 +++-
.../jpa/validation/entity/ReportValidator.java | 22 +++--
.../entity/OIDCProviderValidator.java | 24 +++--
.../validation/entity/SAML2IdPValidator.java | 27 ++++--
20 files changed, 470 insertions(+), 239 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
index e017d45..acc1577 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
@@ -28,7 +28,7 @@ import org.apache.syncope.client.enduser.SyncopeEnduserApplication;
import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
import org.apache.syncope.client.enduser.SyncopeEnduserSession;
import org.apache.syncope.client.enduser.annotations.Resource;
-import org.apache.syncope.client.enduser.util.UserRequestValidator;
+import org.apache.syncope.client.enduser.util.Validation;
import org.apache.syncope.common.lib.SyncopeClientException;
import org.apache.syncope.common.lib.to.AttrTO;
import org.apache.syncope.common.lib.to.MembershipTO;
@@ -81,7 +81,7 @@ public class UserSelfCreateResource extends BaseUserSelfResource {
LOG.trace("Request is [{}]", userTO);
// check if request is compliant with customization form rules
- if (UserRequestValidator.compliant(userTO,
+ if (Validation.isCompliant(userTO,
SyncopeEnduserApplication.get().getCustomFormAttributes(), true)) {
// 1. membership attributes management
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java
index 3cccb8f..1ea8530 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java
@@ -30,7 +30,7 @@ import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
import org.apache.syncope.client.enduser.SyncopeEnduserSession;
import org.apache.syncope.client.enduser.annotations.Resource;
import org.apache.syncope.client.enduser.model.CustomAttributesInfo;
-import org.apache.syncope.client.enduser.util.UserRequestValidator;
+import org.apache.syncope.client.enduser.util.Validation;
import org.apache.syncope.common.lib.AnyOperations;
import org.apache.syncope.common.lib.EntityTOUtils;
import org.apache.syncope.common.lib.patch.UserPatch;
@@ -70,7 +70,7 @@ public class UserSelfUpdateResource extends BaseUserSelfResource {
SyncopeEnduserApplication.get().getCustomFormAttributes();
// check if request is compliant with customization form rules
- if (UserRequestValidator.compliant(userTO, customFormAttributes, false)) {
+ if (Validation.isCompliant(userTO, customFormAttributes, false)) {
// 1. membership attributes management
Set<AttrTO> membAttrs = new HashSet<>();
userTO.getPlainAttrs().stream().
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/SaltGenerator.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/SaltGenerator.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/SaltGenerator.java
index 00d784d..acb3f13 100644
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/SaltGenerator.java
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/SaltGenerator.java
@@ -43,5 +43,6 @@ public final class SaltGenerator {
}
private SaltGenerator() {
+ // private constructor for static utility class
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/UserRequestValidator.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/UserRequestValidator.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/UserRequestValidator.java
deleted file mode 100644
index 7772fcb..0000000
--- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/UserRequestValidator.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.syncope.client.enduser.util;
-
-import java.util.Map;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.syncope.client.enduser.model.CustomAttribute;
-import org.apache.syncope.client.enduser.model.CustomAttributesInfo;
-import org.apache.syncope.client.enduser.model.CustomTemplateInfo;
-import org.apache.syncope.common.lib.EntityTOUtils;
-import org.apache.syncope.common.lib.to.AttrTO;
-import org.apache.syncope.common.lib.to.UserTO;
-import org.apache.syncope.common.lib.types.SchemaType;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public final class UserRequestValidator {
-
- private static final Logger LOG = LoggerFactory.getLogger(UserRequestValidator.class);
-
- private UserRequestValidator() {
- }
-
- public static boolean compliant(final UserTO userTO, final Map<String, CustomAttributesInfo> customFormAttributes,
- final boolean checkDefaultValues) {
-
- if (customFormAttributes == null || customFormAttributes.isEmpty()) {
- return true;
- }
-
- return validateAttributes(EntityTOUtils.buildAttrMap(userTO.getPlainAttrs()),
- customFormAttributes.get(SchemaType.PLAIN.name()), checkDefaultValues)
- && validateAttributes(EntityTOUtils.buildAttrMap(userTO.getDerAttrs()),
- customFormAttributes.get(SchemaType.DERIVED.name()), checkDefaultValues)
- && validateAttributes(EntityTOUtils.buildAttrMap(userTO.getVirAttrs()),
- customFormAttributes.get(SchemaType.VIRTUAL.name()), checkDefaultValues);
- }
-
- private static boolean validateAttributes(final Map<String, AttrTO> attrMap,
- final CustomAttributesInfo customAttrInfo, final boolean checkDefaultValues) {
-
- return customAttrInfo == null
- || customAttrInfo.getAttributes().isEmpty()
- || attrMap.entrySet().stream().allMatch(entry -> {
- String schemaKey = entry.getKey();
- AttrTO attrTO = entry.getValue();
- CustomAttribute customAttr = customAttrInfo.getAttributes().get(schemaKey);
- boolean compliant = customAttr != null && (!checkDefaultValues || isValid(attrTO, customAttr));
- if (!compliant) {
- LOG.trace("Attribute [{}] or its values [{}] are not allowed by form customization rules",
- attrTO.getSchema(), attrTO.getValues());
- }
- return compliant;
- });
-
- }
-
- public static boolean validateSteps(final CustomTemplateInfo customTemplateInfo) {
- return customTemplateInfo != null
- && StringUtils.isNotBlank(customTemplateInfo.getWizard().getFirstStep())
- && !customTemplateInfo.getWizard().getSteps().isEmpty();
-
- }
-
- public static boolean validateStep(final String stepName, final CustomTemplateInfo customTemplateInfo) {
- return customTemplateInfo != null
- && !customTemplateInfo.getWizard().getSteps().isEmpty()
- && customTemplateInfo.getWizard().getSteps().containsKey(stepName)
- && StringUtils.isNotBlank(customTemplateInfo.getWizard().getSteps().get(stepName).getUrl());
-
- }
-
- private static boolean isValid(final AttrTO attrTO, final CustomAttribute customAttribute) {
- return customAttribute.isReadonly()
- ? attrTO.getValues().stream().allMatch(value -> customAttribute.getDefaultValues().contains(value))
- : true;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/Validation.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/Validation.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/Validation.java
new file mode 100644
index 0000000..4924a53
--- /dev/null
+++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/util/Validation.java
@@ -0,0 +1,96 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.client.enduser.util;
+
+import java.util.Map;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.syncope.client.enduser.model.CustomAttribute;
+import org.apache.syncope.client.enduser.model.CustomAttributesInfo;
+import org.apache.syncope.client.enduser.model.CustomTemplateInfo;
+import org.apache.syncope.common.lib.EntityTOUtils;
+import org.apache.syncope.common.lib.to.AttrTO;
+import org.apache.syncope.common.lib.to.UserTO;
+import org.apache.syncope.common.lib.types.SchemaType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public final class Validation {
+
+ private static final Logger LOG = LoggerFactory.getLogger(Validation.class);
+
+ public static boolean isCompliant(
+ final UserTO userTO,
+ final Map<String, CustomAttributesInfo> customFormAttributes,
+ final boolean checkDefaultValues) {
+
+ if (customFormAttributes == null || customFormAttributes.isEmpty()) {
+ return true;
+ }
+
+ return validateAttributes(EntityTOUtils.buildAttrMap(userTO.getPlainAttrs()),
+ customFormAttributes.get(SchemaType.PLAIN.name()), checkDefaultValues)
+ && validateAttributes(EntityTOUtils.buildAttrMap(userTO.getDerAttrs()),
+ customFormAttributes.get(SchemaType.DERIVED.name()), checkDefaultValues)
+ && validateAttributes(EntityTOUtils.buildAttrMap(userTO.getVirAttrs()),
+ customFormAttributes.get(SchemaType.VIRTUAL.name()), checkDefaultValues);
+ }
+
+ private static boolean validateAttributes(final Map<String, AttrTO> attrMap,
+ final CustomAttributesInfo customAttrInfo, final boolean checkDefaultValues) {
+
+ return customAttrInfo == null
+ || customAttrInfo.getAttributes().isEmpty()
+ || attrMap.entrySet().stream().allMatch(entry -> {
+ String schemaKey = entry.getKey();
+ AttrTO attrTO = entry.getValue();
+ CustomAttribute customAttr = customAttrInfo.getAttributes().get(schemaKey);
+ boolean compliant = customAttr != null && (!checkDefaultValues || isValid(attrTO, customAttr));
+ if (!compliant) {
+ LOG.trace("Attribute [{}] or its values [{}] are not allowed by form customization rules",
+ attrTO.getSchema(), attrTO.getValues());
+ }
+ return compliant;
+ });
+ }
+
+ public static boolean validateSteps(final CustomTemplateInfo customTemplateInfo) {
+ return customTemplateInfo != null
+ && StringUtils.isNotBlank(customTemplateInfo.getWizard().getFirstStep())
+ && !customTemplateInfo.getWizard().getSteps().isEmpty();
+
+ }
+
+ public static boolean validateStep(final String stepName, final CustomTemplateInfo customTemplateInfo) {
+ return customTemplateInfo != null
+ && !customTemplateInfo.getWizard().getSteps().isEmpty()
+ && customTemplateInfo.getWizard().getSteps().containsKey(stepName)
+ && StringUtils.isNotBlank(customTemplateInfo.getWizard().getSteps().get(stepName).getUrl());
+
+ }
+
+ private static boolean isValid(final AttrTO attrTO, final CustomAttribute customAttribute) {
+ return customAttribute.isReadonly()
+ ? attrTO.getValues().stream().allMatch(value -> customAttribute.getDefaultValues().contains(value))
+ : true;
+ }
+
+ private Validation() {
+ // private constructor for static utility class
+ }
+}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/client/enduser/src/test/java/org/apache/syncope/client/enduser/util/UserRequestValidatorTest.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/test/java/org/apache/syncope/client/enduser/util/UserRequestValidatorTest.java b/client/enduser/src/test/java/org/apache/syncope/client/enduser/util/UserRequestValidatorTest.java
deleted file mode 100644
index c1e37e6..0000000
--- a/client/enduser/src/test/java/org/apache/syncope/client/enduser/util/UserRequestValidatorTest.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.syncope.client.enduser.util;
-
-import static org.junit.jupiter.api.Assertions.assertFalse;
-import static org.junit.jupiter.api.Assertions.assertTrue;
-
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.Map;
-import org.apache.syncope.client.enduser.model.CustomAttributesInfo;
-import org.apache.syncope.client.enduser.model.CustomTemplateInfo;
-import org.apache.syncope.common.lib.to.AttrTO;
-import org.apache.syncope.common.lib.to.UserTO;
-import org.junit.jupiter.api.Test;
-import org.springframework.core.io.ClassPathResource;
-
-public class UserRequestValidatorTest {
-
- private AttrTO attrTO(String schemaKey, String... values) {
- return new AttrTO.Builder().schema(schemaKey).values(values).build();
- }
-
- @Test
- public void testCompliant() throws IOException {
- UserTO userTO = new UserTO();
- // plain
- AttrTO firstname = attrTO("firstname", "defaultFirstname");
- AttrTO surname = attrTO("surname", "surnameValue");
- AttrTO additionalCtype = attrTO("additional#ctype", "ctypeValue");
- AttrTO notAllowed = attrTO("not_allowed", "notAllowedValue");
- userTO.getPlainAttrs().addAll(Arrays.asList(firstname, surname, notAllowed, additionalCtype));
-
- Map<String, CustomAttributesInfo> customFormAttributes = new ObjectMapper().readValue(new ClassPathResource(
- "customFormAttributes.json").getFile(), new TypeReference<HashMap<String, CustomAttributesInfo>>() {
- });
-
- CustomTemplateInfo customTemplate = new ObjectMapper().readValue(new ClassPathResource(
- "customTemplate.json").getFile(), CustomTemplateInfo.class);
-
- // not allowed because of presence of notAllowed attribute
- assertFalse(UserRequestValidator.compliant(userTO, customFormAttributes, true));
-
- // remove notAllowed attribute and make it compliant
- userTO.getPlainAttrs().remove(notAllowed);
- assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, true));
-
- // firstname must have only one defaultValue
- userTO.getPlainAttr("firstname").get().getValues().add("notAllowedFirstnameValue");
- assertFalse(UserRequestValidator.compliant(userTO, customFormAttributes, true));
- assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, false));
-
- // clean
- userTO.getPlainAttr("firstname").get().getValues().remove("notAllowedFirstnameValue");
-
- // virtual
- AttrTO virtualdata = attrTO("virtualdata", "defaultVirtualData");
- userTO.getVirAttrs().add(virtualdata);
- assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, true));
-
- // with empty form is compliant by definition
- assertTrue(UserRequestValidator.compliant(userTO, new HashMap<>(), true));
-
- // check wizard steps
- // only "credentials", "plainSchemas" and "finish" steps must be visible
- assertTrue(UserRequestValidator.validateSteps(customTemplate));
-
- assertTrue(UserRequestValidator.validateStep("credentials", customTemplate));
- assertTrue(UserRequestValidator.validateStep("plainSchemas", customTemplate));
- assertTrue(UserRequestValidator.validateStep("finish", customTemplate));
-
- assertFalse(UserRequestValidator.validateStep("test", customTemplate));
- assertFalse(UserRequestValidator.validateStep("resources", customTemplate));
- assertFalse(UserRequestValidator.validateStep("virtualSchemas", customTemplate));
- assertFalse(UserRequestValidator.validateStep("derivedSchemas", customTemplate));
- assertFalse(UserRequestValidator.validateStep("groups", customTemplate));
- }
-
-}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/client/enduser/src/test/java/org/apache/syncope/client/enduser/util/ValidationTest.java
----------------------------------------------------------------------
diff --git a/client/enduser/src/test/java/org/apache/syncope/client/enduser/util/ValidationTest.java b/client/enduser/src/test/java/org/apache/syncope/client/enduser/util/ValidationTest.java
new file mode 100644
index 0000000..6eb5a0b
--- /dev/null
+++ b/client/enduser/src/test/java/org/apache/syncope/client/enduser/util/ValidationTest.java
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.client.enduser.util;
+
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+import org.apache.syncope.client.enduser.model.CustomAttributesInfo;
+import org.apache.syncope.client.enduser.model.CustomTemplateInfo;
+import org.apache.syncope.common.lib.to.AttrTO;
+import org.apache.syncope.common.lib.to.UserTO;
+import org.junit.jupiter.api.Test;
+import org.springframework.core.io.ClassPathResource;
+
+public class ValidationTest {
+
+ private AttrTO attrTO(String schemaKey, String... values) {
+ return new AttrTO.Builder().schema(schemaKey).values(values).build();
+ }
+
+ @Test
+ public void testCompliant() throws IOException {
+ UserTO userTO = new UserTO();
+ // plain
+ AttrTO firstname = attrTO("firstname", "defaultFirstname");
+ AttrTO surname = attrTO("surname", "surnameValue");
+ AttrTO additionalCtype = attrTO("additional#ctype", "ctypeValue");
+ AttrTO notAllowed = attrTO("not_allowed", "notAllowedValue");
+ userTO.getPlainAttrs().addAll(Arrays.asList(firstname, surname, notAllowed, additionalCtype));
+
+ Map<String, CustomAttributesInfo> customFormAttributes = new ObjectMapper().readValue(new ClassPathResource(
+ "customFormAttributes.json").getFile(), new TypeReference<HashMap<String, CustomAttributesInfo>>() {
+ });
+
+ CustomTemplateInfo customTemplate = new ObjectMapper().readValue(new ClassPathResource(
+ "customTemplate.json").getFile(), CustomTemplateInfo.class);
+
+ // not allowed because of presence of notAllowed attribute
+ assertFalse(Validation.isCompliant(userTO, customFormAttributes, true));
+
+ // remove notAllowed attribute and make it compliant
+ userTO.getPlainAttrs().remove(notAllowed);
+ assertTrue(Validation.isCompliant(userTO, customFormAttributes, true));
+
+ // firstname must have only one defaultValue
+ userTO.getPlainAttr("firstname").get().getValues().add("notAllowedFirstnameValue");
+ assertFalse(Validation.isCompliant(userTO, customFormAttributes, true));
+ assertTrue(Validation.isCompliant(userTO, customFormAttributes, false));
+
+ // clean
+ userTO.getPlainAttr("firstname").get().getValues().remove("notAllowedFirstnameValue");
+
+ // virtual
+ AttrTO virtualdata = attrTO("virtualdata", "defaultVirtualData");
+ userTO.getVirAttrs().add(virtualdata);
+ assertTrue(Validation.isCompliant(userTO, customFormAttributes, true));
+
+ // with empty form is compliant by definition
+ assertTrue(Validation.isCompliant(userTO, new HashMap<>(), true));
+
+ // check wizard steps
+ // only "credentials", "plainSchemas" and "finish" steps must be visible
+ assertTrue(Validation.validateSteps(customTemplate));
+
+ assertTrue(Validation.validateStep("credentials", customTemplate));
+ assertTrue(Validation.validateStep("plainSchemas", customTemplate));
+ assertTrue(Validation.validateStep("finish", customTemplate));
+
+ assertFalse(Validation.validateStep("test", customTemplate));
+ assertFalse(Validation.validateStep("resources", customTemplate));
+ assertFalse(Validation.validateStep("virtualSchemas", customTemplate));
+ assertFalse(Validation.validateStep("derivedSchemas", customTemplate));
+ assertFalse(Validation.validateStep("groups", customTemplate));
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/policy/AbstractPolicy.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/policy/AbstractPolicy.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/policy/AbstractPolicy.java
index 27fcb85..5344a1e 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/policy/AbstractPolicy.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/policy/AbstractPolicy.java
@@ -24,9 +24,11 @@ import javax.persistence.InheritanceType;
import javax.validation.constraints.NotNull;
import org.apache.syncope.core.persistence.api.entity.policy.Policy;
import org.apache.syncope.core.persistence.jpa.entity.AbstractGeneratedKeyEntity;
+import org.apache.syncope.core.persistence.jpa.validation.entity.PolicyCheck;
@Entity
@Inheritance(strategy = InheritanceType.TABLE_PER_CLASS)
+@PolicyCheck
public abstract class AbstractPolicy extends AbstractGeneratedKeyEntity implements Policy {
private static final long serialVersionUID = -5844833125843247458L;
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AbstractValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AbstractValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AbstractValidator.java
index 5b12d14..b06d5ea 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AbstractValidator.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AbstractValidator.java
@@ -41,4 +41,8 @@ public abstract class AbstractValidator<A extends Annotation, T> implements Cons
protected final String getTemplate(final EntityViolationType type, final String message) {
return type.name() + ";" + message;
}
+
+ protected boolean isHtml(final String text) {
+ return text != null && (text.indexOf('<') != -1 || text.indexOf('>') != -1);
+ }
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassCheck.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassCheck.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassCheck.java
new file mode 100644
index 0000000..01572b3
--- /dev/null
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassCheck.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.persistence.jpa.validation.entity;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+@Target({ ElementType.TYPE })
+@Retention(RetentionPolicy.RUNTIME)
+@Constraint(validatedBy = AnyTypeClassValidator.class)
+@Documented
+public @interface AnyTypeClassCheck {
+
+ String message() default "{org.apache.syncope.core.persistence.validation.anytypeclass}";
+
+ Class<?>[] groups() default {};
+
+ Class<? extends Payload>[] payload() default {};
+}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassValidator.java
new file mode 100644
index 0000000..baf8d71
--- /dev/null
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassValidator.java
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.persistence.jpa.validation.entity;
+
+import javax.validation.ConstraintValidatorContext;
+import org.apache.syncope.common.lib.types.EntityViolationType;
+import org.apache.syncope.core.persistence.api.entity.AnyTypeClass;
+
+public class AnyTypeClassValidator extends AbstractValidator<AnyTypeClassCheck, AnyTypeClass> {
+
+ @Override
+ public boolean isValid(final AnyTypeClass anyTypeClass, final ConstraintValidatorContext context) {
+ context.disableDefaultConstraintViolation();
+
+ boolean isValid = true;
+
+ if (isHtml(anyTypeClass.getKey())) {
+ context.buildConstraintViolationWithTemplate(
+ getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+ addPropertyNode("key").addConstraintViolation();
+
+ isValid = false;
+ }
+
+ return isValid;
+ }
+}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeValidator.java
index 639061a..6fb7078 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeValidator.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeValidator.java
@@ -27,32 +27,41 @@ import org.apache.syncope.core.persistence.api.entity.AnyType;
public class AnyTypeValidator extends AbstractValidator<AnyTypeCheck, AnyType> {
@Override
- public boolean isValid(final AnyType object, final ConstraintValidatorContext context) {
+ public boolean isValid(final AnyType anyType, final ConstraintValidatorContext context) {
context.disableDefaultConstraintViolation();
- boolean isValid;
- switch (object.getKind()) {
+ boolean isValid = true;
+
+ if (isHtml(anyType.getKey())) {
+ context.buildConstraintViolationWithTemplate(
+ getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+ addPropertyNode("key").addConstraintViolation();
+
+ isValid = false;
+ }
+
+ boolean nameKindMatch;
+ switch (anyType.getKind()) {
case USER:
- isValid = AnyTypeKind.USER.name().equalsIgnoreCase(object.getKey());
+ nameKindMatch = AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey());
break;
case GROUP:
- isValid = AnyTypeKind.GROUP.name().equalsIgnoreCase(object.getKey());
+ nameKindMatch = AnyTypeKind.GROUP.name().equalsIgnoreCase(anyType.getKey());
break;
case ANY_OBJECT:
default:
- isValid = !AnyTypeKind.USER.name().equalsIgnoreCase(object.getKey())
- && !AnyTypeKind.GROUP.name().equalsIgnoreCase(object.getKey())
- && !SyncopeConstants.REALM_ANYTYPE.equalsIgnoreCase(object.getKey());
+ nameKindMatch = !AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey())
+ && !AnyTypeKind.GROUP.name().equalsIgnoreCase(anyType.getKey())
+ && !SyncopeConstants.REALM_ANYTYPE.equalsIgnoreCase(anyType.getKey());
}
-
- if (!isValid) {
+ if (!nameKindMatch) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidAnyType, "Name / kind mismatch")).
addPropertyNode("name").addConstraintViolation();
}
- return isValid;
+ return isValid && nameKindMatch;
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java
index ecb0edb..ffbe438 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java
@@ -28,8 +28,18 @@ public class ConnInstanceValidator extends AbstractValidator<ConnInstanceCheck,
@Override
public boolean isValid(final ConnInstance connInstance, final ConstraintValidatorContext context) {
+ context.disableDefaultConstraintViolation();
+
boolean isValid = true;
+ if (isHtml(connInstance.getDisplayName())) {
+ context.buildConstraintViolationWithTemplate(
+ getTemplate(EntityViolationType.InvalidName, "Invalid display name")).
+ addPropertyNode("displayName").addConstraintViolation();
+
+ isValid = false;
+ }
+
try {
URIUtils.buildForConnId(connInstance.getLocation());
} catch (Exception e) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyCheck.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyCheck.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyCheck.java
new file mode 100644
index 0000000..45873be
--- /dev/null
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyCheck.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.persistence.jpa.validation.entity;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+@Target({ ElementType.TYPE })
+@Retention(RetentionPolicy.RUNTIME)
+@Constraint(validatedBy = PolicyValidator.class)
+@Documented
+public @interface PolicyCheck {
+
+ String message() default "{org.apache.syncope.core.persistence.validation.policy}";
+
+ Class<?>[] groups() default {};
+
+ Class<? extends Payload>[] payload() default {};
+}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyValidator.java
new file mode 100644
index 0000000..47a06e9
--- /dev/null
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyValidator.java
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.persistence.jpa.validation.entity;
+
+import javax.validation.ConstraintValidatorContext;
+import org.apache.syncope.common.lib.types.EntityViolationType;
+import org.apache.syncope.core.persistence.api.entity.policy.Policy;
+
+public class PolicyValidator extends AbstractValidator<RoleCheck, Policy> {
+
+ @Override
+ public boolean isValid(final Policy policy, final ConstraintValidatorContext context) {
+ context.disableDefaultConstraintViolation();
+
+ if (isHtml(policy.getDescription())) {
+ context.buildConstraintViolationWithTemplate(
+ getTemplate(EntityViolationType.InvalidName, "Invalid description")).
+ addPropertyNode("description").addConstraintViolation();
+ return false;
+ }
+
+ return true;
+ }
+}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RealmValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RealmValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RealmValidator.java
index 6b542d0..7a05ea8 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RealmValidator.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RealmValidator.java
@@ -39,8 +39,7 @@ public class RealmValidator extends AbstractValidator<RealmCheck, Realm> {
isValid = false;
context.buildConstraintViolationWithTemplate(
- getTemplate(EntityViolationType.InvalidRealm,
- "Root realm cannot have a parent realm")).
+ getTemplate(EntityViolationType.InvalidRealm, "Root realm cannot have a parent realm")).
addPropertyNode("parent").addConstraintViolation();
}
} else {
@@ -48,8 +47,7 @@ public class RealmValidator extends AbstractValidator<RealmCheck, Realm> {
isValid = false;
context.buildConstraintViolationWithTemplate(
- getTemplate(EntityViolationType.InvalidRealm,
- "A realm needs to reference a parent realm")).
+ getTemplate(EntityViolationType.InvalidRealm, "A realm needs to reference a parent realm")).
addPropertyNode("parent").addConstraintViolation();
}
@@ -57,8 +55,7 @@ public class RealmValidator extends AbstractValidator<RealmCheck, Realm> {
isValid = false;
context.buildConstraintViolationWithTemplate(
- getTemplate(EntityViolationType.InvalidRealm,
- "Only letters and numbers are allowed in realm name")).
+ getTemplate(EntityViolationType.InvalidRealm, "Only alphanumeric chars allowed in realm name")).
addPropertyNode("name").addConstraintViolation();
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RelationshipTypeValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RelationshipTypeValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RelationshipTypeValidator.java
index 9953859..550b153 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RelationshipTypeValidator.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RelationshipTypeValidator.java
@@ -26,16 +26,27 @@ import org.apache.syncope.core.persistence.api.entity.RelationshipType;
public class RelationshipTypeValidator extends AbstractValidator<RelationshipTypeCheck, RelationshipType> {
@Override
- public boolean isValid(final RelationshipType object, final ConstraintValidatorContext context) {
+ public boolean isValid(final RelationshipType relationShipType, final ConstraintValidatorContext context) {
context.disableDefaultConstraintViolation();
- if (MembershipType.getInstance().getKey().equalsIgnoreCase(object.getKey())) {
+ boolean isValid = true;
+
+ if (isHtml(relationShipType.getKey())) {
+ context.buildConstraintViolationWithTemplate(
+ getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+ addPropertyNode("key").addConstraintViolation();
+
+ isValid = false;
+ }
+
+ if (MembershipType.getInstance().getKey().equalsIgnoreCase(relationShipType.getKey())) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidKey, "Invalid relationshipType name")).
addPropertyNode("key").addConstraintViolation();
- return false;
+
+ isValid = false;
}
- return true;
+ return isValid;
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ReportValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ReportValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ReportValidator.java
index e58a889..2be2072 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ReportValidator.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ReportValidator.java
@@ -31,14 +31,24 @@ public class ReportValidator extends AbstractValidator<ReportCheck, Report> {
@Override
@SuppressWarnings("ResultOfObjectAllocationIgnored")
- public boolean isValid(final Report object, final ConstraintValidatorContext context) {
+ public boolean isValid(final Report report, final ConstraintValidatorContext context) {
+ context.disableDefaultConstraintViolation();
+
boolean isValid = true;
- if (object.getCronExpression() != null) {
+ if (isHtml(report.getName())) {
+ context.buildConstraintViolationWithTemplate(
+ getTemplate(EntityViolationType.InvalidName, "Invalid name")).
+ addPropertyNode("name").addConstraintViolation();
+
+ isValid = false;
+ }
+
+ if (report.getCronExpression() != null) {
try {
- new CronExpression(object.getCronExpression());
+ new CronExpression(report.getCronExpression());
} catch (ParseException e) {
- LOG.error("Invalid cron expression '" + object.getCronExpression() + "'", e);
+ LOG.error("Invalid cron expression '" + report.getCronExpression() + "'", e);
isValid = false;
context.disableDefaultConstraintViolation();
@@ -48,9 +58,9 @@ public class ReportValidator extends AbstractValidator<ReportCheck, Report> {
}
}
- Set<String> reportletKeys = object.getReportlets().stream().
+ Set<String> reportletKeys = report.getReportlets().stream().
map(Entity::getKey).collect(Collectors.toSet());
- if (reportletKeys.size() != object.getReportlets().size()) {
+ if (reportletKeys.size() != report.getReportlets().size()) {
LOG.error("Reportlet key must be unique");
isValid = false;
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/ext/oidcclient/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/OIDCProviderValidator.java
----------------------------------------------------------------------
diff --git a/ext/oidcclient/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/OIDCProviderValidator.java b/ext/oidcclient/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/OIDCProviderValidator.java
index 9e9d687..90cf59b 100644
--- a/ext/oidcclient/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/OIDCProviderValidator.java
+++ b/ext/oidcclient/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/OIDCProviderValidator.java
@@ -22,24 +22,35 @@ import javax.validation.ConstraintValidatorContext;
import org.apache.syncope.common.lib.types.EntityViolationType;
import org.apache.syncope.common.lib.types.ImplementationEngine;
import org.apache.syncope.core.persistence.api.entity.OIDCProvider;
+import org.apache.syncope.core.persistence.api.entity.resource.Item;
import org.apache.syncope.core.provisioning.api.data.ItemTransformer;
public class OIDCProviderValidator extends AbstractValidator<OIDCProviderCheck, OIDCProvider> {
@Override
- public boolean isValid(final OIDCProvider value, final ConstraintValidatorContext context) {
+ public boolean isValid(final OIDCProvider oidcProvider, final ConstraintValidatorContext context) {
+ context.disableDefaultConstraintViolation();
- if (value.isSelfRegUnmatching() && value.isCreateUnmatching()) {
+ if (isHtml(oidcProvider.getKey())) {
+ context.buildConstraintViolationWithTemplate(
+ getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+ addPropertyNode("key").addConstraintViolation();
+
+ return false;
+ }
+
+ if (oidcProvider.isSelfRegUnmatching() && oidcProvider.isCreateUnmatching()) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.Standard,
"Either selfRegUnmatching or createUnmatching, not both")).
addPropertyNode("selfRegUnmatching").
addPropertyNode("createUnmatching").addConstraintViolation();
+
return false;
}
- long connObjectKeys = value.getItems().stream().filter(item -> item.isConnObjectKey()).count();
- if (!value.getItems().isEmpty() && connObjectKeys != 1) {
+ long connObjectKeys = oidcProvider.getItems().stream().filter(Item::isConnObjectKey).count();
+ if (!oidcProvider.getItems().isEmpty() && connObjectKeys != 1) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidMapping, "Single ConnObjectKey mapping is required")).
addPropertyNode("connObjectKey.size").addConstraintViolation();
@@ -48,7 +59,7 @@ public class OIDCProviderValidator extends AbstractValidator<OIDCProviderCheck,
final boolean[] isValid = new boolean[] { true };
- long passwords = value.getItems().stream().filter(item -> item.isPassword()).count();
+ long passwords = oidcProvider.getItems().stream().filter(Item::isPassword).count();
if (passwords > 0) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidMapping, "No password mapping is allowed")).
@@ -56,11 +67,10 @@ public class OIDCProviderValidator extends AbstractValidator<OIDCProviderCheck,
isValid[0] = false;
}
- value.getItems().forEach(item -> {
+ oidcProvider.getItems().forEach(item -> {
item.getTransformers().stream().
filter(transformer -> transformer.getEngine() == ImplementationEngine.JAVA).
forEach(transformer -> {
-
Class<?> actionsClass = null;
boolean isAssignable = false;
try {
http://git-wip-us.apache.org/repos/asf/syncope/blob/b25a8834/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/SAML2IdPValidator.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/SAML2IdPValidator.java b/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/SAML2IdPValidator.java
index ab2f112..a14d420 100644
--- a/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/SAML2IdPValidator.java
+++ b/ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/SAML2IdPValidator.java
@@ -22,32 +22,45 @@ import javax.validation.ConstraintValidatorContext;
import org.apache.syncope.common.lib.types.EntityViolationType;
import org.apache.syncope.common.lib.types.ImplementationEngine;
import org.apache.syncope.core.persistence.api.entity.SAML2IdP;
+import org.apache.syncope.core.persistence.api.entity.resource.Item;
import org.apache.syncope.core.provisioning.api.data.ItemTransformer;
public class SAML2IdPValidator extends AbstractValidator<SAML2IdPCheck, SAML2IdP> {
@Override
- public boolean isValid(final SAML2IdP value, final ConstraintValidatorContext context) {
- if (value.isSelfRegUnmatching() && value.isCreateUnmatching()) {
+ public boolean isValid(final SAML2IdP saml2IdP, final ConstraintValidatorContext context) {
+ context.disableDefaultConstraintViolation();
+
+ if (isHtml(saml2IdP.getKey())) {
+ context.buildConstraintViolationWithTemplate(
+ getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+ addPropertyNode("key").addConstraintViolation();
+
+ return false;
+ }
+
+ if (saml2IdP.isSelfRegUnmatching() && saml2IdP.isCreateUnmatching()) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.Standard,
"Either selfRegUnmatching or createUnmatching, not both")).
addPropertyNode("selfRegUnmatching").
addPropertyNode("createUnmatching").addConstraintViolation();
+
return false;
}
- long connObjectKeys = value.getItems().stream().filter(item -> item.isConnObjectKey()).count();
- if (!value.getItems().isEmpty() && connObjectKeys != 1) {
+ long connObjectKeys = saml2IdP.getItems().stream().filter(Item::isConnObjectKey).count();
+ if (!saml2IdP.getItems().isEmpty() && connObjectKeys != 1) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidMapping, "Single ConnObjectKey mapping is required")).
addPropertyNode("connObjectKey.size").addConstraintViolation();
+
return false;
}
final boolean[] isValid = new boolean[] { true };
- long passwords = value.getItems().stream().filter(item -> item.isPassword()).count();
+ long passwords = saml2IdP.getItems().stream().filter(Item::isPassword).count();
if (passwords > 0) {
context.buildConstraintViolationWithTemplate(
getTemplate(EntityViolationType.InvalidMapping, "No password mapping is allowed")).
@@ -55,11 +68,10 @@ public class SAML2IdPValidator extends AbstractValidator<SAML2IdPCheck, SAML2IdP
isValid[0] = false;
}
- value.getItems().forEach(item -> {
+ saml2IdP.getItems().forEach(item -> {
item.getTransformers().stream().
filter(transformer -> transformer.getEngine() == ImplementationEngine.JAVA).
forEach(transformer -> {
-
Class<?> actionsClass = null;
boolean isAssignable = false;
try {
@@ -81,5 +93,4 @@ public class SAML2IdPValidator extends AbstractValidator<SAML2IdPCheck, SAML2IdP
return isValid[0];
}
-
}