You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by oc...@apache.org on 2008/05/27 13:38:23 UTC
svn commit: r660472 -
/archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/repositories/RepositoryGroupsAction.java
Author: oching
Date: Tue May 27 04:38:22 2008
New Revision: 660472
URL: http://svn.apache.org/viewvc?rev=660472&view=rev
Log:
[MRM-819]
added validation to allow only alphanumeric, '.', '-' and '_' characters for repo group id
Modified:
archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/repositories/RepositoryGroupsAction.java
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/repositories/RepositoryGroupsAction.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/repositories/RepositoryGroupsAction.java?rev=660472&r1=660471&r2=660472&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/repositories/RepositoryGroupsAction.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/repositories/RepositoryGroupsAction.java Tue May 27 04:38:22 2008
@@ -21,6 +21,9 @@
import java.util.List;
import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
import javax.servlet.http.HttpServletRequest;
import com.opensymphony.webwork.interceptor.ServletRequestAware;
@@ -60,6 +63,8 @@
*/
private String baseUrl;
+ private static final Pattern REPO_GROUP_ID_PATTERN = Pattern.compile( "[A-Za-z0-9\\._\\-]+" );
+
public void setServletRequest( HttpServletRequest request )
{
this.baseUrl = ContextUtils.getBaseURL( request, "repository" );
@@ -81,6 +86,25 @@
String repoGroupId = repositoryGroup.getId();
+ if( repoGroupId == null || "".equals( repoGroupId.trim() ) )
+ {
+ addActionError( "Identifier field is required." );
+ return ERROR;
+ }
+
+ if( repoGroupId.length() > 100 )
+ {
+ addActionError( "Identifier [" + repoGroupId + "] is over the maximum limit of 100 characters" );
+ return ERROR;
+ }
+
+ Matcher matcher = REPO_GROUP_ID_PATTERN.matcher( repoGroupId );
+ if( !matcher.matches() )
+ {
+ addActionError( "Invalid character(s) found in identifier. Only the following characters are allowed: alphanumeric, '.', '-' and '_'" );
+ return ERROR;
+ }
+
if ( StringUtils.isBlank( repoGroupId ) )
{
addActionError( "You must enter a repository group id." );
@@ -105,12 +129,6 @@
+ "], that id already exists as a remote repository." );
return ERROR;
}
-
- if( repoGroupId.length() > 100 )
- {
- addActionError( "Identifier [" + repoGroupId + "] is over the maximum limit of 100 characters" );
- return ERROR;
- }
configuration.addRepositoryGroup( repositoryGroup );
return saveConfiguration( configuration );