Closes #379: spaces and colons not allowed in tag name

2024-11-22 05:57:57 +01:00 · 2020-02-14 21:40:13 +01:00 · 2020-02-14 21:40:13 +01:00 · d619f98de7
commit d619f98de7
parent 89228a52dc
4 changed files with 44 additions and 17 deletions
--- a/docs-core/src/test/java/com/sismics/util/format/TestPdfFormatHandler.java
+++ b/docs-core/src/test/java/com/sismics/util/format/TestPdfFormatHandler.java
@ -6,7 +6,15 @@ import org.junit.Test;

 import java.nio.file.Paths;

+/**
+ * Test of {@link PdfFormatHandler}
+ *
+ * @author bgamard
+ */
 public class TestPdfFormatHandler {
+    /**
+     * Test related to https://github.com/sismics/docs/issues/373.
+     */
    @Test
    public void testIssue373() throws Exception {
        PdfFormatHandler formatHandler = new PdfFormatHandler();
--- a/docs-web-common/src/main/java/com/sismics/rest/util/ValidationUtil.java
+++ b/docs-web-common/src/main/java/com/sismics/rest/util/ValidationUtil.java
@ -112,6 +112,17 @@ public class ValidationUtil {
        ValidationUtil.validateLength(s, name, 7, 7, nullable);
    }

+    /**
+     * Validate a tag name.
+     *
+     * @param name Name of the tag
+     */
+    public static void validateTagName(String name) throws ClientException {
+        if (name.contains(" ") || name.contains(":")) {
+            throw new ClientException("IllegalTagName", "Spaces and colons are not allowed in tag name");
+        }
+    }
+
    /**
     * Validates that the provided string matches an URL with HTTP or HTTPS scheme.
     * 
--- a/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java
+++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java
@ -155,7 +155,7 @@ public class TagResource extends BaseResource {
     * @apiSuccess {String} id Tag ID
     * @apiError (client) ForbiddenError Access denied
     * @apiError (client) ValidationError Validation error
-     * @apiError (client) SpacesNotAllowed Spaces are not allowed in tag name
+     * @apiError (client) IllegalTagName Spaces and colons are not allowed in tag name
     * @apiError (client) ParentNotFound Parent not found
     * @apiPermission user
     * @apiVersion 1.5.0
@ -177,11 +177,7 @@ public class TagResource extends BaseResource {
        // Validate input data
        name = ValidationUtil.validateLength(name, "name", 1, 36, false);
        ValidationUtil.validateHexColor(color, "color", true);
-        
-        // Don't allow spaces
-        if (name.contains(" ")) {
-            throw new ClientException("SpacesNotAllowed", "Spaces are not allowed in tag name");
-        }
+        ValidationUtil.validateTagName(name);

        // Check the parent
        if (StringUtils.isEmpty(parentId)) {
@ -237,7 +233,7 @@ public class TagResource extends BaseResource {
     * @apiSuccess {String} id Tag ID
     * @apiError (client) ForbiddenError Access denied
     * @apiError (client) ValidationError Validation error
-     * @apiError (client) SpacesNotAllowed Spaces are not allowed in tag name
+     * @apiError (client) IllegalTagName Spaces and colons are not allowed in tag name
     * @apiError (client) ParentNotFound Parent not found
     * @apiError (client) CircularReference Circular reference in parent tag
     * @apiError (client) NotFound Tag not found
@ -263,11 +259,7 @@ public class TagResource extends BaseResource {
        // Validate input data
        name = ValidationUtil.validateLength(name, "name", 1, 36, true);
        ValidationUtil.validateHexColor(color, "color", true);
-        
-        // Don't allow spaces
-        if (name.contains(" ")) {
-            throw new ClientException("SpacesNotAllowed", "Spaces are not allowed in tag name");
-        }
+        ValidationUtil.validateTagName(name);

        // Check permission
        AclDao aclDao = new AclDao();
--- a/docs-web/src/test/java/com/sismics/docs/rest/TestTagResource.java
+++ b/docs-web/src/test/java/com/sismics/docs/rest/TestTagResource.java
@ -26,6 +26,22 @@ public class TestTagResource extends BaseJerseyTest {
        clientUtil.createUser("tag1");
        String tag1Token = clientUtil.login("tag1");

+        // Create a tag with a wrong name
+        Response response = target().path("/tag").request()
+                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
+                .put(Entity.form(new Form()
+                        .param("name", "Tag:3")
+                        .param("color", "#ff0000")));
+        Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
+
+        // Create a tag with a wrong name
+        response = target().path("/tag").request()
+                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
+                .put(Entity.form(new Form()
+                        .param("name", "Tag 3")
+                        .param("color", "#ff0000")));
+        Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
+
        // Create a tag
        JsonObject json = target().path("/tag").request()
                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
@ -46,7 +62,7 @@ public class TestTagResource extends BaseJerseyTest {
        Assert.assertNotNull(tag4Id);

        // Create a circular reference
-        Response response = target().path("/tag/" + tag3Id).request()
+        response = target().path("/tag/" + tag3Id).request()
                .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
                .post(Entity.form(new Form()
                        .param("name", "Tag3")