Add email validation on collaborators.

This commit is contained in:
Paulo Gustavo Veiga 2022-02-14 19:59:36 -08:00
parent 188b280bf2
commit 5c0c18eba0
3 changed files with 36 additions and 16 deletions

View File

@ -213,12 +213,6 @@
<artifactId>commons-dbcp2</artifactId> <artifactId>commons-dbcp2</artifactId>
<version>2.9.0</version> <version>2.9.0</version>
</dependency> </dependency>
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
<version>1.2.1</version>
<scope>runtime</scope>
</dependency>
<dependency> <dependency>
<groupId>org.hibernate</groupId> <groupId>org.hibernate</groupId>
<artifactId>hibernate-ehcache</artifactId> <artifactId>hibernate-ehcache</artifactId>
@ -240,6 +234,12 @@
<version>1.2.17</version> <version>1.2.17</version>
<scope>compile</scope> <scope>compile</scope>
</dependency> </dependency>
<!-- https://mvnrepository.com/artifact/commons-validator/commons-validator -->
<dependency>
<groupId>commons-validator</groupId>
<artifactId>commons-validator</artifactId>
<version>1.7</version>
</dependency>
<!-- Only for test purposes --> <!-- Only for test purposes -->
<dependency> <dependency>
<groupId>org.hsqldb</groupId> <groupId>org.hsqldb</groupId>
@ -250,7 +250,7 @@
<dependency> <dependency>
<groupId>com.fasterxml.jackson.core</groupId> <groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId> <artifactId>jackson-databind</artifactId>
<version>2.11.3</version> <version>2.13.1</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>javax.servlet</groupId> <groupId>javax.servlet</groupId>
@ -277,7 +277,7 @@
<dependency> <dependency>
<groupId>org.apache.httpcomponents</groupId> <groupId>org.apache.httpcomponents</groupId>
<artifactId>fluent-hc</artifactId> <artifactId>fluent-hc</artifactId>
<version>4.5.5</version> <version>4.5.13</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>junit</groupId> <groupId>junit</groupId>

View File

@ -27,6 +27,7 @@ import com.wisemapping.rest.model.*;
import com.wisemapping.security.Utils; import com.wisemapping.security.Utils;
import com.wisemapping.service.*; import com.wisemapping.service.*;
import com.wisemapping.validator.MapInfoValidator; import com.wisemapping.validator.MapInfoValidator;
import org.apache.commons.validator.routines.EmailValidator;
import org.apache.log4j.Logger; import org.apache.log4j.Logger;
import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -296,7 +297,14 @@ public class MindmapController extends BaseController {
// Compare one by one if some of the elements has been changed .... // Compare one by one if some of the elements has been changed ....
final Set<Collaboration> collabsToRemove = new HashSet<>(mindMap.getCollaborations()); final Set<Collaboration> collabsToRemove = new HashSet<>(mindMap.getCollaborations());
for (RestCollaboration restCollab : restCollabs.getCollaborations()) { for (RestCollaboration restCollab : restCollabs.getCollaborations()) {
final Collaboration collaboration = mindMap.findCollaboration(restCollab.getEmail()); final String email = restCollab.getEmail();
// Is a valid email address ?
if (!EmailValidator.getInstance().isValid(email)) {
throw new IllegalArgumentException(email + " is not valid email address");
}
final Collaboration collaboration = mindMap.findCollaboration(email);
// Validate role format ... // Validate role format ...
String roleStr = restCollab.getRole(); String roleStr = restCollab.getRole();
if (roleStr == null) { if (roleStr == null) {
@ -333,6 +341,17 @@ public class MindmapController extends BaseController {
throw new IllegalArgumentException("No enough permissions"); throw new IllegalArgumentException("No enough permissions");
} }
// Is valid email address ?
final EmailValidator emailValidator = EmailValidator.getInstance();
restCollabs
.getCollaborations()
.forEach(collab -> {
// Is a valid email address ?
if (!emailValidator.isValid(collab.getEmail())) {
throw new IllegalArgumentException(collab.getEmail() + " is not valid email address");
}
});
// Has any role changed ?. Just removed it. // Has any role changed ?. Just removed it.
final Map<String, Collaboration> mapsByEmail = mindMap final Map<String, Collaboration> mapsByEmail = mindMap
.getCollaborations() .getCollaborations()
@ -432,6 +451,12 @@ public class MindmapController extends BaseController {
public void deleteCollabByEmail(@PathVariable int id, @RequestParam(required = false) String email) throws IOException, WiseMappingException { public void deleteCollabByEmail(@PathVariable int id, @RequestParam(required = false) String email) throws IOException, WiseMappingException {
logger.debug("Deleting permission for email:" + email); logger.debug("Deleting permission for email:" + email);
// Is a valid email address ?
final EmailValidator emailValidator = EmailValidator.getInstance();
if (!emailValidator.isValid(email)) {
throw new IllegalArgumentException(email + " is not valid email address");
}
final Mindmap mindmap = findMindmapById(id); final Mindmap mindmap = findMindmapById(id);
final User user = Utils.getUser(); final User user = Utils.getUser();
@ -495,6 +520,7 @@ public class MindmapController extends BaseController {
mindmapService.removeMindmap(mindmap, user); mindmapService.removeMindmap(mindmap, user);
} }
} }
@RequestMapping(method = RequestMethod.POST, value = "/maps", consumes = {"application/xml", "application/json"}) @RequestMapping(method = RequestMethod.POST, value = "/maps", consumes = {"application/xml", "application/json"})
@ResponseStatus(value = HttpStatus.CREATED) @ResponseStatus(value = HttpStatus.CREATED)
public void createMap(@RequestBody(required = false) String mapXml, @NotNull HttpServletResponse response, @RequestParam(required = false) String title, @RequestParam(required = false) String description) throws IOException, WiseMappingException { public void createMap(@RequestBody(required = false) String mapXml, @NotNull HttpServletResponse response, @RequestParam(required = false) String title, @RequestParam(required = false) String description) throws IOException, WiseMappingException {

View File

@ -64,12 +64,6 @@
class="org.springframework.web.servlet.i18n.SessionLocaleResolver"> class="org.springframework.web.servlet.i18n.SessionLocaleResolver">
</bean> </bean>
<bean id="multipartResolver"
class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<!-- one of the properties available; the maximum file size in bytes -->
<property name="maxUploadSize" value="522240"/>
</bean>
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource"> <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames"> <property name="basenames">
<list> <list>