Sanitize app names and shorten screenshot names (#349)

Fixes:

https://roadmap.entgra.net/issues/9241
https://roadmap.entgra.net/issues/10628

Co-authored-by: ashvini <ashvini@entgra.io>
Reviewed-on: #349
Co-authored-by: Ashvini Wegodapola <ashvini@entgra.io>
Co-committed-by: Ashvini Wegodapola <ashvini@entgra.io>
pull/369/head
Ashvini Wegodapola 9 months ago committed by Navod Zoysa
parent 09772dfd3f
commit 464214fe1b

@ -857,7 +857,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
ApplicationArtifact applicationArtifact, int tenantId) throws ResourceManagementException {
ApplicationStorageManager applicationStorageManager = APIUtil.getApplicationStorageManager();
applicationReleaseDTO.setIconName(applicationArtifact.getIconName());
applicationReleaseDTO.setIconName(ApplicationManagementUtil.sanitizeName
(applicationArtifact.getIconName(), Constants.ICON_NAME));
applicationReleaseDTO.setBannerName(applicationArtifact.getBannerName());
Map<String, InputStream> screenshots = applicationArtifact.getScreenshots();
@ -866,11 +867,14 @@ public class ApplicationManagerImpl implements ApplicationManager {
int counter = 1;
for (String scName : screenshotNames) {
if (counter == 1) {
applicationReleaseDTO.setScreenshotName1(scName);
applicationReleaseDTO.setScreenshotName1(ApplicationManagementUtil.sanitizeName
(scName, Constants.SCREENSHOT_NAME + counter));
} else if (counter == 2) {
applicationReleaseDTO.setScreenshotName2(scName);
applicationReleaseDTO.setScreenshotName2(ApplicationManagementUtil.sanitizeName
(scName, Constants.SCREENSHOT_NAME + counter));
} else if (counter == 3) {
applicationReleaseDTO.setScreenshotName3(scName);
applicationReleaseDTO.setScreenshotName3(ApplicationManagementUtil.sanitizeName
(scName, Constants.SCREENSHOT_NAME + counter));
}
counter++;
}
@ -898,7 +902,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
applicationStorageManager
.deleteAppReleaseArtifact(applicationReleaseDTO.getAppHashValue(), Constants.ICON_ARTIFACT,
applicationReleaseDTO.getIconName(), tenantId);
applicationReleaseDTO.setIconName(applicationArtifact.getIconName());
applicationReleaseDTO.setIconName(ApplicationManagementUtil.sanitizeName
(applicationArtifact.getIconName(), Constants.ICON_NAME));
}
if (!StringUtils.isEmpty(applicationArtifact.getBannerName())){
applicationStorageManager
@ -921,17 +926,20 @@ public class ApplicationManagerImpl implements ApplicationManager {
applicationStorageManager
.deleteAppReleaseArtifact(applicationReleaseDTO.getAppHashValue(), folderPath,
applicationReleaseDTO.getScreenshotName1(), tenantId);
applicationReleaseDTO.setScreenshotName1(scName);
applicationReleaseDTO.setScreenshotName1(ApplicationManagementUtil.sanitizeName
(scName, Constants.SCREENSHOT_NAME + counter));
} else if (counter == 2) {
applicationStorageManager
.deleteAppReleaseArtifact(applicationReleaseDTO.getAppHashValue(), folderPath,
applicationReleaseDTO.getScreenshotName2(), tenantId);
applicationReleaseDTO.setScreenshotName2(scName);
applicationReleaseDTO.setScreenshotName2(ApplicationManagementUtil.sanitizeName
(scName, Constants.SCREENSHOT_NAME + counter));
} else if (counter == 3) {
applicationStorageManager
.deleteAppReleaseArtifact(applicationReleaseDTO.getAppHashValue(), folderPath,
applicationReleaseDTO.getScreenshotName3(), tenantId);
applicationReleaseDTO.setScreenshotName3(scName);
applicationReleaseDTO.setScreenshotName3(ApplicationManagementUtil.sanitizeName
(scName, Constants.SCREENSHOT_NAME + counter));
}
counter++;
}
@ -2428,7 +2436,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
log.error(msg);
throw new BadRequestException(msg);
}
applicationDTO.setName(applicationUpdateWrapper.getName());
applicationDTO.setName(ApplicationManagementUtil.sanitizeName(applicationUpdateWrapper.getName(),
Constants.ApplicationProperties.NAME));
}
if (!StringUtils.isEmpty(applicationUpdateWrapper.getSubMethod()) && !applicationDTO.getSubType()
.equals(applicationUpdateWrapper.getSubMethod())) {

@ -309,7 +309,8 @@ public class APIUtil {
if (param instanceof ApplicationWrapper){
ApplicationWrapper applicationWrapper = (ApplicationWrapper) param;
DeviceType deviceType = getDeviceTypeData(applicationWrapper.getDeviceType());
applicationDTO.setName(applicationWrapper.getName());
applicationDTO.setName(ApplicationManagementUtil.sanitizeName(applicationWrapper.getName(),
Constants.ApplicationProperties.NAME));
applicationDTO.setDescription(applicationWrapper.getDescription());
applicationDTO.setAppCategories(applicationWrapper.getCategories());
applicationDTO.setType(ApplicationType.ENTERPRISE.toString());
@ -323,7 +324,8 @@ public class APIUtil {
applicationDTO.setApplicationReleaseDTOs(applicationReleaseEntities);
} else if (param instanceof WebAppWrapper){
WebAppWrapper webAppWrapper = (WebAppWrapper) param;
applicationDTO.setName(webAppWrapper.getName());
applicationDTO.setName(ApplicationManagementUtil.sanitizeName(webAppWrapper.getName(),
Constants.ApplicationProperties.NAME));
applicationDTO.setDescription(webAppWrapper.getDescription());
applicationDTO.setAppCategories(webAppWrapper.getCategories());
applicationDTO.setSubType(webAppWrapper.getSubMethod());
@ -331,13 +333,14 @@ public class APIUtil {
applicationDTO.setType(webAppWrapper.getType());
applicationDTO.setTags(webAppWrapper.getTags());
applicationDTO.setUnrestrictedRoles(webAppWrapper.getUnrestrictedRoles());
applicationReleaseEntities = webAppWrapper.getWebAppReleaseWrappers()
applicationReleaseEntities = webAppWrapper.getWebAppReleaseWrappers()
.stream().map(APIUtil::releaseWrapperToReleaseDTO).collect(Collectors.toList());
applicationDTO.setApplicationReleaseDTOs(applicationReleaseEntities);
} else if (param instanceof PublicAppWrapper) {
PublicAppWrapper publicAppWrapper = (PublicAppWrapper) param;
DeviceType deviceType = getDeviceTypeData(publicAppWrapper.getDeviceType());
applicationDTO.setName(publicAppWrapper.getName());
applicationDTO.setName(ApplicationManagementUtil.sanitizeName(publicAppWrapper.getName(),
Constants.ApplicationProperties.NAME));
applicationDTO.setDescription(publicAppWrapper.getDescription());
applicationDTO.setAppCategories(publicAppWrapper.getCategories());
applicationDTO.setType(ApplicationType.PUBLIC.toString());
@ -352,7 +355,8 @@ public class APIUtil {
} else if (param instanceof CustomAppWrapper){
CustomAppWrapper customAppWrapper = (CustomAppWrapper) param;
DeviceType deviceType = getDeviceTypeData(customAppWrapper.getDeviceType());
applicationDTO.setName(customAppWrapper.getName());
applicationDTO.setName(ApplicationManagementUtil.sanitizeName(customAppWrapper.getName(),
Constants.ApplicationProperties.NAME));
applicationDTO.setDescription(customAppWrapper.getDescription());
applicationDTO.setAppCategories(customAppWrapper.getCategories());
applicationDTO.setType(ApplicationType.CUSTOM.toString());

@ -535,4 +535,29 @@ public class ApplicationManagementUtil {
packageNamesOfApps.add(adamId);
return applicationManager.getApplications(packageNamesOfApps);
}
/**
* Sanitize app names and shorten icon/screenshot file names
*
* @param originalName Original name of the file which is being uploaded
* @param type Type - Name/Artifact(Icon, Screenshot, etc.)
* @return Sanitized and shortened file name
*/
public static String sanitizeName(String originalName, String type) {
String sanitizedName = originalName.replaceAll(Constants.APP_NAME_REGEX, "");
if (Constants.ApplicationProperties.NAME.equals(type) && sanitizedName.length() > Constants.MAX_APP_NAME_CHARACTERS) {
sanitizedName = sanitizedName.substring(0, Constants.MAX_APP_NAME_CHARACTERS);
return sanitizedName;
} else if (Constants.ICON_NAME.equals(type) || Constants.SCREENSHOT_NAME.equals(type)) {
// Shortening icon/screenshot names
String fileExtension = "";
int dotIndex = originalName.lastIndexOf('.');
if (dotIndex >= 0) {
fileExtension = originalName.substring(dotIndex);
}
return type + fileExtension;
} else {
return sanitizedName;
}
}
}

@ -214,4 +214,10 @@ public class Constants {
public static final String ASSOCIATION_DEVICE = "ASSOCIATION_DEVICE";
public static final String ASSOCIATION_USER = "ASSOCIATION_USER";
}
/**
* App name sanitization related constants
*/
public static final int MAX_APP_NAME_CHARACTERS = 350;
public static final String APP_NAME_REGEX = "[^a-zA-Z0-9.\\s-]";
}

Loading…
Cancel
Save