Added validations

master
MalshaPiumini 4 years ago
parent 605168e770
commit 645fc43136

@ -129,7 +129,6 @@ public interface SubscriptionManager {
* *
* @param appUUID UUID of the application release. * @param appUUID UUID of the application release.
* @param request paginated request object. * @param request paginated request object.
* @param status status of the devices.
* @return deviceDetails - device details for given application release. * @return deviceDetails - device details for given application release.
* @throws {@link ApplicationManagementException} Exception of the application management * @throws {@link ApplicationManagementException} Exception of the application management
*/ */

@ -33,6 +33,7 @@ import org.wso2.carbon.device.application.mgt.common.BasicUserInfo;
import org.wso2.carbon.device.application.mgt.common.BasicUserInfoList; import org.wso2.carbon.device.application.mgt.common.BasicUserInfoList;
import org.wso2.carbon.device.application.mgt.common.RoleList; import org.wso2.carbon.device.application.mgt.common.RoleList;
import org.wso2.carbon.device.application.mgt.common.DeviceGroupList; import org.wso2.carbon.device.application.mgt.common.DeviceGroupList;
import org.wso2.carbon.device.application.mgt.store.api.services.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.common.PaginationRequest; import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult; import org.wso2.carbon.device.mgt.common.PaginationResult;
import org.wso2.carbon.device.application.mgt.core.exception.BadRequestException; import org.wso2.carbon.device.application.mgt.core.exception.BadRequestException;
@ -293,6 +294,7 @@ public class SubscriptionManagementAPIImpl implements SubscriptionManagementAPI{
request.setOwner(user); request.setOwner(user);
} }
if (ownership != null && !ownership.isEmpty()) { if (ownership != null && !ownership.isEmpty()) {
RequestValidationUtil.validateOwnershipType(ownership);
request.setOwnership(ownership); request.setOwnership(ownership);
} }
if (status != null && !status.isEmpty()) { if (status != null && !status.isEmpty()) {
@ -304,26 +306,7 @@ public class SubscriptionManagementAPIImpl implements SubscriptionManagementAPI{
} }
} }
if (!isStatusEmpty) { if (!isStatusEmpty) {
for (String status_ : status) { RequestValidationUtil.validateStatus(status);
switch (status_) {
case "ACTIVE":
case "INACTIVE":
case "UNCLAIMED":
case "UNREACHABLE":
case "SUSPENDED":
case "DISENROLLMENT_REQUESTED":
case "REMOVED":
case "BLOCKED":
case "CREATED":
break;
default:
String msg = "Invalid enrollment status type: " + status_ + ". \nValid status types are " +
"ACTIVE | INACTIVE | UNCLAIMED | UNREACHABLE | SUSPENDED | " +
"DISENROLLMENT_REQUESTED | REMOVED | BLOCKED | CREATED";
log.error(msg);
return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
}
}
request.setStatusList(status); request.setStatusList(status);
} }
} }
@ -337,8 +320,7 @@ public class SubscriptionManagementAPIImpl implements SubscriptionManagementAPI{
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.NOT_FOUND).entity(msg).build(); return Response.status(Response.Status.NOT_FOUND).entity(msg).build();
} catch (BadRequestException e) { } catch (BadRequestException e) {
String msg = "Found invalid payload for getting application which has UUID: " + uuid String msg = "User requested details are not valid";
+ ". Hence verify the payload";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.BAD_REQUEST).entity(msg).build(); return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
} catch (ForbiddenException e) { } catch (ForbiddenException e) {

@ -29,6 +29,7 @@ import org.wso2.carbon.device.application.mgt.core.exception.BadRequestException
import org.wso2.carbon.device.application.mgt.core.exception.NotFoundException; import org.wso2.carbon.device.application.mgt.core.exception.NotFoundException;
import org.wso2.carbon.device.application.mgt.core.util.APIUtil; import org.wso2.carbon.device.application.mgt.core.util.APIUtil;
import org.wso2.carbon.device.application.mgt.store.api.services.admin.SubscriptionManagementAdminAPI; import org.wso2.carbon.device.application.mgt.store.api.services.admin.SubscriptionManagementAdminAPI;
import org.wso2.carbon.device.application.mgt.store.api.services.impl.util.RequestValidationUtil;
import org.wso2.carbon.device.mgt.common.PaginationRequest; import org.wso2.carbon.device.mgt.common.PaginationRequest;
import org.wso2.carbon.device.mgt.common.PaginationResult; import org.wso2.carbon.device.mgt.common.PaginationResult;
@ -84,50 +85,15 @@ public class SubscriptionManagementAdminAPIImpl implements SubscriptionManagemen
} }
} }
if (!isStatusEmpty) { if (!isStatusEmpty) {
for (String status_ : status) { RequestValidationUtil.validateStatus(status);
switch (status_) {
case "ACTIVE":
case "INACTIVE":
case "UNCLAIMED":
case "UNREACHABLE":
case "SUSPENDED":
case "DISENROLLMENT_REQUESTED":
case "REMOVED":
case "BLOCKED":
case "CREATED":
break;
default:
String msg = "Invalid enrollment status type: " + status_ + ". \nValid status types " +
"are ACTIVE | INACTIVE | UNCLAIMED | UNREACHABLE | SUSPENDED | " +
"DISENROLLMENT_REQUESTED | REMOVED | BLOCKED | CREATED";
log.error(msg);
return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
}
}
request.setStatusList(status); request.setStatusList(status);
} }
} }
if (actionStatus != null && !actionStatus.isEmpty()) { if (actionStatus != null && !actionStatus.isEmpty()) {
if (StringUtils.isNotBlank(actionStatus)) { if (StringUtils.isNotBlank(actionStatus)) {
switch (actionStatus) { RequestValidationUtil.validateStatusFiltering(actionStatus);
case "PENDING":
case "ERROR":
case "IN_PROGRESS":
case "NOTNOW":
case "COMPLETED":
case "REPEATED":
break;
default:
String msg = "Invalid enrollment action status type: " + actionStatus + ". " +
"\nValid action status types are PENDING | ERROR | IN_PROGRESS | NOTNOW | " +
"COMPLETED | REPEATED";
log.error(msg);
return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
}
} }
} }
SubscriptionManager subscriptionManager = APIUtil.getSubscriptionManager(); SubscriptionManager subscriptionManager = APIUtil.getSubscriptionManager();
PaginationResult subscriptionData = subscriptionManager.getAppSubscriptionDetails PaginationResult subscriptionData = subscriptionManager.getAppSubscriptionDetails
(request, uuid, actionStatus); (request, uuid, actionStatus);
@ -137,8 +103,7 @@ public class SubscriptionManagementAdminAPIImpl implements SubscriptionManagemen
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.NOT_FOUND).entity(msg).build(); return Response.status(Response.Status.NOT_FOUND).entity(msg).build();
} catch (BadRequestException e) { } catch (BadRequestException e) {
String msg = "Found invalid payload for getting application which has UUID: " + uuid String msg = "User requested details are not valid";
+ ". Hence verify the payload";
log.error(msg, e); log.error(msg, e);
return Response.status(Response.Status.BAD_REQUEST).entity(msg).build(); return Response.status(Response.Status.BAD_REQUEST).entity(msg).build();
} catch (ApplicationManagementException e) { } catch (ApplicationManagementException e) {

@ -0,0 +1,102 @@
/*
* Copyright (c) 2021, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.wso2.carbon.device.application.mgt.store.api.services.impl.util;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.application.mgt.core.exception.BadRequestException;
import org.wso2.carbon.device.application.mgt.store.api.util.Constants;
import java.util.List;
public class RequestValidationUtil {
private static final Log log = LogFactory.getLog(RequestValidationUtil.class);
/**
* Checks if user requested status codes are valid.
*
* @param statusList status codes upon to filter operation logs using status
*/
public static void validateStatus(List<String> statusList) throws BadRequestException {
for (String status : statusList) {
switch (status) {
case "ACTIVE":
case "INACTIVE":
case "UNCLAIMED":
case "UNREACHABLE":
case "SUSPENDED":
case "DISENROLLMENT_REQUESTED":
case "REMOVED":
case "BLOCKED":
case "CREATED":
break;
default:
String msg = "Invalid enrollment status type: " + status + ". \nValid status types " +
"are ACTIVE | INACTIVE | UNCLAIMED | UNREACHABLE | SUSPENDED | " +
"DISENROLLMENT_REQUESTED | REMOVED | BLOCKED | CREATED";
log.error(msg);
throw new BadRequestException(msg);
}
}
}
/**
* Checks if user requested ownerships are valid.
*
* @param ownership ownerships upon to filter devices using ownership
*/
public static void validateOwnershipType(String ownership) throws BadRequestException {
switch (ownership) {
case "BYOD":
case "COPE":
case "WORK_PROFILE":
case "GOOGLE_ENTERPRISE":
case "COSU":
case "FULLY_MANAGED":
case "DEDICATED_DEVICE":
break;
default:
String msg = "Invalid ownership type received.Valid ownership types are BYOD | COPE | WORK_PROFILE |" +
"GOOGLE_ENTERPRISE | COSU | FULLY_MANAGED | DEDICATED_DEVICE";
log.error(msg);
throw new BadRequestException(msg);
}
}
/**
* Checks if user requested Action status codes are valid.
*
* @param status status codes upon to filter operation logs using status
*/
public static void validateStatusFiltering(String status) throws BadRequestException {
if (Constants.OperationStatus.COMPLETED.toUpperCase().equals(status)
|| Constants.OperationStatus.ERROR.toUpperCase().equals(status)
|| Constants.OperationStatus.NOTNOW.toUpperCase().equals(status)
|| Constants.OperationStatus.REPEATED.toUpperCase().equals(status)
|| Constants.OperationStatus.PENDING.toUpperCase().equals(status)
|| Constants.OperationStatus.IN_PROGRESS.toUpperCase().equals(status)) {
} else {
String msg = "Invalid status type: " + status + ". \nValid status types are COMPLETED | ERROR | " +
"IN_PROGRESS | NOTNOW | PENDING | REPEATED";
log.error(msg);
throw new BadRequestException(msg);
}
}
}

@ -0,0 +1,101 @@
/*
* Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*
* Copyright (c) 2019, Entgra (pvt) Ltd. (http://entgra.io) All Rights Reserved.
*
* Entgra (pvt) Ltd. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.device.application.mgt.store.api.util;
/**
* Holds the constants used by DeviceImpl Management Admin web application.
*/
public class Constants {
public static final String USER_CLAIM_EMAIL_ADDRESS = "http://wso2.org/claims/emailaddress";
public static final String USER_CLAIM_FIRST_NAME = "http://wso2.org/claims/givenname";
public static final String USER_CLAIM_LAST_NAME = "http://wso2.org/claims/lastname";
public static final String USER_CLAIM_CREATED = "http://wso2.org/claims/created";
public static final String USER_CLAIM_MODIFIED = "http://wso2.org/claims/modified";
public static final String USER_CLAIM_DEVICES = "http://wso2.org/claims/devices";
public static final String PRIMARY_USER_STORE = "PRIMARY";
public static final String DEFAULT_STREAM_VERSION = "1.0.0";
public static final String SCOPE = "scope";
public static final String JDBC_USERSTOREMANAGER = "org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager";
public static final String DEFAULT_SIMPLE_DATE_FORMAT = "EEE, d MMM yyyy HH:mm:ss Z";
public static final int DEFAULT_PAGE_LIMIT = 50;
public static final String FORWARD_SLASH = "/";
public static final String ANDROID = "android";
public static final String ANDROID_POLICY_VALIDATOR = "io.entgra.proprietary.platform.android." +
"core.polcy.AndroidPolicyPayloadValidator";
public static final String IOS = "ios";
public static final String WINDOWS = "windows";
public final class OperationStatus {
private OperationStatus () { throw new AssertionError(); }
public static final String COMPLETED = "completed";
public static final String ERROR = "error";
public static final String IN_PROGRESS = "in_progress";
public static final String PENDING = "pending";
public static final String NOTNOW = "notnow";
public static final String REPEATED = "repeated";
}
public static final String DEVICES = "devices";
public static final String ATTRIBUTE_DISPLAY_NAME = "DisplayName";
public static final String ATTRIBUTE_DESCRIPTION = "Description";
public static final String EXTERNAL_DEVICE_CLAIM_DISPLAY_NAME = "Devices";
public static final String EXTERNAL_DEVICE_CLAIM_DESCRIPTION = "Device list";
public final class ErrorMessages {
private ErrorMessages () { throw new AssertionError(); }
public static final String STATUS_BAD_REQUEST_MESSAGE_DEFAULT = "Bad Request";
}
public final class DeviceConstants {
private DeviceConstants () { throw new AssertionError(); }
public static final String APPLICATION_JSON = "application/json";
public static final String HEADER_CONTENT_TYPE = "Content-Type";
}
public final class Permission {
private Permission() { throw new AssertionError(); }
public static final String ADMIN = "/permission/admin";
public static final String LOGIN = "/permission/admin/login";
public static final String DEVICE_MGT = "/permission/admin/device-mgt";
public static final String APP_MGT = "/permission/admin/app-mgt";
}
}
Loading…
Cancel
Save