SONAR-10040 add length validation to Users ws

author Guillaume Jambet <guillaume.jambet@sonarsource.com>

Thu, 2 Nov 2017 14:26:13 +0000 (15:26 +0100)

committer Guillaume Jambet <guillaume.jambet@gmail.com>

Wed, 8 Nov 2017 12:51:31 +0000 (13:51 +0100)
author Guillaume Jambet <guillaume.jambet@sonarsource.com>
Thu, 2 Nov 2017 14:26:13 +0000 (15:26 +0100)
committer Guillaume Jambet <guillaume.jambet@gmail.com>
Wed, 8 Nov 2017 12:51:31 +0000 (13:51 +0100)
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java

index b87273aee3b772622c6c3becc17f171fb337f1ec..2ebf612200975d93740dab331c755943f0e9ac1d 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
@@ -68,9 +68,9 @@ public class UserUpdater {
    private static final String EMAIL_PARAM = "Email";
  
    private static final int LOGIN_MIN_LENGTH = 2;
-  private static final int LOGIN_MAX_LENGTH = 255;
-  private static final int EMAIL_MAX_LENGTH = 100;
-  private static final int NAME_MAX_LENGTH = 200;
+  public static final int LOGIN_MAX_LENGTH = 255;
+  public static final int EMAIL_MAX_LENGTH = 100;
+  public static final int NAME_MAX_LENGTH = 200;
  
    private final NewUserNotifier newUserNotifier;
    private final DbClient dbClient;
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/CreateAction.java

index 7feb6dc48d97e8c816aff7b8b8656ae8252d19e0..b9f6c4fb7f280caf631bda0436425119c5a30a0d 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/CreateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/CreateAction.java
@@ -38,6 +38,9 @@ import org.sonarqube.ws.client.user.CreateRequest;
  import static com.google.common.base.Strings.emptyToNull;
  import static org.sonar.core.util.Protobuf.setNullable;
  import static org.sonar.server.user.ExternalIdentity.SQ_AUTHORITY;
+import static org.sonar.server.user.UserUpdater.EMAIL_MAX_LENGTH;
+import static org.sonar.server.user.UserUpdater.LOGIN_MAX_LENGTH;
+import static org.sonar.server.user.UserUpdater.NAME_MAX_LENGTH;
  import static org.sonar.server.ws.WsUtils.writeProtobuf;
  import static org.sonarqube.ws.client.user.UsersWsParameters.ACTION_CREATE;
  import static org.sonarqube.ws.client.user.UsersWsParameters.PARAM_EMAIL;
@@ -75,8 +78,9 @@ public class CreateAction implements UsersWsAction {
        .setHandler(this);
  
      action.createParam(PARAM_LOGIN)
-      .setDescription("User login")
        .setRequired(true)
+      .setMaximumLength(LOGIN_MAX_LENGTH)
+      .setDescription("User login")
        .setExampleValue("myuser");
  
      action.createParam(PARAM_PASSWORD)
@@ -84,11 +88,13 @@ public class CreateAction implements UsersWsAction {
        .setExampleValue("mypassword");
  
      action.createParam(PARAM_NAME)
-      .setDescription("User name")
        .setRequired(true)
+      .setMaximumLength(NAME_MAX_LENGTH)
+      .setDescription("User name")
        .setExampleValue("My Name");
  
      action.createParam(PARAM_EMAIL)
+      .setMaximumLength(EMAIL_MAX_LENGTH)
        .setDescription("User email")
        .setExampleValue("myname@email.com");
  
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/ws/UpdateAction.java b/server/sonar-server/src/main/java/org/sonar/server/user/ws/UpdateAction.java

index cd89f46d5dd847927feefb4843c1b719f2e71363..bfe70c5200438462a5b518e0ba9a1120f5fc7ab9 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/user/ws/UpdateAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/ws/UpdateAction.java
@@ -38,6 +38,9 @@ import org.sonarqube.ws.client.user.UpdateRequest;
  
  import static com.google.common.base.Strings.emptyToNull;
  import static java.util.Collections.singletonList;
+import static org.sonar.server.user.UserUpdater.EMAIL_MAX_LENGTH;
+import static org.sonar.server.user.UserUpdater.LOGIN_MAX_LENGTH;
+import static org.sonar.server.user.UserUpdater.NAME_MAX_LENGTH;
  import static org.sonar.server.ws.WsUtils.checkFound;
  import static org.sonarqube.ws.client.user.UsersWsParameters.ACTION_UPDATE;
  import static org.sonarqube.ws.client.user.UsersWsParameters.PARAM_EMAIL;
@@ -73,15 +76,18 @@ public class UpdateAction implements UsersWsAction {
        .setResponseExample(getClass().getResource("update-example.json"));
  
      action.createParam(PARAM_LOGIN)
-      .setDescription("User login")
        .setRequired(true)
+      .setMaximumLength(LOGIN_MAX_LENGTH)
+      .setDescription("User login")
        .setExampleValue("myuser");
  
      action.createParam(PARAM_NAME)
+      .setMaximumLength(NAME_MAX_LENGTH)
        .setDescription("User name")
        .setExampleValue("My Name");
  
      action.createParam(PARAM_EMAIL)
+      .setMaximumLength(EMAIL_MAX_LENGTH)
        .setDescription("User email")
        .setExampleValue("myname@email.com");
author	Guillaume Jambet <guillaume.jambet@sonarsource.com>
	Thu, 2 Nov 2017 14:26:13 +0000 (15:26 +0100)
committer	Guillaume Jambet <guillaume.jambet@gmail.com>
	Wed, 8 Nov 2017 12:51:31 +0000 (13:51 +0100)
server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java		patch \| blob \| history
server/sonar-server/src/main/java/org/sonar/server/user/ws/CreateAction.java		patch \| blob \| history
server/sonar-server/src/main/java/org/sonar/server/user/ws/UpdateAction.java		patch \| blob \| history