]> source.dussan.org Git - sonarqube.git/commitdiff
projects / sonarqube.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d9c700f)
Trim all WS string request parameters
authorTeryk Bellahsene <teryk.bellahsene@sonarsource.com>
Fri, 28 Aug 2015 15:54:47 +0000 (17:54 +0200)
committerTeryk Bellahsene <teryk.bellahsene@sonarsource.com>
Fri, 28 Aug 2015 15:54:47 +0000 (17:54 +0200)
server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionRequestValidator.java patch | blob | history
server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionRequestValidatorTest.java patch | blob | history
sonar-plugin-api/src/main/java/org/sonar/api/server/ws/internal/ValidatingRequest.java patch | blob | history
sonar-plugin-api/src/test/java/org/sonar/api/server/ws/RequestTest.java patch | blob | history

diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionRequestValidator.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionRequestValidator.java
index d9e1c92a5eea9637543d7e8274b80df161a9a30d..1f7d1b94ee46b018bd7e47a1f372737d28bcf455 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionRequestValidator.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionRequestValidator.java
@@ -20,7 +20,6 @@
 
 package org.sonar.server.permission.ws;
 
-import com.google.common.base.CharMatcher;
 import java.util.regex.Pattern;
 import java.util.regex.PatternSyntaxException;
 import javax.annotation.Nullable;
@@ -28,6 +27,7 @@ import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.core.permission.ProjectPermissions;
 import org.sonar.server.exceptions.BadRequestException;
 
+import static com.google.common.base.CharMatcher.WHITESPACE;
 import static com.google.common.base.Strings.isNullOrEmpty;
 import static java.lang.String.format;
 import static org.sonar.api.security.DefaultGroups.isAnyone;
@@ -59,7 +59,7 @@ public class PermissionRequestValidator {
   }
 
   public static void validateTemplateNameFormat(String name) {
-    String nameWithoutWhitespaces = CharMatcher.WHITESPACE.removeFrom(name);
+    String nameWithoutWhitespaces = WHITESPACE.trimFrom(name);
     checkRequest(!nameWithoutWhitespaces.isEmpty(), MSG_TEMPLATE_NAME_NOT_BLANK);
   }
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionRequestValidatorTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionRequestValidatorTest.java
index 82a759778ca447b86aad8dfdb826223b9f2217a5..ea19efdfa6e7f694fa673c42d9c89b8c28e48d08 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionRequestValidatorTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionRequestValidatorTest.java
@@ -33,6 +33,7 @@ public class PermissionRequestValidatorTest {
 
   @Test
   public void validate_template_name() {
+    PermissionRequestValidator.validateTemplateNameFormat("  text \r\n");
     expectedException.expect(BadRequestException.class);
     expectedException.expectMessage(MSG_TEMPLATE_NAME_NOT_BLANK);
 
diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/server/ws/internal/ValidatingRequest.java b/sonar-plugin-api/src/main/java/org/sonar/api/server/ws/internal/ValidatingRequest.java
index 4e193931bf8e0860355d897021c9c3f72b592ca6..0c5efdcf52555e1e74db9a5ec73e1e5e568f54e8 100644 (file)
--- a/sonar-plugin-api/src/main/java/org/sonar/api/server/ws/internal/ValidatingRequest.java
+++ b/sonar-plugin-api/src/main/java/org/sonar/api/server/ws/internal/ValidatingRequest.java
@@ -19,20 +19,19 @@
  */
 package org.sonar.api.server.ws.internal;
 
+import com.google.common.base.CharMatcher;
 import com.google.common.base.Splitter;
 import com.google.common.collect.Lists;
-import org.apache.commons.lang.StringUtils;
-import org.sonar.api.server.ws.Request;
-import org.sonar.api.server.ws.WebService;
-import org.sonar.api.utils.log.Loggers;
-
-import javax.annotation.CheckForNull;
-import javax.annotation.Nullable;
-
 import java.io.InputStream;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
+import javax.annotation.CheckForNull;
+import javax.annotation.Nullable;
+import org.apache.commons.lang.StringUtils;
+import org.sonar.api.server.ws.Request;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.api.utils.log.Loggers;
 
 /**
  * @since 4.2
@@ -65,10 +64,11 @@ public abstract class ValidatingRequest extends Request {
   private String param(String key, boolean validateValue) {
     WebService.Param definition = action.param(key);
     String value = readParamOrDefaultValue(key, definition);
-    if (value != null && validateValue) {
-      validate(value, definition);
+    String trimmedValue = value == null ? value : CharMatcher.WHITESPACE.trimFrom(value);
+    if (trimmedValue != null && validateValue) {
+      validate(trimmedValue, definition);
     }
-    return value;
+    return trimmedValue;
   }
 
   @CheckForNull
diff --git a/sonar-plugin-api/src/test/java/org/sonar/api/server/ws/RequestTest.java b/sonar-plugin-api/src/test/java/org/sonar/api/server/ws/RequestTest.java
index 5cae0e2cdda13a6b6361356d650c5e1183d28fc9..a9cde1cc4152ea44f1efcaaeebcd8ca0493e722c 100644 (file)
--- a/sonar-plugin-api/src/test/java/org/sonar/api/server/ws/RequestTest.java
+++ b/sonar-plugin-api/src/test/java/org/sonar/api/server/ws/RequestTest.java
@@ -175,6 +175,7 @@ public class RequestTest {
   @Test
   public void param_as_string() {
     assertThat(request.setParam("a_string", "foo").param("a_string")).isEqualTo("foo");
+    assertThat(request.setParam("a_string", " f o o \r\n ").param("a_string")).isEqualTo("f o o");
   }
 
   @Test
Continuous Inspection: https://github.com/SonarSource/sonarqube