From: Guillaume Jambet Date: Fri, 3 Nov 2017 15:51:23 +0000 (+0100) Subject: SONAR-10040 add length validation to Groups ws X-Git-Tag: 7.0-RC1~353 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=01c6a75c8308b925dcac7b3c1b7de692de3b3b7f;p=sonarqube.git SONAR-10040 add length validation to Groups ws --- diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java index 554adff2c4d..f7117ec4fd3 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/CreateAction.java @@ -31,6 +31,7 @@ import org.sonar.db.user.GroupDto; import org.sonar.server.user.UserSession; import org.sonarqube.ws.WsUserGroups; +import static java.lang.String.format; import static org.sonar.api.user.UserGroupValidation.GROUP_NAME_MAX_LENGTH; import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; import static org.sonar.server.usergroups.ws.GroupWsSupport.DESCRIPTION_MAX_LENGTH; @@ -69,13 +70,15 @@ public class CreateAction implements UserGroupsWsAction { .setInternal(true); action.createParam(PARAM_GROUP_NAME) - .setDescription(String.format("Name for the new group. A group name cannot be larger than %d characters and must be unique. " + + .setRequired(true) + .setMaximumLength(GROUP_NAME_MAX_LENGTH) + .setDescription(format("Name for the new group. A group name cannot be larger than %d characters and must be unique. " + "The value 'anyone' (whatever the case) is reserved and cannot be used.", GROUP_NAME_MAX_LENGTH)) - .setExampleValue("sonar-users") - .setRequired(true); + .setExampleValue("sonar-users"); action.createParam(PARAM_GROUP_DESCRIPTION) - .setDescription(String.format("Description for the new group. A group description cannot be larger than %d characters.", DESCRIPTION_MAX_LENGTH)) + .setMaximumLength(DESCRIPTION_MAX_LENGTH) + .setDescription(format("Description for the new group. A group description cannot be larger than %d characters.", DESCRIPTION_MAX_LENGTH)) .setExampleValue("Default group for new users"); } @@ -92,7 +95,6 @@ public class CreateAction implements UserGroupsWsAction { // validations UserGroupValidation.validateGroupName(group.getName()); - support.validateDescription(group.getDescription()); support.checkNameDoesNotExist(dbSession, group.getOrganizationUuid(), group.getName()); dbClient.groupDao().insert(dbSession, group); diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/GroupWsSupport.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/GroupWsSupport.java index 2e3be4be00f..bc5b4df8b88 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/GroupWsSupport.java +++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/GroupWsSupport.java @@ -20,11 +20,9 @@ package org.sonar.server.usergroups.ws; import java.util.Optional; -import javax.annotation.CheckForNull; import javax.annotation.Nullable; import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.WebService; -import org.sonar.api.user.UserGroupValidation; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.organization.OrganizationDto; @@ -132,18 +130,6 @@ public class GroupWsSupport { return org.get(); } - /** - * Similar to {@link UserGroupValidation#validateGroupName(String)} but kept internal. No need to publish - * this method in public API. - * @return the same description - */ - @CheckForNull - String validateDescription(@Nullable String description) { - checkArgument(description == null || description.length() <= DESCRIPTION_MAX_LENGTH, - "Description cannot be longer than %s characters", DESCRIPTION_MAX_LENGTH); - return description; - } - void checkNameDoesNotExist(DbSession dbSession, String organizationUuid, String name) { // There is no database constraint on column groups.name // because MySQL cannot create a unique index diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java index f8f73fe0396..86b54687277 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/UpdateAction.java @@ -75,11 +75,13 @@ public class UpdateAction implements UserGroupsWsAction { .setRequired(true); action.createParam(PARAM_GROUP_NAME) + .setMaximumLength(GROUP_NAME_MAX_LENGTH) .setDescription(format("New optional name for the group. A group name cannot be larger than %d characters and must be unique. " + "Value 'anyone' (whatever the case) is reserved and cannot be used. If value is empty or not defined, then name is not changed.", GROUP_NAME_MAX_LENGTH)) .setExampleValue("my-group"); action.createParam(PARAM_GROUP_DESCRIPTION) + .setMaximumLength(DESCRIPTION_MAX_LENGTH) .setDescription(format("New optional description for the group. A group description cannot be larger than %d characters. " + "If value is not defined, then description is not changed.", DESCRIPTION_MAX_LENGTH)) .setExampleValue("Default group for new users"); @@ -108,7 +110,7 @@ public class UpdateAction implements UserGroupsWsAction { String description = request.param(PARAM_GROUP_DESCRIPTION); if (description != null) { changed = true; - group.setDescription(support.validateDescription(description)); + group.setDescription(description); } if (changed) { diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java index 07877e8cfd8..9c7b9c5303d 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/UpdateActionTest.java @@ -19,7 +19,6 @@ */ package org.sonar.server.usergroups.ws; -import org.apache.commons.lang.StringUtils; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; @@ -186,21 +185,6 @@ public class UpdateActionTest { .execute(); } - @Test - public void fail_if_name_is_too_long() throws Exception { - insertDefaultGroupOnDefaultOrganization(); - GroupDto group = db.users().insertGroup(); - loginAsAdminOnDefaultOrganization(); - - expectedException.expect(IllegalArgumentException.class); - expectedException.expectMessage("Group name cannot be longer than 255 characters"); - - newRequest() - .setParam("id", group.getId().toString()) - .setParam("name", StringUtils.repeat("a", 255 + 1)) - .execute(); - } - @Test public void fail_if_new_name_is_anyone() throws Exception { insertDefaultGroupOnDefaultOrganization(); @@ -234,22 +218,6 @@ public class UpdateActionTest { .execute(); } - @Test - public void fail_if_description_is_too_long() throws Exception { - insertDefaultGroupOnDefaultOrganization(); - GroupDto group = db.users().insertGroup(); - loginAsAdminOnDefaultOrganization(); - - expectedException.expect(IllegalArgumentException.class); - expectedException.expectMessage("Description cannot be longer than 200 characters"); - - newRequest() - .setParam("id", group.getId().toString()) - .setParam("name", "long-group-description-is-looooooooooooong") - .setParam("description", StringUtils.repeat("a", 201)) - .execute(); - } - @Test public void fail_if_unknown_group_id() throws Exception { loginAsAdminOnDefaultOrganization();