From: David Gageot Date: Fri, 6 Jul 2012 12:04:26 +0000 (+0200) Subject: SONAR-3432 Fix and Improve rule param validation X-Git-Tag: 3.2~200 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=569cd7b64625fcc9b4cbf1c43d0687978a821411;p=sonarqube.git SONAR-3432 Fix and Improve rule param validation --- diff --git a/sonar-server/src/main/webapp/WEB-INF/app/helpers/rules_configuration_helper.rb b/sonar-server/src/main/webapp/WEB-INF/app/helpers/rules_configuration_helper.rb index 056026b22c5..6065bfc68f1 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/helpers/rules_configuration_helper.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/helpers/rules_configuration_helper.rb @@ -42,7 +42,7 @@ module RulesConfigurationHelper def readable_type(type) return "Set of string (, as delimiter)" if type == PARAM_TYPE_STRING_LIST - return "Number" if type == PARAM_TYPE_INTEGER + return "Number" if type_with_compatibility(type) == PropertyType::TYPE_INTEGER return "Set of number (, as delimiter)" if type == PARAM_TYPE_INTEGER_LIST return "Regular expression" if type == PARAM_TYPE_REGEXP return "Set of values (, as delimiter)" if is_set(type) @@ -56,5 +56,39 @@ module RulesConfigurationHelper def is_set(type) type.at(1) == "[" && type.ends_with?("]") end + + def validate_rule_param(attribute, param_type, errors, value) + return if attribute.nil? or attribute.length == 0 + + type=type_with_compatibility(param_type) + + if is_set_type + allowed_tokens = get_allowed_tokens + attribute.split(',').each do |provided_token| + if !allowed_tokens.include?(provided_token) + errors.add("#{value}", "'#{provided_token}' kust be one of : " + allowed_tokens.join(', ')) + end + end + elsif param_type == RulesConfigurationHelper::PARAM_TYPE_INTEGER_LIST + attribute.split(',').each do |n| + if !Api::Utils.is_integer?(n) + errors.add("#{value}", "'#{n}' must be an integer.") + return + end + end + elsif param_type == RulesConfigurationHelper::PARAM_TYPE_REGEXP + if !Api::Utils.is_regexp?(attribute) + errors.add("#{value}", "'#{attribute}' must be a regular expression") + end + elsif type == PropertyType::TYPE_INTEGER + if !Api::Utils.is_integer?(attribute) + errors.add("#{value}", "'#{attribute}' must be an integer.") + end + elsif type == PropertyType::TYPE_BOOLEAN + if !Api::Utils.is_boolean?(attribute) + errors.add("#{value}", "'#{attribute}' must be one of : true,false") + end + end + end end diff --git a/sonar-server/src/main/webapp/WEB-INF/app/models/api/utils.rb b/sonar-server/src/main/webapp/WEB-INF/app/models/api/utils.rb index fd7bc1d432d..dc6764f7850 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/models/api/utils.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/models/api/utils.rb @@ -41,6 +41,19 @@ class Api::Utils s.to_s =~ /\A[+-]?\d+\Z/ end + def self.is_boolean?(s) + s == 'true' || s == 'false' + end + + def self.is_regexp?(s) + begin + Regexp.new(S) + true + rescue + false + end + end + def self.markdown_to_html(markdown) markdown ? Java::OrgSonarServerUi::JRubyFacade.markdownToHtml(ERB::Util.html_escape(markdown)) : '' end diff --git a/sonar-server/src/main/webapp/WEB-INF/app/models/rules_parameter.rb b/sonar-server/src/main/webapp/WEB-INF/app/models/rules_parameter.rb index 1ed08f89e00..0f0f3d35c73 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/models/rules_parameter.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/models/rules_parameter.rb @@ -47,38 +47,7 @@ class RulesParameter < ActiveRecord::Base end def validate_value(attribute, errors, value) - return if attribute.nil? or attribute.length == 0 - if is_set_type - provided_tokens = attribute.split(",") - allowed_tokens = get_allowed_tokens - provided_tokens.each do |provided_token| - if !allowed_tokens.include?(provided_token) - errors.add("#{value}", "'#{provided_token}' kust be one of : " + allowed_tokens.join(", ")) - end - end - elsif param_type == RulesConfigurationHelper::PARAM_TYPE_INTEGER - if !Api::Utils.is_integer?(attribute) - errors.add("#{value}", "'#{attribute}' must be an integer.") - end - elsif param_type == RulesConfigurationHelper::PARAM_TYPE_INTEGER_LIST - provided_numbers = attribute.split(",") - provided_numbers.each do |provided_number| - if !Api::Utils.is_integer?(provided_number) - errors.add("#{value}", "'#{provided_number}' must be an integer.") - return - end - end - elsif param_type == RulesConfigurationHelper::PARAM_TYPE_BOOLEAN - if attribute != "true" && attribute != "false" - errors.add("#{value}", "'#{attribute}' must be one of : true,false") - end - elsif param_type == RulesConfigurationHelper::PARAM_TYPE_REGEXP - begin - Regexp.new(attribute) - rescue - errors.add("#{value}", "'#{attribute}' must be a regular expression") - end - end + validate_rule_param(attribute, param_type, errors, value) end def to_hash_json(active_rule) diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/rules_configuration/_rule_param.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/rules_configuration/_rule_param.html.erb index 43fdece4bbb..2126c89bbd7 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/rules_configuration/_rule_param.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/rules_configuration/_rule_param.html.erb @@ -15,13 +15,13 @@ <%= form_remote_tag :url => {:action => :update_param, :id => active_param_id, :profile_id => profile.id, :param_id => parameter.id, :active_rule_id => active_rule_id}, - :update => {:success => "rule_#{rule.id}", :failure => "error_#{rule.id}"}, + :update => {:success => "rule_#{rule.id}", :failure => "error_#{parameter.id}"}, :loading => "$('param_loading_#{parameter.id}').show();", :complete => "$('desc_#{rule.id}').show();", - :failure => "$('error_#{rule.id}').show();$('param_loading_#{parameter.id}').hide();", + :failure => "$('error_#{parameter.id}').show();$('param_loading_#{parameter.id}').hide();", :html => {:name => "form-#{u parameter.name}"} %> - + <%= param_value_input(parameter, param_value, :disabled => read_only) -%>