Fixing some missing JPA entities' validation master
authorFrancesco Chicchiriccò <ilgrosso@apache.org>
Fri, 19 Oct 2018 11:26:52 +0000 (13:26 +0200)
committerFrancesco Chicchiriccò <ilgrosso@apache.org>
Mon, 22 Oct 2018 07:02:08 +0000 (09:02 +0200)
18 files changed:
client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java
client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java
client/enduser/src/main/java/org/apache/syncope/client/enduser/util/SaltGenerator.java
client/enduser/src/main/java/org/apache/syncope/client/enduser/util/Validation.java [moved from client/enduser/src/main/java/org/apache/syncope/client/enduser/util/UserRequestValidator.java with 92% similarity]
client/enduser/src/test/java/org/apache/syncope/client/enduser/util/ValidationTest.java [moved from client/enduser/src/test/java/org/apache/syncope/client/enduser/util/UserRequestValidatorTest.java with 72% similarity]
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/policy/AbstractPolicy.java
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AbstractValidator.java
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassCheck.java [new file with mode: 0644]
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassValidator.java [new file with mode: 0644]
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeValidator.java
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyCheck.java [new file with mode: 0644]
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyValidator.java [new file with mode: 0644]
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RealmValidator.java
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/RelationshipTypeValidator.java
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ReportValidator.java
ext/oidcclient/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/OIDCProviderValidator.java
ext/saml2sp/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/SAML2IdPValidator.java

index e017d45..acc1577 100644 (file)
@@ -28,7 +28,7 @@ import org.apache.syncope.client.enduser.SyncopeEnduserApplication;
 import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
 import org.apache.syncope.client.enduser.SyncopeEnduserSession;
 import org.apache.syncope.client.enduser.annotations.Resource;
-import org.apache.syncope.client.enduser.util.UserRequestValidator;
+import org.apache.syncope.client.enduser.util.Validation;
 import org.apache.syncope.common.lib.SyncopeClientException;
 import org.apache.syncope.common.lib.to.AttrTO;
 import org.apache.syncope.common.lib.to.MembershipTO;
@@ -81,7 +81,7 @@ public class UserSelfCreateResource extends BaseUserSelfResource {
                 LOG.trace("Request is [{}]", userTO);
 
                 // check if request is compliant with customization form rules
-                if (UserRequestValidator.compliant(userTO,
+                if (Validation.isCompliant(userTO,
                         SyncopeEnduserApplication.get().getCustomFormAttributes(), true)) {
 
                     // 1. membership attributes management
index 3cccb8f..1ea8530 100644 (file)
@@ -30,7 +30,7 @@ import org.apache.syncope.client.enduser.SyncopeEnduserConstants;
 import org.apache.syncope.client.enduser.SyncopeEnduserSession;
 import org.apache.syncope.client.enduser.annotations.Resource;
 import org.apache.syncope.client.enduser.model.CustomAttributesInfo;
-import org.apache.syncope.client.enduser.util.UserRequestValidator;
+import org.apache.syncope.client.enduser.util.Validation;
 import org.apache.syncope.common.lib.AnyOperations;
 import org.apache.syncope.common.lib.EntityTOUtils;
 import org.apache.syncope.common.lib.patch.UserPatch;
@@ -70,7 +70,7 @@ public class UserSelfUpdateResource extends BaseUserSelfResource {
                     SyncopeEnduserApplication.get().getCustomFormAttributes();
 
             // check if request is compliant with customization form rules
-            if (UserRequestValidator.compliant(userTO, customFormAttributes, false)) {
+            if (Validation.isCompliant(userTO, customFormAttributes, false)) {
                 // 1. membership attributes management
                 Set<AttrTO> membAttrs = new HashSet<>();
                 userTO.getPlainAttrs().stream().
@@ -30,14 +30,13 @@ import org.apache.syncope.common.lib.types.SchemaType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public final class UserRequestValidator {
+public final class Validation {
 
-    private static final Logger LOG = LoggerFactory.getLogger(UserRequestValidator.class);
+    private static final Logger LOG = LoggerFactory.getLogger(Validation.class);
 
-    private UserRequestValidator() {
-    }
-
-    public static boolean compliant(final UserTO userTO, final Map<String, CustomAttributesInfo> customFormAttributes,
+    public static boolean isCompliant(
+            final UserTO userTO,
+            final Map<String, CustomAttributesInfo> customFormAttributes,
             final boolean checkDefaultValues) {
 
         if (customFormAttributes == null || customFormAttributes.isEmpty()) {
@@ -68,7 +67,6 @@ public final class UserRequestValidator {
                     }
                     return compliant;
                 });
-
     }
 
     public static boolean validateSteps(final CustomTemplateInfo customTemplateInfo) {
@@ -92,4 +90,7 @@ public final class UserRequestValidator {
                 : true;
     }
 
+    private Validation() {
+        // private constructor for static utility class
+    }
 }
@@ -34,7 +34,7 @@ import org.apache.syncope.common.lib.to.UserTO;
 import org.junit.jupiter.api.Test;
 import org.springframework.core.io.ClassPathResource;
 
-public class UserRequestValidatorTest {
+public class ValidationTest {
 
     private AttrTO attrTO(String schemaKey, String... values) {
         return new AttrTO.Builder().schema(schemaKey).values(values).build();
@@ -58,16 +58,16 @@ public class UserRequestValidatorTest {
                 "customTemplate.json").getFile(), CustomTemplateInfo.class);
 
         // not allowed because of presence of notAllowed attribute
-        assertFalse(UserRequestValidator.compliant(userTO, customFormAttributes, true));
+        assertFalse(Validation.isCompliant(userTO, customFormAttributes, true));
 
         // remove notAllowed attribute and make it compliant
         userTO.getPlainAttrs().remove(notAllowed);
-        assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, true));
+        assertTrue(Validation.isCompliant(userTO, customFormAttributes, true));
 
         // firstname must have only one defaultValue
         userTO.getPlainAttr("firstname").get().getValues().add("notAllowedFirstnameValue");
-        assertFalse(UserRequestValidator.compliant(userTO, customFormAttributes, true));
-        assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, false));
+        assertFalse(Validation.isCompliant(userTO, customFormAttributes, true));
+        assertTrue(Validation.isCompliant(userTO, customFormAttributes, false));
 
         // clean
         userTO.getPlainAttr("firstname").get().getValues().remove("notAllowedFirstnameValue");
@@ -75,24 +75,23 @@ public class UserRequestValidatorTest {
         // virtual
         AttrTO virtualdata = attrTO("virtualdata", "defaultVirtualData");
         userTO.getVirAttrs().add(virtualdata);
-        assertTrue(UserRequestValidator.compliant(userTO, customFormAttributes, true));
+        assertTrue(Validation.isCompliant(userTO, customFormAttributes, true));
 
         // with empty form is compliant by definition
-        assertTrue(UserRequestValidator.compliant(userTO, new HashMap<>(), true));
+        assertTrue(Validation.isCompliant(userTO, new HashMap<>(), true));
 
         // check wizard steps
         // only "credentials", "plainSchemas" and "finish" steps must be visible
-        assertTrue(UserRequestValidator.validateSteps(customTemplate));
+        assertTrue(Validation.validateSteps(customTemplate));
 
-        assertTrue(UserRequestValidator.validateStep("credentials", customTemplate));
-        assertTrue(UserRequestValidator.validateStep("plainSchemas", customTemplate));
-        assertTrue(UserRequestValidator.validateStep("finish", customTemplate));
+        assertTrue(Validation.validateStep("credentials", customTemplate));
+        assertTrue(Validation.validateStep("plainSchemas", customTemplate));
+        assertTrue(Validation.validateStep("finish", customTemplate));
 
-        assertFalse(UserRequestValidator.validateStep("test", customTemplate));
-        assertFalse(UserRequestValidator.validateStep("resources", customTemplate));
-        assertFalse(UserRequestValidator.validateStep("virtualSchemas", customTemplate));
-        assertFalse(UserRequestValidator.validateStep("derivedSchemas", customTemplate));
-        assertFalse(UserRequestValidator.validateStep("groups", customTemplate));
+        assertFalse(Validation.validateStep("test", customTemplate));
+        assertFalse(Validation.validateStep("resources", customTemplate));
+        assertFalse(Validation.validateStep("virtualSchemas", customTemplate));
+        assertFalse(Validation.validateStep("derivedSchemas", customTemplate));
+        assertFalse(Validation.validateStep("groups", customTemplate));
     }
-
 }
index 27fcb85..5344a1e 100644 (file)
@@ -24,9 +24,11 @@ import javax.persistence.InheritanceType;
 import javax.validation.constraints.NotNull;
 import org.apache.syncope.core.persistence.api.entity.policy.Policy;
 import org.apache.syncope.core.persistence.jpa.entity.AbstractGeneratedKeyEntity;
+import org.apache.syncope.core.persistence.jpa.validation.entity.PolicyCheck;
 
 @Entity
 @Inheritance(strategy = InheritanceType.TABLE_PER_CLASS)
+@PolicyCheck
 public abstract class AbstractPolicy extends AbstractGeneratedKeyEntity implements Policy {
 
     private static final long serialVersionUID = -5844833125843247458L;
index 5b12d14..b06d5ea 100644 (file)
@@ -41,4 +41,8 @@ public abstract class AbstractValidator<A extends Annotation, T> implements Cons
     protected final String getTemplate(final EntityViolationType type, final String message) {
         return type.name() + ";" + message;
     }
+
+    protected boolean isHtml(final String text) {
+        return text != null && (text.indexOf('<') != -1 || text.indexOf('>') != -1);
+    }
 }
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassCheck.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassCheck.java
new file mode 100644 (file)
index 0000000..01572b3
--- /dev/null
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.persistence.jpa.validation.entity;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+@Target({ ElementType.TYPE })
+@Retention(RetentionPolicy.RUNTIME)
+@Constraint(validatedBy = AnyTypeClassValidator.class)
+@Documented
+public @interface AnyTypeClassCheck {
+
+    String message() default "{org.apache.syncope.core.persistence.validation.anytypeclass}";
+
+    Class<?>[] groups() default {};
+
+    Class<? extends Payload>[] payload() default {};
+}
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyTypeClassValidator.java
new file mode 100644 (file)
index 0000000..baf8d71
--- /dev/null
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.persistence.jpa.validation.entity;
+
+import javax.validation.ConstraintValidatorContext;
+import org.apache.syncope.common.lib.types.EntityViolationType;
+import org.apache.syncope.core.persistence.api.entity.AnyTypeClass;
+
+public class AnyTypeClassValidator extends AbstractValidator<AnyTypeClassCheck, AnyTypeClass> {
+
+    @Override
+    public boolean isValid(final AnyTypeClass anyTypeClass, final ConstraintValidatorContext context) {
+        context.disableDefaultConstraintViolation();
+
+        boolean isValid = true;
+
+        if (isHtml(anyTypeClass.getKey())) {
+            context.buildConstraintViolationWithTemplate(
+                    getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+                    addPropertyNode("key").addConstraintViolation();
+
+            isValid = false;
+        }
+
+        return isValid;
+    }
+}
index 639061a..6fb7078 100644 (file)
@@ -27,32 +27,41 @@ import org.apache.syncope.core.persistence.api.entity.AnyType;
 public class AnyTypeValidator extends AbstractValidator<AnyTypeCheck, AnyType> {
 
     @Override
-    public boolean isValid(final AnyType object, final ConstraintValidatorContext context) {
+    public boolean isValid(final AnyType anyType, final ConstraintValidatorContext context) {
         context.disableDefaultConstraintViolation();
 
-        boolean isValid;
-        switch (object.getKind()) {
+        boolean isValid = true;
+
+        if (isHtml(anyType.getKey())) {
+            context.buildConstraintViolationWithTemplate(
+                    getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+                    addPropertyNode("key").addConstraintViolation();
+
+            isValid = false;
+        }
+
+        boolean nameKindMatch;
+        switch (anyType.getKind()) {
             case USER:
-                isValid = AnyTypeKind.USER.name().equalsIgnoreCase(object.getKey());
+                nameKindMatch = AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey());
                 break;
 
             case GROUP:
-                isValid = AnyTypeKind.GROUP.name().equalsIgnoreCase(object.getKey());
+                nameKindMatch = AnyTypeKind.GROUP.name().equalsIgnoreCase(anyType.getKey());
                 break;
 
             case ANY_OBJECT:
             default:
-                isValid = !AnyTypeKind.USER.name().equalsIgnoreCase(object.getKey())
-                        && !AnyTypeKind.GROUP.name().equalsIgnoreCase(object.getKey())
-                        && !SyncopeConstants.REALM_ANYTYPE.equalsIgnoreCase(object.getKey());
+                nameKindMatch = !AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey())
+                        && !AnyTypeKind.GROUP.name().equalsIgnoreCase(anyType.getKey())
+                        && !SyncopeConstants.REALM_ANYTYPE.equalsIgnoreCase(anyType.getKey());
         }
-
-        if (!isValid) {
+        if (!nameKindMatch) {
             context.buildConstraintViolationWithTemplate(
                     getTemplate(EntityViolationType.InvalidAnyType, "Name / kind mismatch")).
                     addPropertyNode("name").addConstraintViolation();
         }
 
-        return isValid;
+        return isValid && nameKindMatch;
     }
 }
index ecb0edb..ffbe438 100644 (file)
@@ -28,8 +28,18 @@ public class ConnInstanceValidator extends AbstractValidator<ConnInstanceCheck,
 
     @Override
     public boolean isValid(final ConnInstance connInstance, final ConstraintValidatorContext context) {
+        context.disableDefaultConstraintViolation();
+
         boolean isValid = true;
 
+        if (isHtml(connInstance.getDisplayName())) {
+            context.buildConstraintViolationWithTemplate(
+                    getTemplate(EntityViolationType.InvalidName, "Invalid display name")).
+                    addPropertyNode("displayName").addConstraintViolation();
+
+            isValid = false;
+        }
+
         try {
             URIUtils.buildForConnId(connInstance.getLocation());
         } catch (Exception e) {
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyCheck.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyCheck.java
new file mode 100644 (file)
index 0000000..45873be
--- /dev/null
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.persistence.jpa.validation.entity;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+@Target({ ElementType.TYPE })
+@Retention(RetentionPolicy.RUNTIME)
+@Constraint(validatedBy = PolicyValidator.class)
+@Documented
+public @interface PolicyCheck {
+
+    String message() default "{org.apache.syncope.core.persistence.validation.policy}";
+
+    Class<?>[] groups() default {};
+
+    Class<? extends Payload>[] payload() default {};
+}
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/PolicyValidator.java
new file mode 100644 (file)
index 0000000..47a06e9
--- /dev/null
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.persistence.jpa.validation.entity;
+
+import javax.validation.ConstraintValidatorContext;
+import org.apache.syncope.common.lib.types.EntityViolationType;
+import org.apache.syncope.core.persistence.api.entity.policy.Policy;
+
+public class PolicyValidator extends AbstractValidator<RoleCheck, Policy> {
+
+    @Override
+    public boolean isValid(final Policy policy, final ConstraintValidatorContext context) {
+        context.disableDefaultConstraintViolation();
+
+        if (isHtml(policy.getDescription())) {
+            context.buildConstraintViolationWithTemplate(
+                    getTemplate(EntityViolationType.InvalidName, "Invalid description")).
+                    addPropertyNode("description").addConstraintViolation();
+            return false;
+        }
+
+        return true;
+    }
+}
index 6b542d0..7a05ea8 100644 (file)
@@ -39,8 +39,7 @@ public class RealmValidator extends AbstractValidator<RealmCheck, Realm> {
                 isValid = false;
 
                 context.buildConstraintViolationWithTemplate(
-                        getTemplate(EntityViolationType.InvalidRealm,
-                                "Root realm cannot have a parent realm")).
+                        getTemplate(EntityViolationType.InvalidRealm, "Root realm cannot have a parent realm")).
                         addPropertyNode("parent").addConstraintViolation();
             }
         } else {
@@ -48,8 +47,7 @@ public class RealmValidator extends AbstractValidator<RealmCheck, Realm> {
                 isValid = false;
 
                 context.buildConstraintViolationWithTemplate(
-                        getTemplate(EntityViolationType.InvalidRealm,
-                                "A realm needs to reference a parent realm")).
+                        getTemplate(EntityViolationType.InvalidRealm, "A realm needs to reference a parent realm")).
                         addPropertyNode("parent").addConstraintViolation();
             }
 
@@ -57,8 +55,7 @@ public class RealmValidator extends AbstractValidator<RealmCheck, Realm> {
                 isValid = false;
 
                 context.buildConstraintViolationWithTemplate(
-                        getTemplate(EntityViolationType.InvalidRealm,
-                                "Only letters and numbers are allowed in realm name")).
+                        getTemplate(EntityViolationType.InvalidRealm, "Only alphanumeric chars allowed in realm name")).
                         addPropertyNode("name").addConstraintViolation();
             }
         }
index 9953859..550b153 100644 (file)
@@ -26,16 +26,27 @@ import org.apache.syncope.core.persistence.api.entity.RelationshipType;
 public class RelationshipTypeValidator extends AbstractValidator<RelationshipTypeCheck, RelationshipType> {
 
     @Override
-    public boolean isValid(final RelationshipType object, final ConstraintValidatorContext context) {
+    public boolean isValid(final RelationshipType relationShipType, final ConstraintValidatorContext context) {
         context.disableDefaultConstraintViolation();
 
-        if (MembershipType.getInstance().getKey().equalsIgnoreCase(object.getKey())) {
+        boolean isValid = true;
+
+        if (isHtml(relationShipType.getKey())) {
+            context.buildConstraintViolationWithTemplate(
+                    getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+                    addPropertyNode("key").addConstraintViolation();
+
+            isValid = false;
+        }
+
+        if (MembershipType.getInstance().getKey().equalsIgnoreCase(relationShipType.getKey())) {
             context.buildConstraintViolationWithTemplate(
                     getTemplate(EntityViolationType.InvalidKey, "Invalid relationshipType name")).
                     addPropertyNode("key").addConstraintViolation();
-            return false;
+
+            isValid = false;
         }
 
-        return true;
+        return isValid;
     }
 }
index e58a889..2be2072 100644 (file)
@@ -31,14 +31,24 @@ public class ReportValidator extends AbstractValidator<ReportCheck, Report> {
 
     @Override
     @SuppressWarnings("ResultOfObjectAllocationIgnored")
-    public boolean isValid(final Report object, final ConstraintValidatorContext context) {
+    public boolean isValid(final Report report, final ConstraintValidatorContext context) {
+        context.disableDefaultConstraintViolation();
+
         boolean isValid = true;
 
-        if (object.getCronExpression() != null) {
+        if (isHtml(report.getName())) {
+            context.buildConstraintViolationWithTemplate(
+                    getTemplate(EntityViolationType.InvalidName, "Invalid name")).
+                    addPropertyNode("name").addConstraintViolation();
+
+            isValid = false;
+        }
+
+        if (report.getCronExpression() != null) {
             try {
-                new CronExpression(object.getCronExpression());
+                new CronExpression(report.getCronExpression());
             } catch (ParseException e) {
-                LOG.error("Invalid cron expression '" + object.getCronExpression() + "'", e);
+                LOG.error("Invalid cron expression '" + report.getCronExpression() + "'", e);
                 isValid = false;
 
                 context.disableDefaultConstraintViolation();
@@ -48,9 +58,9 @@ public class ReportValidator extends AbstractValidator<ReportCheck, Report> {
             }
         }
 
-        Set<String> reportletKeys = object.getReportlets().stream().
+        Set<String> reportletKeys = report.getReportlets().stream().
                 map(Entity::getKey).collect(Collectors.toSet());
-        if (reportletKeys.size() != object.getReportlets().size()) {
+        if (reportletKeys.size() != report.getReportlets().size()) {
             LOG.error("Reportlet key must be unique");
             isValid = false;
 
index 9e9d687..90cf59b 100644 (file)
@@ -22,24 +22,35 @@ import javax.validation.ConstraintValidatorContext;
 import org.apache.syncope.common.lib.types.EntityViolationType;
 import org.apache.syncope.common.lib.types.ImplementationEngine;
 import org.apache.syncope.core.persistence.api.entity.OIDCProvider;
+import org.apache.syncope.core.persistence.api.entity.resource.Item;
 import org.apache.syncope.core.provisioning.api.data.ItemTransformer;
 
 public class OIDCProviderValidator extends AbstractValidator<OIDCProviderCheck, OIDCProvider> {
 
     @Override
-    public boolean isValid(final OIDCProvider value, final ConstraintValidatorContext context) {
+    public boolean isValid(final OIDCProvider oidcProvider, final ConstraintValidatorContext context) {
+        context.disableDefaultConstraintViolation();
 
-        if (value.isSelfRegUnmatching() && value.isCreateUnmatching()) {
+        if (isHtml(oidcProvider.getKey())) {
+            context.buildConstraintViolationWithTemplate(
+                    getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+                    addPropertyNode("key").addConstraintViolation();
+
+            return false;
+        }
+
+        if (oidcProvider.isSelfRegUnmatching() && oidcProvider.isCreateUnmatching()) {
             context.buildConstraintViolationWithTemplate(
                     getTemplate(EntityViolationType.Standard,
                             "Either selfRegUnmatching or createUnmatching, not both")).
                     addPropertyNode("selfRegUnmatching").
                     addPropertyNode("createUnmatching").addConstraintViolation();
+
             return false;
         }
 
-        long connObjectKeys = value.getItems().stream().filter(item -> item.isConnObjectKey()).count();
-        if (!value.getItems().isEmpty() && connObjectKeys != 1) {
+        long connObjectKeys = oidcProvider.getItems().stream().filter(Item::isConnObjectKey).count();
+        if (!oidcProvider.getItems().isEmpty() && connObjectKeys != 1) {
             context.buildConstraintViolationWithTemplate(
                     getTemplate(EntityViolationType.InvalidMapping, "Single ConnObjectKey mapping is required")).
                     addPropertyNode("connObjectKey.size").addConstraintViolation();
@@ -48,7 +59,7 @@ public class OIDCProviderValidator extends AbstractValidator<OIDCProviderCheck,
 
         final boolean[] isValid = new boolean[] { true };
 
-        long passwords = value.getItems().stream().filter(item -> item.isPassword()).count();
+        long passwords = oidcProvider.getItems().stream().filter(Item::isPassword).count();
         if (passwords > 0) {
             context.buildConstraintViolationWithTemplate(
                     getTemplate(EntityViolationType.InvalidMapping, "No password mapping is allowed")).
@@ -56,11 +67,10 @@ public class OIDCProviderValidator extends AbstractValidator<OIDCProviderCheck,
             isValid[0] = false;
         }
 
-        value.getItems().forEach(item -> {
+        oidcProvider.getItems().forEach(item -> {
             item.getTransformers().stream().
                     filter(transformer -> transformer.getEngine() == ImplementationEngine.JAVA).
                     forEach(transformer -> {
-
                         Class<?> actionsClass = null;
                         boolean isAssignable = false;
                         try {
index ab2f112..a14d420 100644 (file)
@@ -22,32 +22,45 @@ import javax.validation.ConstraintValidatorContext;
 import org.apache.syncope.common.lib.types.EntityViolationType;
 import org.apache.syncope.common.lib.types.ImplementationEngine;
 import org.apache.syncope.core.persistence.api.entity.SAML2IdP;
+import org.apache.syncope.core.persistence.api.entity.resource.Item;
 import org.apache.syncope.core.provisioning.api.data.ItemTransformer;
 
 public class SAML2IdPValidator extends AbstractValidator<SAML2IdPCheck, SAML2IdP> {
 
     @Override
-    public boolean isValid(final SAML2IdP value, final ConstraintValidatorContext context) {
-        if (value.isSelfRegUnmatching() && value.isCreateUnmatching()) {
+    public boolean isValid(final SAML2IdP saml2IdP, final ConstraintValidatorContext context) {
+        context.disableDefaultConstraintViolation();
+
+        if (isHtml(saml2IdP.getKey())) {
+            context.buildConstraintViolationWithTemplate(
+                    getTemplate(EntityViolationType.InvalidKey, "Invalid key")).
+                    addPropertyNode("key").addConstraintViolation();
+
+            return false;
+        }
+
+        if (saml2IdP.isSelfRegUnmatching() && saml2IdP.isCreateUnmatching()) {
             context.buildConstraintViolationWithTemplate(
                     getTemplate(EntityViolationType.Standard,
                             "Either selfRegUnmatching or createUnmatching, not both")).
                     addPropertyNode("selfRegUnmatching").
                     addPropertyNode("createUnmatching").addConstraintViolation();
+
             return false;
         }
 
-        long connObjectKeys = value.getItems().stream().filter(item -> item.isConnObjectKey()).count();
-        if (!value.getItems().isEmpty() && connObjectKeys != 1) {
+        long connObjectKeys = saml2IdP.getItems().stream().filter(Item::isConnObjectKey).count();
+        if (!saml2IdP.getItems().isEmpty() && connObjectKeys != 1) {
             context.buildConstraintViolationWithTemplate(
                     getTemplate(EntityViolationType.InvalidMapping, "Single ConnObjectKey mapping is required")).
                     addPropertyNode("connObjectKey.size").addConstraintViolation();
+
             return false;
         }
 
         final boolean[] isValid = new boolean[] { true };
 
-        long passwords = value.getItems().stream().filter(item -> item.isPassword()).count();
+        long passwords = saml2IdP.getItems().stream().filter(Item::isPassword).count();
         if (passwords > 0) {
             context.buildConstraintViolationWithTemplate(
                     getTemplate(EntityViolationType.InvalidMapping, "No password mapping is allowed")).
@@ -55,11 +68,10 @@ public class SAML2IdPValidator extends AbstractValidator<SAML2IdPCheck, SAML2IdP
             isValid[0] = false;
         }
 
-        value.getItems().forEach(item -> {
+        saml2IdP.getItems().forEach(item -> {
             item.getTransformers().stream().
                     filter(transformer -> transformer.getEngine() == ImplementationEngine.JAVA).
                     forEach(transformer -> {
-
                         Class<?> actionsClass = null;
                         boolean isAssignable = false;
                         try {
@@ -81,5 +93,4 @@ public class SAML2IdPValidator extends AbstractValidator<SAML2IdPCheck, SAML2IdP
 
         return isValid[0];
     }
-
 }