diff --git a/source/java/org/alfresco/opencmis/CMISConnector.java b/source/java/org/alfresco/opencmis/CMISConnector.java index 836008de30..b89e88b968 100644 --- a/source/java/org/alfresco/opencmis/CMISConnector.java +++ b/source/java/org/alfresco/opencmis/CMISConnector.java @@ -93,6 +93,7 @@ import org.alfresco.service.cmr.audit.AuditQueryParameters; import org.alfresco.service.cmr.audit.AuditService; import org.alfresco.service.cmr.audit.AuditService.AuditQueryCallback; import org.alfresco.service.cmr.coci.CheckOutCheckInService; +import org.alfresco.service.cmr.dictionary.DataTypeDefinition; import org.alfresco.service.cmr.dictionary.DictionaryService; import org.alfresco.service.cmr.dictionary.InvalidAspectException; import org.alfresco.service.cmr.lock.LockService; @@ -272,6 +273,11 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen private static final String CMIS_USER = "cmis:user"; + private static final BigInteger maxInt = BigInteger.valueOf(Integer.MAX_VALUE); + private static final BigInteger minInt = BigInteger.valueOf(Integer.MIN_VALUE); + private static final BigInteger maxLong = BigInteger.valueOf(Long.MAX_VALUE); + private static final BigInteger minLong = BigInteger.valueOf(Long.MIN_VALUE); + // lifecycle private ProcessorLifecycle lifecycle = new ProcessorLifecycle(); @@ -2948,8 +2954,8 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen ArrayList values = new ArrayList(); if (property.getChildren() != null) { - try - { +// try +// { for (CmisExtensionElement valueElement : property.getChildren()) { if ("value".equals(valueElement.getName())) @@ -2957,28 +2963,80 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen switch (propertyType) { case BOOLEAN: - values.add(Boolean.parseBoolean(valueElement.getValue())); + try + { + values.add(Boolean.parseBoolean(valueElement.getValue())); + } + catch (Exception e) + { + throw new CmisInvalidArgumentException("Invalid property aspect value: " + propertyId, e); + } break; case DATETIME: - values.add(df.newXMLGregorianCalendar(valueElement.getValue()) - .toGregorianCalendar()); + try + { + values.add(df.newXMLGregorianCalendar(valueElement.getValue()) + .toGregorianCalendar()); + } + catch (Exception e) + { + throw new CmisInvalidArgumentException("Invalid property aspect value: " + propertyId, e); + } break; case INTEGER: - values.add(new BigInteger(valueElement.getValue())); + BigInteger value = null; + try + { + value = new BigInteger(valueElement.getValue()); + } + catch (Exception e) + { + throw new CmisInvalidArgumentException("Invalid property aspect value: " + propertyId, e); + } + + // overflow check + PropertyDefinitionWrapper propDef = cmisDictionaryService.findProperty(propertyId); + if(propDef == null) + { + throw new CmisInvalidArgumentException("Property " + propertyId + " is unknown!"); + } + + QName propertyQName = propDef.getPropertyAccessor().getMappedProperty(); + if (propertyQName == null) + { + throw new CmisConstraintException("Unable to set property " + propertyId + "!"); + } + + org.alfresco.service.cmr.dictionary.PropertyDefinition def = dictionaryService.getProperty(propertyQName); + QName dataDef = def.getDataType().getName(); + + if (dataDef.equals(DataTypeDefinition.INT) && (value.compareTo(maxInt) > 0 || value.compareTo(minInt) < 0)) + { + throw new CmisConstraintException("Value is out of range for property " + propertyId); + } + + if (dataDef.equals(DataTypeDefinition.LONG) && (value.compareTo(maxLong) > 0 || value.compareTo(minLong) < 0 )) + { + throw new CmisConstraintException("Value is out of range for property " + propertyId); + } + + values.add(value); break; case DECIMAL: - values.add(new BigDecimal(valueElement.getValue())); + try + { + values.add(new BigDecimal(valueElement.getValue())); + } + catch (Exception e) + { + throw new CmisInvalidArgumentException("Invalid property aspect value: " + propertyId, e); + } break; default: values.add(valueElement.getValue()); } } } - } - catch (Exception e) - { - throw new CmisInvalidArgumentException("Invalid property aspect value: " + propertyId, e); - } } aspectProperties.put(QName.createQName(propertyId, namespaceService), values); @@ -3069,6 +3127,8 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen // set property for (Map.Entry> property : aspectProperties.entrySet()) { + QName propertyQName = property.getKey(); + if (property.getValue().isEmpty()) { if(HiddenAspect.HIDDEN_PROPERTIES.contains(property.getKey())) @@ -3076,7 +3136,7 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen if(hiddenAspect.isClientControlled(nodeRef) || aspectProperties.containsKey(ContentModel.PROP_CLIENT_CONTROLLED)) { // manipulate hidden aspect property only if client controlled - nodeService.removeProperty(nodeRef, property.getKey()); + nodeService.removeProperty(nodeRef, propertyQName); } } else @@ -3097,8 +3157,9 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen } else { + Serializable value = (Serializable)property.getValue(); nodeService.setProperty(nodeRef, property.getKey(), property.getValue().size() == 1 ? property - .getValue().get(0) : (Serializable) property.getValue()); + .getValue().get(0) : value); } } } @@ -3161,6 +3222,7 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen throw new CmisConstraintException("Unable to set property " + property.getId() + "!"); } + if (property.getId().equals(PropertyIds.NAME)) { if (!(value instanceof String)) @@ -3189,6 +3251,24 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen } else { + // overflow check + if(propDef.getPropertyDefinition().getPropertyType() == PropertyType.INTEGER && value instanceof BigInteger) + { + org.alfresco.service.cmr.dictionary.PropertyDefinition def = dictionaryService.getProperty(propertyQName); + QName dataDef = def.getDataType().getName(); + BigInteger bigValue = (BigInteger)value; + + if ((bigValue.compareTo(maxInt) > 0 || bigValue.compareTo(minInt) < 0 ) && dataDef.equals(DataTypeDefinition.INT)) + { + throw new CmisConstraintException("Value is out of range for property " + propertyQName.getLocalName()); + } + + if ((bigValue.compareTo(maxLong) > 0 || bigValue.compareTo(minLong) < 0 ) && dataDef.equals(DataTypeDefinition.LONG)) + { + throw new CmisConstraintException("Value is out of range for property " + propertyQName.getLocalName()); + } + } + nodeService.setProperty(nodeRef, propertyQName, value); } } diff --git a/source/test-java/org/alfresco/opencmis/CMISTest.java b/source/test-java/org/alfresco/opencmis/CMISTest.java index 51bd1c0611..c353afbc74 100644 --- a/source/test-java/org/alfresco/opencmis/CMISTest.java +++ b/source/test-java/org/alfresco/opencmis/CMISTest.java @@ -10,6 +10,7 @@ import java.io.File; import java.io.Serializable; import java.math.BigInteger; import java.util.ArrayList; +import java.util.Collection; import java.util.GregorianCalendar; import java.util.HashMap; import java.util.List; @@ -33,24 +34,32 @@ import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.rule.Rule; import org.alfresco.service.cmr.rule.RuleService; import org.alfresco.service.cmr.rule.RuleType; +import org.alfresco.service.namespace.NamespaceService; +import org.alfresco.service.namespace.QName; import org.alfresco.service.cmr.version.VersionService; import org.alfresco.service.transaction.TransactionService; import org.alfresco.util.ApplicationContextHelper; import org.apache.chemistry.opencmis.commons.PropertyIds; import org.apache.chemistry.opencmis.commons.data.AllowableActions; +import org.apache.chemistry.opencmis.commons.data.CmisExtensionElement; import org.apache.chemistry.opencmis.commons.data.ObjectData; import org.apache.chemistry.opencmis.commons.data.ObjectInFolderData; import org.apache.chemistry.opencmis.commons.data.ObjectInFolderList; +import org.apache.chemistry.opencmis.commons.data.Properties; import org.apache.chemistry.opencmis.commons.data.PropertyData; import org.apache.chemistry.opencmis.commons.data.RepositoryInfo; +import org.apache.chemistry.opencmis.commons.definitions.TypeDefinition; import org.apache.chemistry.opencmis.commons.enums.Action; import org.apache.chemistry.opencmis.commons.enums.CmisVersion; import org.apache.chemistry.opencmis.commons.enums.IncludeRelationships; import org.apache.chemistry.opencmis.commons.enums.VersioningState; import org.apache.chemistry.opencmis.commons.exceptions.CmisConstraintException; +import org.apache.chemistry.opencmis.commons.impl.dataobjects.CmisExtensionElementImpl; import org.apache.chemistry.opencmis.commons.impl.dataobjects.ContentStreamImpl; import org.apache.chemistry.opencmis.commons.impl.dataobjects.PropertiesImpl; import org.apache.chemistry.opencmis.commons.impl.dataobjects.PropertyIdImpl; +import org.apache.chemistry.opencmis.commons.impl.dataobjects.PropertyIntegerDefinitionImpl; +import org.apache.chemistry.opencmis.commons.impl.dataobjects.PropertyIntegerImpl; import org.apache.chemistry.opencmis.commons.impl.dataobjects.PropertyStringImpl; import org.apache.chemistry.opencmis.commons.impl.server.AbstractServiceFactory; import org.apache.chemistry.opencmis.commons.server.CallContext; @@ -69,7 +78,7 @@ import org.springframework.extensions.webscripts.GUID; */ public class CMISTest { - private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext(); + private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext(new String[]{ApplicationContextHelper.CONFIG_LOCATIONS[0],"classpath:test-cmisinteger_modell-context.xml"}); private FileFolderService fileFolderService; private TransactionService transactionService; @@ -888,4 +897,231 @@ public class CMISTest } } + /** + * Test for MNT-9089 + */ + @Test + public void testIntegerBoudaries() throws Exception + { + AuthenticationUtil.pushAuthentication(); + AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName()); + + CmisService cmisService = factory.getService(context); + + try + { + FileInfo fileInfo = transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback() + { + @Override + public FileInfo execute() throws Throwable + { + NodeRef companyHomeNodeRef = repositoryHelper.getCompanyHome(); + + QName testIntTypeQName = QName.createQName("http://testCMISIntegersModel/1.0/", "testintegerstype"); + + String folderName = GUID.generate(); + FileInfo folderInfo = fileFolderService.create(companyHomeNodeRef, folderName, ContentModel.TYPE_FOLDER); + nodeService.setProperty(folderInfo.getNodeRef(), ContentModel.PROP_NAME, folderName); + assertNotNull(folderInfo); + + String docName = GUID.generate(); + FileInfo fileInfo = fileFolderService.create(folderInfo.getNodeRef(), docName, testIntTypeQName); + assertNotNull(fileInfo); + nodeService.setProperty(fileInfo.getNodeRef(), ContentModel.PROP_NAME, docName); + + return fileInfo; + } + }); + + // get repository id + List repositories = cmisService.getRepositoryInfos(null); + assertTrue(repositories.size() > 0); + RepositoryInfo repo = repositories.get(0); + String repositoryId = repo.getId(); + + String objectIdStr = fileInfo.getNodeRef().toString(); + + TypeDefinition typeDef = cmisService.getTypeDefinition(repositoryId, "D:tcim:testintegerstype", null); + + PropertyIntegerDefinitionImpl intNoBoundsTypeDef = + (PropertyIntegerDefinitionImpl)typeDef.getPropertyDefinitions().get("tcim:int"); + PropertyIntegerDefinitionImpl longNoBoundsTypeDef = + (PropertyIntegerDefinitionImpl)typeDef.getPropertyDefinitions().get("tcim:long"); + + PropertyIntegerDefinitionImpl intWithBoundsTypeDef = + (PropertyIntegerDefinitionImpl)typeDef.getPropertyDefinitions().get("tcim:intwithbounds"); + PropertyIntegerDefinitionImpl longWithBoundsTypeDef = + (PropertyIntegerDefinitionImpl)typeDef.getPropertyDefinitions().get("tcim:longwithbounds"); + + BigInteger minInteger = BigInteger.valueOf(Integer.MIN_VALUE); + BigInteger maxInteger = BigInteger.valueOf(Integer.MAX_VALUE); + + BigInteger minLong = BigInteger.valueOf(Long.MIN_VALUE); + BigInteger maxLong = BigInteger.valueOf(Long.MAX_VALUE); + + // test for default boundaries + assertTrue(intNoBoundsTypeDef.getMinValue().equals(minInteger)); + assertTrue(intNoBoundsTypeDef.getMaxValue().equals(maxInteger)); + + assertTrue(longNoBoundsTypeDef.getMinValue().equals(minLong)); + assertTrue(longNoBoundsTypeDef.getMaxValue().equals(maxLong)); + + // test for pre-defined boundaries + assertTrue(intWithBoundsTypeDef.getMinValue().equals(BigInteger.valueOf(-10L))); + assertTrue(intWithBoundsTypeDef.getMaxValue().equals(BigInteger.valueOf(10L))); + + assertTrue(longWithBoundsTypeDef.getMinValue().equals(BigInteger.valueOf(-10L))); + assertTrue(longWithBoundsTypeDef.getMaxValue().equals(BigInteger.valueOf(10L))); + + try // try to overfloat long without boundaries + { + BigInteger aValue = BigInteger.valueOf(Long.MAX_VALUE).add(BigInteger.valueOf(1L)); + setProperiesToObject(cmisService, repositoryId, objectIdStr, "tcim:long", aValue); + fail(); + } + catch(Exception e) + { + assertTrue(e instanceof CmisConstraintException); + } + + try // try to overfloat int without boundaries + { + BigInteger aValue = BigInteger.valueOf(Integer.MAX_VALUE).add(BigInteger.valueOf(1L)); + setProperiesToObject(cmisService, repositoryId, objectIdStr, "tcim:int", aValue); + fail(); + } + catch(Exception e) + { + assertTrue(e instanceof CmisConstraintException); + } + + try // try to overfloat int with boundaries + { + BigInteger aValue = BigInteger.valueOf( 11l ); + setProperiesToObject(cmisService, repositoryId, objectIdStr, "tcim:intwithbounds", aValue); + fail(); + } + catch(Exception e) + { + assertTrue(e instanceof CmisConstraintException); + } + + try // try to overfloat long with boundaries + { + BigInteger aValue = BigInteger.valueOf( 11l ); + setProperiesToObject(cmisService, repositoryId, objectIdStr, "tcim:longwithbounds", aValue); + fail(); + } + catch(Exception e) + { + assertTrue(e instanceof CmisConstraintException); + } + } + catch(Exception e) + { + fail(e.getMessage()); + } + finally + { + cmisService.close(); + + AuthenticationUtil.popAuthentication(); + } + } + + private void setProperiesToObject(CmisService cmisService, String repositoryId, String objectIdStr, String propertyStr, BigInteger bigIntValue) throws CmisConstraintException{ + Properties properties = cmisService.getProperties(repositoryId, objectIdStr, null, null); + PropertyIntegerImpl pd = (PropertyIntegerImpl)properties.getProperties().get(propertyStr); + pd.setValue(bigIntValue); + + Collection> propsList = new ArrayList>(); + propsList.add(pd); + + Properties newProps = new PropertiesImpl(propsList); + + cmisService.updateProperties(repositoryId, new Holder(objectIdStr), null, newProps, null); + } + + @Test + public void testMNT9090() throws Exception + { + AuthenticationUtil.pushAuthentication(); + AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName()); + + CmisService cmisService = factory.getService(context); + + try + { + FileInfo fileInfo = transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback() + { + @Override + public FileInfo execute() throws Throwable + { + NodeRef companyHomeNodeRef = repositoryHelper.getCompanyHome(); + + String folderName = GUID.generate(); + FileInfo folderInfo = fileFolderService.create(companyHomeNodeRef, folderName, ContentModel.TYPE_FOLDER); + nodeService.setProperty(folderInfo.getNodeRef(), ContentModel.PROP_NAME, folderName); + assertNotNull(folderInfo); + + String docName = GUID.generate(); + FileInfo fileInfo = fileFolderService.create(folderInfo.getNodeRef(), docName, ContentModel.TYPE_CONTENT); + assertNotNull(fileInfo); + nodeService.setProperty(fileInfo.getNodeRef(), ContentModel.PROP_NAME, docName); + + QName ASPECT_AUDIO = QName.createQName(NamespaceService.AUDIO_MODEL_1_0_URI, "audio"); + Map aspectProperties = new HashMap(); + nodeService.addAspect(fileInfo.getNodeRef(), ASPECT_AUDIO, aspectProperties); + + return fileInfo; + } + }); + + // get repository id + List repositories = cmisService.getRepositoryInfos(null); + assertTrue(repositories.size() > 0); + RepositoryInfo repo = repositories.get(0); + String repositoryId = repo.getId(); + + String objectIdStr = fileInfo.getNodeRef().toString(); + Holder objectId = new Holder(objectIdStr); + + // try to overflow the value + Object value = BigInteger.valueOf(Integer.MAX_VALUE + 1l); + + Properties properties = new PropertiesImpl(); + List extensions = new ArrayList(); + + CmisExtensionElement valueElem = new CmisExtensionElementImpl(CMISConnector.ALFRESCO_EXTENSION_NAMESPACE, "value", null, value.toString()); + List valueElems = new ArrayList(); + valueElems.add(valueElem); + + List children = new ArrayList(); + Map attributes = new HashMap(); + attributes.put("propertyDefinitionId", "audio:trackNumber"); + children.add(new CmisExtensionElementImpl(CMISConnector.ALFRESCO_EXTENSION_NAMESPACE, "propertyInteger", attributes, valueElems)); + + List propertyValuesExtension = new ArrayList(); + propertyValuesExtension.add(new CmisExtensionElementImpl(CMISConnector.ALFRESCO_EXTENSION_NAMESPACE, CMISConnector.PROPERTIES, null, children)); + + CmisExtensionElement setAspectsExtension = new CmisExtensionElementImpl(CMISConnector.ALFRESCO_EXTENSION_NAMESPACE, CMISConnector.SET_ASPECTS, null, propertyValuesExtension); + extensions.add(setAspectsExtension); + properties.setExtensions(extensions); + + // should throw a CMISConstraintException + cmisService.updateProperties(repositoryId, objectId, null, properties, null); + fail(); + } + catch(CmisConstraintException e) + { + assertTrue(e.getMessage().startsWith("Value is out of range for property")); + // ok + } + finally + { + cmisService.close(); + + AuthenticationUtil.popAuthentication(); + } + } } diff --git a/source/test-resources/test-cmisinteger_modell-context.xml b/source/test-resources/test-cmisinteger_modell-context.xml new file mode 100644 index 0000000000..00a5447435 --- /dev/null +++ b/source/test-resources/test-cmisinteger_modell-context.xml @@ -0,0 +1,13 @@ + + + + + + + + + opencmis/testcmisinteger_model.xml + + + +