From 41bce5da29308d3bbcc02ac851cb2805dbdb5f28 Mon Sep 17 00:00:00 2001 From: Jan Vonka Date: Tue, 4 Jul 2017 20:40:59 +0000 Subject: [PATCH] REPO-2181 - improve V0 Audit API param defaults & error handling - we no longer silently ignore non-null NumberFormatException (throws 400 bad argument) - important when clearing/deleting audit (to minimise chance that url typo will clear more than expected) - also fixes trivial typo raised in ALF-21865 (getParamFromTime doesn't use DEFAULT_FROM_TIME) git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@137895 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../scripts/audit/AbstractAuditWebScript.java | 156 +++++++++--------- 1 file changed, 76 insertions(+), 80 deletions(-) diff --git a/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java b/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java index f6ffb7c187..7d9f4c0024 100644 --- a/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java +++ b/source/java/org/alfresco/repo/web/scripts/audit/AbstractAuditWebScript.java @@ -1,28 +1,28 @@ -/* - * #%L - * Alfresco Remote API - * %% - * Copyright (C) 2005 - 2016 Alfresco Software Limited - * %% - * This file is part of the Alfresco software. - * If the software was purchased under a paid Alfresco license, the terms of - * the paid license agreement will prevail. Otherwise, the software is - * provided under the following open source license terms: - * - * Alfresco is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * Alfresco is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with Alfresco. If not, see . - * #L% - */ +/* + * #%L + * Alfresco Remote API + * %% + * Copyright (C) 2005 - 2016 Alfresco Software Limited + * %% + * This file is part of the Alfresco software. + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + * #L% + */ package org.alfresco.repo.web.scripts.audit; import java.util.Map; @@ -32,6 +32,8 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.extensions.surf.util.I18NUtil; import org.springframework.extensions.webscripts.DeclarativeWebScript; +import org.springframework.extensions.webscripts.Status; +import org.springframework.extensions.webscripts.WebScriptException; import org.springframework.extensions.webscripts.WebScriptRequest; /** @@ -64,6 +66,7 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript public static final boolean DEFAULT_FORWARD = true; public static final int DEFAULT_LIMIT = 100; public static final boolean DEFAULT_VERBOSE = false; + public static final boolean DEFAULT_ENABLE = false; public static final String JSON_KEY_ENABLED = "enabled"; public static final String JSON_KEY_APPLICATIONS = "applications"; @@ -173,8 +176,7 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript protected boolean getParamEnableDisable(WebScriptRequest req) { - String enableStr = req.getParameter(PARAM_ENABLE); - return Boolean.parseBoolean(enableStr); + return getBooleanParam(req.getParameter(PARAM_ENABLE), DEFAULT_ENABLE); } protected String getParamValue(WebScriptRequest req) @@ -192,15 +194,7 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript */ protected Long getParamFromTime(WebScriptRequest req) { - String paramStr = req.getParameter(PARAM_FROM_TIME); - try - { - return Long.parseLong(paramStr); - } - catch (NumberFormatException e) - { - return DEFAULT_TO_TIME; - } + return getLongParam(req.getParameter(PARAM_FROM_TIME), DEFAULT_FROM_TIME); } /** @@ -208,15 +202,7 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript */ protected Long getParamToTime(WebScriptRequest req) { - String paramStr = req.getParameter(PARAM_TO_TIME); - try - { - return Long.parseLong(paramStr); - } - catch (NumberFormatException e) - { - return DEFAULT_TO_TIME; - } + return getLongParam(req.getParameter(PARAM_TO_TIME), DEFAULT_TO_TIME); } /** @@ -224,15 +210,7 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript */ protected Long getParamFromId(WebScriptRequest req) { - String paramStr = req.getParameter(PARAM_FROM_ID); - try - { - return Long.parseLong(paramStr); - } - catch (NumberFormatException e) - { - return DEFAULT_FROM_ID; - } + return getLongParam(req.getParameter(PARAM_FROM_ID), DEFAULT_FROM_ID); } /** @@ -240,15 +218,7 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript */ protected Long getParamToId(WebScriptRequest req) { - String paramStr = req.getParameter(PARAM_TO_ID); - try - { - return Long.parseLong(paramStr); - } - catch (NumberFormatException e) - { - return DEFAULT_TO_ID; - } + return getLongParam(req.getParameter(PARAM_TO_ID), DEFAULT_TO_ID); } /** @@ -264,12 +234,7 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript */ protected boolean getParamForward(WebScriptRequest req) { - String paramStr = req.getParameter(PARAM_FORWARD); - if (paramStr == null) - { - return DEFAULT_FORWARD; - } - return Boolean.parseBoolean(paramStr); + return getBooleanParam(req.getParameter(PARAM_FORWARD), DEFAULT_FORWARD); } /** @@ -277,15 +242,7 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript */ protected int getParamLimit(WebScriptRequest req) { - String paramStr = req.getParameter(PARAM_LIMIT); - try - { - return Integer.parseInt(paramStr); - } - catch (NumberFormatException e) - { - return DEFAULT_LIMIT; - } + return getIntParam(req.getParameter(PARAM_LIMIT), DEFAULT_LIMIT); } /** @@ -293,11 +250,50 @@ public abstract class AbstractAuditWebScript extends DeclarativeWebScript */ protected boolean getParamVerbose(WebScriptRequest req) { - String paramStr = req.getParameter(PARAM_VERBOSE); + return getBooleanParam(req.getParameter(PARAM_VERBOSE), DEFAULT_VERBOSE); + } + + private Long getLongParam(String paramStr, Long defaultVal) + { if (paramStr == null) { - return DEFAULT_VERBOSE; + // note: defaultVal can be null + return defaultVal; } + try + { + return Long.parseLong(paramStr); + } + catch (NumberFormatException e) + { + throw new WebScriptException(Status.STATUS_BAD_REQUEST, e.getMessage()); + } + } + + private boolean getBooleanParam(String paramStr, boolean defaultVal) + { + if (paramStr == null) + { + return defaultVal; + } + + // note: will return false if paramStr does not equals "true" (ignoring case) return Boolean.parseBoolean(paramStr); } + + private int getIntParam(String paramStr, int defaultVal) + { + if (paramStr == null) + { + return defaultVal; + } + try + { + return Integer.parseInt(paramStr); + } + catch (NumberFormatException e) + { + throw new WebScriptException(Status.STATUS_BAD_REQUEST, e.getMessage()); + } + } }