inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

REPO-1752, REPO-1753: Create person with an id that contains "/" does not return an error

Browse Source 
- Added username validation on create person.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@134040 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Raluca Munteanu
2017-01-04 11:59:25 +00:00
parent 9164399615
commit d7177c4d34
2 changed files with 26 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
source/java/org/alfresco/rest/api/impl/PeopleImpl.java
View File

@@ -511,6 +511,7 @@ public class PeopleImpl implements People
private void validateCreatePersonData(Person person) private void validateCreatePersonData(Person person)
{ {
validateUsername(person.getUserName());
validateNamespaces(person.getAspectNames(), person.getProperties()); validateNamespaces(person.getAspectNames(), person.getProperties());
checkRequiredField("id", person.getUserName()); checkRequiredField("id", person.getUserName());
checkRequiredField("firstName", person.getFirstName()); checkRequiredField("firstName", person.getFirstName());
@@ -518,6 +519,19 @@ public class PeopleImpl implements People
checkRequiredField("password", person.getPassword()); checkRequiredField("password", person.getPassword());
} }
private void validateUsername(String username)
{
if (username.length() > 100)
{
throw new InvalidArgumentException("Username is too long.");
}
if (username.indexOf('/') != -1)
{
throw new IllegalArgumentException("Username contains characters that are not permitted.");
}
}
private void validateNamespaces(List<String> aspectNames, Map<String, Object> properties) private void validateNamespaces(List<String> aspectNames, Map<String, Object> properties)
{ {
if (aspectNames != null) if (aspectNames != null)

14
source/test-java/org/alfresco/rest/api/tests/TestPeople.java
View File

@@ -289,8 +289,18 @@ public class TestPeople extends EnterpriseTestApi
assertEquals("userStatus", p.getUserStatus()); assertEquals("userStatus", p.getUserStatus());
assertEquals(true, p.isEnabled()); assertEquals(true, p.isEnabled());
assertEquals(true, p.isEmailNotificationsEnabled()); assertEquals(true, p.isEmailNotificationsEnabled());
// -ve tests
// create person with username too long
person.setUserName("myUserName11111111111111111111111111111111111111111111111111111111111111111111111111111111@" + account1.getId());
people.create(person, 400);
// create person with special character '/'
person.setUserName("myUser/Name@" + account1.getId());
people.create(person, 400);
} }
@Test @Test
public void testCreatePerson_canCreateDisabledPerson() throws PublicApiException public void testCreatePerson_canCreateDisabledPerson() throws PublicApiException
{ {
@@ -703,7 +713,7 @@ public class TestPeople extends EnterpriseTestApi
assertTrue(person.getAspectNames().contains("papi:dessertable")); assertTrue(person.getAspectNames().contains("papi:dessertable"));
return person; return person;
} }
@Test @Test
public void testUpdatePerson_withCustomProps() throws Exception public void testUpdatePerson_withCustomProps() throws Exception
{ {