/** * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this file, * You can obtain one at http://mozilla.org/MPL/2.0/. */ package org.mifosplatform.useradministration.service; import java.lang.reflect.Type; import java.util.ArrayList; import java.util.Arrays; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; import org.apache.commons.lang.StringUtils; import org.mifosplatform.infrastructure.core.data.ApiParameterError; import org.mifosplatform.infrastructure.core.data.DataValidatorBuilder; import org.mifosplatform.infrastructure.core.exception.InvalidJsonException; import org.mifosplatform.infrastructure.core.exception.PlatformApiDataValidationException; import org.mifosplatform.infrastructure.core.serialization.FromJsonHelper; import org.mifosplatform.useradministration.domain.PasswordValidationPolicy; import org.mifosplatform.useradministration.domain.PasswordValidationPolicyRepository; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.google.gson.JsonArray; import com.google.gson.JsonElement; import com.google.gson.reflect.TypeToken; @Component public final class UserDataValidator { /** * The parameters supported for this command. */ private final Set<String> supportedParameters = new HashSet<>(Arrays.asList("username", "firstname", "lastname", "password", "repeatPassword", "email", "officeId", "notSelectedRoles", "roles", "sendPasswordToEmail", "staffId", "passwordNeverExpires", AppUserConstants.IS_SELF_SERVICE_USER, AppUserConstants.CLIENTS)); private final FromJsonHelper fromApiJsonHelper; private final PasswordValidationPolicyRepository passwordValidationPolicy; @Autowired public UserDataValidator(final FromJsonHelper fromApiJsonHelper, final PasswordValidationPolicyRepository passwordValidationPolicy) { this.fromApiJsonHelper = fromApiJsonHelper; this.passwordValidationPolicy = passwordValidationPolicy; } public void validateForCreate(final String json) { if (StringUtils.isBlank(json)) { throw new InvalidJsonException(); } final Type typeOfMap = new TypeToken<Map<String, Object>>() {}.getType(); this.fromApiJsonHelper.checkForUnsupportedParameters(typeOfMap, json, this.supportedParameters); final List<ApiParameterError> dataValidationErrors = new ArrayList<>(); final DataValidatorBuilder baseDataValidator = new DataValidatorBuilder(dataValidationErrors).resource("user"); final JsonElement element = this.fromApiJsonHelper.parse(json); final String username = this.fromApiJsonHelper.extractStringNamed("username", element); baseDataValidator.reset().parameter("username").value(username).notBlank().notExceedingLengthOf(100); final String firstname = this.fromApiJsonHelper.extractStringNamed("firstname", element); baseDataValidator.reset().parameter("firstname").value(firstname).notBlank().notExceedingLengthOf(100); final String lastname = this.fromApiJsonHelper.extractStringNamed("lastname", element); baseDataValidator.reset().parameter("lastname").value(lastname).notBlank().notExceedingLengthOf(100); final Boolean sendPasswordToEmail = this.fromApiJsonHelper.extractBooleanNamed("sendPasswordToEmail", element); if (sendPasswordToEmail != null) { if (sendPasswordToEmail.booleanValue()) { final String email = this.fromApiJsonHelper.extractStringNamed("email", element); baseDataValidator.reset().parameter("email").value(email).notBlank().notExceedingLengthOf(100); } else { final String password = this.fromApiJsonHelper.extractStringNamed("password", element); final String repeatPassword = this.fromApiJsonHelper.extractStringNamed("repeatPassword", element); final PasswordValidationPolicy validationPolicy = this.passwordValidationPolicy.findActivePasswordValidationPolicy(); final String regex = validationPolicy.getRegex(); final String description = validationPolicy.getDescription(); baseDataValidator.reset().parameter("password").value(password).matchesRegularExpression(regex,description); if (StringUtils.isNotBlank(password)) { baseDataValidator.reset().parameter("password").value(password).equalToParameter("repeatPassword", repeatPassword); } } } else { baseDataValidator.reset().parameter("sendPasswordToEmail").value(sendPasswordToEmail).trueOrFalseRequired(false); } final Long officeId = this.fromApiJsonHelper.extractLongNamed("officeId", element); baseDataValidator.reset().parameter("officeId").value(officeId).notNull().integerGreaterThanZero(); if (this.fromApiJsonHelper.parameterExists("staffId", element)) { final Long staffId = this.fromApiJsonHelper.extractLongNamed("staffId", element); baseDataValidator.reset().parameter("staffId").value(staffId).notNull().integerGreaterThanZero(); } if (this.fromApiJsonHelper.parameterExists(AppUserConstants.PASSWORD_NEVER_EXPIRES, element)) { final boolean passwordNeverExpire = this.fromApiJsonHelper .extractBooleanNamed(AppUserConstants.PASSWORD_NEVER_EXPIRES, element); baseDataValidator.reset().parameter("passwordNeverExpire").value(passwordNeverExpire).validateForBooleanValue(); } Boolean isSelfServiceUser = null; if(this.fromApiJsonHelper.parameterExists(AppUserConstants.IS_SELF_SERVICE_USER, element)){ isSelfServiceUser = this.fromApiJsonHelper.extractBooleanNamed(AppUserConstants.IS_SELF_SERVICE_USER, element); if(isSelfServiceUser == null){ baseDataValidator.reset().parameter(AppUserConstants.IS_SELF_SERVICE_USER).trueOrFalseRequired(false); } } if(this.fromApiJsonHelper.parameterExists(AppUserConstants.CLIENTS, element)){ if(isSelfServiceUser == null || !isSelfServiceUser){ baseDataValidator.reset().parameter(AppUserConstants.CLIENTS).failWithCode("not.supported.when.isSelfServiceUser.is.false", "clients parameter is not supported when isSelfServiceUser parameter is false"); }else{ final JsonArray clientsArray = this.fromApiJsonHelper.extractJsonArrayNamed(AppUserConstants.CLIENTS, element); baseDataValidator.reset().parameter(AppUserConstants.CLIENTS).value(clientsArray).jsonArrayNotEmpty(); for(JsonElement client : clientsArray){ Long clientId = client.getAsLong(); baseDataValidator.reset().parameter(AppUserConstants.CLIENTS).value(clientId).longGreaterThanZero(); } } } final String[] roles = this.fromApiJsonHelper.extractArrayNamed("roles", element); baseDataValidator.reset().parameter("roles").value(roles).arrayNotEmpty(); throwExceptionIfValidationWarningsExist(dataValidationErrors); } private void throwExceptionIfValidationWarningsExist(final List<ApiParameterError> dataValidationErrors) { if (!dataValidationErrors.isEmpty()) { throw new PlatformApiDataValidationException(dataValidationErrors); } } public void validateForUpdate(final String json) { if (StringUtils.isBlank(json)) { throw new InvalidJsonException(); } final Type typeOfMap = new TypeToken<Map<String, Object>>() {}.getType(); this.fromApiJsonHelper.checkForUnsupportedParameters(typeOfMap, json, this.supportedParameters); final List<ApiParameterError> dataValidationErrors = new ArrayList<>(); final DataValidatorBuilder baseDataValidator = new DataValidatorBuilder(dataValidationErrors).resource("user"); final JsonElement element = this.fromApiJsonHelper.parse(json); if (this.fromApiJsonHelper.parameterExists("officeId", element)) { final Long officeId = this.fromApiJsonHelper.extractLongNamed("officeId", element); baseDataValidator.reset().parameter("officeId").value(officeId).notNull().integerGreaterThanZero(); } if (this.fromApiJsonHelper.parameterExists("staffId", element)) { final Long staffId = this.fromApiJsonHelper.extractLongNamed("staffId", element); baseDataValidator.reset().parameter("staffId").value(staffId).ignoreIfNull().integerGreaterThanZero(); } if (this.fromApiJsonHelper.parameterExists("username", element)) { final String username = this.fromApiJsonHelper.extractStringNamed("username", element); baseDataValidator.reset().parameter("username").value(username).notBlank().notExceedingLengthOf(100); } if (this.fromApiJsonHelper.parameterExists("firstname", element)) { final String firstname = this.fromApiJsonHelper.extractStringNamed("firstname", element); baseDataValidator.reset().parameter("firstname").value(firstname).notBlank().notExceedingLengthOf(100); } if (this.fromApiJsonHelper.parameterExists("lastname", element)) { final String lastname = this.fromApiJsonHelper.extractStringNamed("lastname", element); baseDataValidator.reset().parameter("lastname").value(lastname).notBlank().notExceedingLengthOf(100); } if (this.fromApiJsonHelper.parameterExists("email", element)) { final String email = this.fromApiJsonHelper.extractStringNamed("email", element); baseDataValidator.reset().parameter("email").value(email).notBlank().notExceedingLengthOf(100); } if (this.fromApiJsonHelper.parameterExists("roles", element)) { final String[] roles = this.fromApiJsonHelper.extractArrayNamed("roles", element); baseDataValidator.reset().parameter("roles").value(roles).arrayNotEmpty(); } if (this.fromApiJsonHelper.parameterExists("password", element)) { final String password = this.fromApiJsonHelper.extractStringNamed("password", element); final String repeatPassword = this.fromApiJsonHelper.extractStringNamed("repeatPassword", element); final PasswordValidationPolicy validationPolicy = this.passwordValidationPolicy.findActivePasswordValidationPolicy(); final String regex = validationPolicy.getRegex(); final String description = validationPolicy.getDescription(); baseDataValidator.reset().parameter("password").value(password).matchesRegularExpression(regex,description); if (StringUtils.isNotBlank(password)) { baseDataValidator.reset().parameter("password").value(password).equalToParameter("repeatPassword", repeatPassword); } } if (this.fromApiJsonHelper.parameterExists("passwordNeverExpire", element)) { final boolean passwordNeverExpire = this.fromApiJsonHelper.extractBooleanNamed("passwordNeverExpire", element); baseDataValidator.reset().parameter("passwordNeverExpire").value(passwordNeverExpire).validateForBooleanValue(); } Boolean isSelfServiceUser = null; if(this.fromApiJsonHelper.parameterExists(AppUserConstants.IS_SELF_SERVICE_USER, element)){ isSelfServiceUser = this.fromApiJsonHelper.extractBooleanNamed(AppUserConstants.IS_SELF_SERVICE_USER, element); if(isSelfServiceUser == null){ baseDataValidator.reset().parameter(AppUserConstants.IS_SELF_SERVICE_USER).trueOrFalseRequired(false); } } if(this.fromApiJsonHelper.parameterExists(AppUserConstants.CLIENTS, element)){ if(isSelfServiceUser != null && !isSelfServiceUser){ baseDataValidator.reset().parameter(AppUserConstants.CLIENTS).failWithCode("not.supported.when.isSelfServiceUser.is.false", "clients parameter is not supported when isSelfServiceUser parameter is false"); }else{ final JsonArray clientsArray = this.fromApiJsonHelper.extractJsonArrayNamed(AppUserConstants.CLIENTS, element); baseDataValidator.reset().parameter(AppUserConstants.CLIENTS).value(clientsArray).jsonArrayNotEmpty(); for(JsonElement client : clientsArray){ Long clientId = client.getAsLong(); baseDataValidator.reset().parameter(AppUserConstants.CLIENTS).value(clientId).longGreaterThanZero(); } } } throwExceptionIfValidationWarningsExist(dataValidationErrors); } }