public/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2025-12-13 01:36:18 +00:00
Code Issues Releases Wiki Activity

#159: route model steps validation

Browse Source
This commit is contained in:
Benjamin Gamard
2018-01-28 14:52:13 +01:00
parent 17a94395f3
commit e035007070
4 changed files with 89 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
docs-web/src/main/java/com/sismics/docs/rest/resource/RouteModelResource.java
View File

@@ -1,19 +1,25 @@
package com.sismics.docs.rest.resource;
import com.sismics.docs.core.constant.AclTargetType;
import com.sismics.docs.core.constant.RouteStepType;
import com.sismics.docs.core.dao.jpa.GroupDao;
import com.sismics.docs.core.dao.jpa.RouteModelDao;
import com.sismics.docs.core.dao.jpa.UserDao;
import com.sismics.docs.core.dao.jpa.criteria.RouteModelCriteria;
import com.sismics.docs.core.dao.jpa.dto.RouteModelDto;
import com.sismics.docs.core.model.jpa.Group;
import com.sismics.docs.core.model.jpa.RouteModel;
import com.sismics.docs.core.model.jpa.User;
import com.sismics.docs.core.util.jpa.SortCriteria;
import com.sismics.docs.rest.constant.BaseFunction;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.util.ValidationUtil;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.json.*;
import javax.ws.rs.*;
import javax.ws.rs.core.Response;
import java.io.StringReader;
import java.util.List;
/**
@@ -91,7 +97,8 @@ public class RouteModelResource extends BaseResource {
// Validate input
name = ValidationUtil.validateLength(name, "name", 1, 50, false);
// TODO Validate steps data
steps = ValidationUtil.validateLength(steps, "steps", 1, 5000, false);
validateRouteModelSteps(steps);
// Create the route model
RouteModelDao routeModelDao = new RouteModelDao();
@@ -105,6 +112,66 @@ public class RouteModelResource extends BaseResource {
return Response.ok().entity(response.build()).build();
}
/**
* Validate route model steps.
*
* @param steps Route model steps data
*/
private void validateRouteModelSteps(String steps) {
UserDao userDao = new UserDao();
GroupDao groupDao = new GroupDao();
try (JsonReader reader = Json.createReader(new StringReader(steps))) {
JsonArray stepsJson = reader.readArray();
if (stepsJson.size() == 0) {
throw new ClientException("ValidationError", "At least one step is required");
}
for (int i = 0; i < stepsJson.size(); i++) {
JsonObject step = stepsJson.getJsonObject(i);
if (step.size() != 3) {
throw new ClientException("ValidationError", "Steps data not valid");
}
String type = step.getString("type");
ValidationUtil.validateLength(step.getString("name"), "step.name", 1, 200, false);
try {
RouteStepType.valueOf(type);
} catch (IllegalArgumentException e) {
throw new ClientException("ValidationError", type + "is not a valid route step type");
}
JsonObject target = step.getJsonObject("target");
if (target.size() != 2) {
throw new ClientException("ValidationError", "Steps data not valid");
}
AclTargetType targetType;
String targetTypeStr = target.getString("type");
String targetName = target.getString("name");
ValidationUtil.validateRequired(targetName, "step.target.name");
ValidationUtil.validateRequired(targetTypeStr, "step.target.type");
try {
targetType = AclTargetType.valueOf(targetTypeStr);
} catch (IllegalArgumentException e) {
throw new ClientException("ValidationError", targetTypeStr + " is not a valid ACL target type");
}
switch (targetType) {
case USER:
User user = userDao.getActiveByUsername(targetName);
if (user == null) {
throw new ClientException("ValidationError", targetName + " is not a valid user");
}
break;
case GROUP:
Group group = groupDao.getActiveByName(targetName);
if (group == null) {
throw new ClientException("ValidationError", targetName + " is not a valid group");
}
break;
}
}
} catch (JsonException e) {
throw new ClientException("ValidationError", "Steps data not valid");
}
}
/**
* Update a route model.
*

2
docs-web/src/main/webapp/src/partial/docs/settings.workflow.html
View File

@@ -5,7 +5,7 @@
<div class="row">
<div class="col-md-4 well">
<table class="table table-hover table-workflows">
<table class="table table-hover table-users">
<thead>
<tr>
<th>{{ 'settings.workflow.name' | translate }}</th>

28
docs-web/src/test/java/com/sismics/docs/rest/TestRouteModelResource.java
View File

@@ -26,31 +26,31 @@ public class TestRouteModelResource extends BaseJerseyTest {
// Get all route models
JsonObject json = target().path("/routemodel")
.queryParam("sort_column", "1")
.queryParam("asc", "true")
.queryParam("sort_column", "2")
.queryParam("asc", "false")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
JsonArray routeModels = json.getJsonArray("routemodels");
Assert.assertEquals(0, routeModels.size());
Assert.assertEquals(1, routeModels.size());
// Create a route model
json = target().path("/routemodel").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(new Form()
.param("name", "Workflow validation 1")
.param("steps", "[]")), JsonObject.class);
.param("steps", "[{\"type\":\"VALIDATE\",\"target\":{\"name\":\"administrators\",\"type\":\"GROUP\"},\"name\":\"Check the document's metadata\"}]")), JsonObject.class);
String routeModelId = json.getString("id");
// Get all route models
json = target().path("/routemodel")
.queryParam("sort_column", "1")
.queryParam("asc", "true")
.queryParam("sort_column", "2")
.queryParam("asc", "false")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
routeModels = json.getJsonArray("routemodels");
Assert.assertEquals(1, routeModels.size());
Assert.assertEquals(2, routeModels.size());
Assert.assertEquals(routeModelId, routeModels.getJsonObject(0).getString("id"));
Assert.assertEquals("Workflow validation 1", routeModels.getJsonObject(0).getString("name"));
@@ -61,14 +61,14 @@ public class TestRouteModelResource extends BaseJerseyTest {
.get(JsonObject.class);
Assert.assertEquals(routeModelId, json.getString("id"));
Assert.assertEquals("Workflow validation 1", json.getString("name"));
Assert.assertEquals("[]", json.getString("steps"));
Assert.assertEquals("[{\"type\":\"VALIDATE\",\"target\":{\"name\":\"administrators\",\"type\":\"GROUP\"},\"name\":\"Check the document's metadata\"}]", json.getString("steps"));
// Update the route model
json = target().path("/routemodel/" + routeModelId).request()
target().path("/routemodel/" + routeModelId).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()
.param("name", "Workflow validation 2")
.param("steps", "[{}]")), JsonObject.class);
.param("steps", "[{\"type\":\"APPROVE\",\"target\":{\"name\":\"administrators\",\"type\":\"GROUP\"},\"name\":\"Check the document's metadata\"}]")), JsonObject.class);
// Get the route model
json = target().path("/routemodel/" + routeModelId)
@@ -77,7 +77,7 @@ public class TestRouteModelResource extends BaseJerseyTest {
.get(JsonObject.class);
Assert.assertEquals(routeModelId, json.getString("id"));
Assert.assertEquals("Workflow validation 2", json.getString("name"));
Assert.assertEquals("[{}]", json.getString("steps"));
Assert.assertEquals("[{\"type\":\"APPROVE\",\"target\":{\"name\":\"administrators\",\"type\":\"GROUP\"},\"name\":\"Check the document's metadata\"}]", json.getString("steps"));
// Delete the route model
target().path("/routemodel/" + routeModelId)
@@ -87,12 +87,12 @@ public class TestRouteModelResource extends BaseJerseyTest {
// Get all route models
json = target().path("/routemodel")
.queryParam("sort_column", "1")
.queryParam("asc", "true")
.queryParam("sort_column", "2")
.queryParam("asc", "false")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
routeModels = json.getJsonArray("routemodels");
Assert.assertEquals(0, routeModels.size());
Assert.assertEquals(1, routeModels.size());
}
}