first beta version of new MOA-ID WebGUI module for configuration

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2015-07-17 09:18:28 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2015-07-17 09:18:28 +0200
commit: 98dbb23fa5dcd9518beb56fd2410667b385b5524 (patch)
tree: b95ad14a2401f553d72d6dc911814980689866b5 /id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
parent: d774a81910498c9ee1277c1611d57b07bf069fbd (diff)
download: moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.tar.gz
moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.tar.bz2
moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.zip
1 files changed, 221 insertions, 0 deletions
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
new file mode 100644
index 000000000..766032f1f
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
@@ -0,0 +1,221 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.utils.CompanyNumberValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesTargetTask extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesTargetTask.class);
+	private static final List<String> KEYWHITELIST;
+	
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - Target Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+        String check;
+		if (Boolean.parseBoolean(isBusinessService)) {
+			
+			//check identification type
+			check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
+			if (!MOAIDConfigurationConstants.BUSINESSSERVICENAMES.keySet().contains(check)) {
+				log.info("IdentificationType is not known.");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, 
+						"BusinessService - Type",
+						LanguageHelper.getErrorString("validation.general.stork.sptarget")));
+			}
+			
+			//check identification number
+			check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE);
+			if (MiscUtil.isEmpty(check)) {
+				log.info("Empty IdentificationNumber");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, 
+						"BusinessService - Value",
+						LanguageHelper.getErrorString("validation.general.identificationnumber.empty")));
+				
+			} else {
+				if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+					log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, 
+							"BusinessService - Value",
+							LanguageHelper.getErrorString("validation.general.identificationnumber.valid", 
+							new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+				}
+				
+				if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE)
+						.equals(MOAIDConfigurationConstants.IDENIFICATIONTYPE_FN)) {
+					CompanyNumberValidator val = new CompanyNumberValidator();
+					if (!val.validate(check)) {
+						log.info("Not valid CompanyNumber");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, 
+								"BusinessService - Value",
+								LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid")));
+					}
+				}
+			}
+						
+		} else {
+			
+			//check own target
+			String useOwnTarget = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN);
+			if (MiscUtil.isNotEmpty(useOwnTarget) && Boolean.parseBoolean(useOwnTarget)) {
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME);
+				if (MiscUtil.isNotEmpty(check)) {
+					if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+						log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME, 
+								"Own Target - FriendlyName",
+								LanguageHelper.getErrorString("validation.general.targetfriendlyname", 
+								new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+					}
+				}
+				
+				//check Own Target
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET);
+				if (MiscUtil.isNotEmpty(check)) {
+					if (!ValidationHelper.isValidAdminTarget(check)) {
+						log.info("Not valid Target");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET, 
+								"Own Target - Target",
+								LanguageHelper.getErrorString("validation.general.target.admin.valid")));
+					}
+				}
+								
+			} else {
+				
+				//check PublicURL Prefix allows PublicService
+				String uniqueID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+				if (!ValidationHelper.isPublicServiceAllowed(input.get(uniqueID))) {
+					log.warn("PublicURLPrefix does not allow PublicService: " + uniqueID);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET, 
+							"PublicService - Target",
+							LanguageHelper.getErrorString("validation.general.target.publicserviceurl", 
+							new Object[] {uniqueID}) ));
+					
+				}
+				
+				//check Target
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET);
+				if (MiscUtil.isNotEmpty(check)) {
+					if (!ValidationHelper.isValidTarget(check)) {
+						log.info("Not valid Target");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET, 
+								"PublicService - Target",
+								LanguageHelper.getErrorString("validation.general.target.valid")));
+					}
+				}
+				
+				String isSubTargetUsed = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB);
+				if (MiscUtil.isNotEmpty(isSubTargetUsed) && Boolean.parseBoolean(isSubTargetUsed)) {
+					check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB);
+					if (!ValidationHelper.isValidAdminTarget(check)) {
+						log.info("Not valid Target-Subsector");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB, 
+								"PublicService - Target SubSector",
+								LanguageHelper.getErrorString("validation.general.target.subsector.valid")));
+
+					}
+				}												
+			}
+		}
+				
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2015-07-17 09:18:28 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2015-07-17 09:18:28 +0200
commit	98dbb23fa5dcd9518beb56fd2410667b385b5524 (patch)
tree	b95ad14a2401f553d72d6dc911814980689866b5 /id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
parent	d774a81910498c9ee1277c1611d57b07bf069fbd (diff)
download	moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.tar.gz moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.tar.bz2 moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.zip