diff options
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java')
| -rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java new file mode 100644 index 000000000..318b3b3e7 --- /dev/null +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/moaconfig/StorkConfigValidator.java @@ -0,0 +1,89 @@ +package at.gv.egovernment.moa.id.configuration.validation.moaconfig; + +import java.util.ArrayList; +import java.util.List; +import org.apache.log4j.Logger; + +import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; +import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; +import at.gv.egovernment.moa.id.configuration.data.GeneralStorkConfig; +import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; +import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; +import at.gv.egovernment.moa.util.MiscUtil; + +public class StorkConfigValidator { + + private static final Logger log = Logger.getLogger(StorkConfigValidator.class); + + public List<String> validate(GeneralStorkConfig form) { + + List<String> errors = new ArrayList<String>(); + + log.debug("Validate general STORK configuration"); + + // check peps list + for(CPEPS current : form.getCpepslist()) { + // check country code + String check = current.getCountryCode(); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("CPEPS config countrycode contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} )); + } + if(!check.toLowerCase().matches("^[a-z][a-z]$")) { + log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.cc", + new Object[] {check} )); + } + } else { + log.warn("CPEPS config countrycode is empty : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {check} )); + } + + // check url + check = current.getURL(); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateURL(check)) { + log.info("CPEPS config URL is invalid : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.url")); + } + } else { + log.warn("CPEPS config url is empty : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.cpeps.empty", + new Object[] {check} )); + } + } + + // check qaa + int qaa = form.getDefaultQaa(); + if(1 > qaa && 4 < qaa) { + log.warn("QAA is out of range : " + qaa); + errors.add(LanguageHelper.getErrorString("validation.stork.qaa.outofrange", + new Object[] {qaa} )); + } + + // check attributes + if (MiscUtil.isNotEmpty(form.getAttributes())) { + for(StorkAttribute check : form.getAttributes()) { + if (ValidationHelper.containsPotentialCSSCharacter(check.getName(), true)) { + log.warn("default attributes contains potentail XSS characters: " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} )); + } + if(!check.getName().toLowerCase().matches("^[a-z0-9]*$")) { + log.warn("default attributes do not match the requested format : " + check); + errors.add(LanguageHelper.getErrorString("validation.stork.requestedattributes", + new Object[] {check} )); + } + } + } else { + log.warn("no attributes specified"); + errors.add(LanguageHelper.getErrorString("validation.stork.attributes.empty", + new Object[] {} )); + } + + return errors; + } +} |