aboutsummaryrefslogtreecommitdiff
path: root/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java')
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java180
1 files changed, 180 insertions, 0 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
new file mode 100644
index 000000000..06b50ac3c
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAGeneralConfigValidation.java
@@ -0,0 +1,180 @@
+package at.gv.egovernment.moa.id.configuration.validation.oa;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
+import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.CompanyNumberValidator;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class OAGeneralConfigValidation {
+
+ private static final Logger log = Logger.getLogger(OASSOConfigValidation.class);
+
+ public List<String> validate(OAGeneralConfig form, boolean isAdmin) {
+
+ List<String> errors = new ArrayList<String>();
+
+ //validate aditionalAuthBlockText
+ String check = form.getAditionalAuthBlockText();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.aditionalauthblocktext",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ //Check BKU URLs
+ check =form.getBkuHandyURL();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.empty"));
+
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Handy-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.handy.valid"));
+ }
+ }
+
+ check =form.getBkuLocalURL();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Local-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.empty"));
+
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.local.valid"));
+ }
+ }
+
+ check =form.getBkuOnlineURL();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.empty"));
+
+ } else {
+ if (!ValidationHelper.validateURL(check)) {
+ log.info("Not valid Online-BKU URL");
+ errors.add(LanguageHelper.getErrorString("validation.general.bku.online.valid"));
+ }
+ }
+
+ //check OA FriendlyName
+ check = form.getFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("OAFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.oafriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ //check KeyBoxIdentifier
+ check = form.getKeyBoxIdentifier();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty KeyBoxIdentifier");
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty"));
+ } else {
+ Map<String, String> list = form.getKeyBoxIdentifierList();
+ if (!list.containsKey(check)) {
+ log.info("Not valid KeyBoxIdentifier " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid"));
+ }
+ }
+
+ //check Mandate Profiles
+ check = form.getMandateProfiles();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+ log.warn("MandateProfiles contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.mandate.profiles",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(true)} ));
+ }
+ }
+
+ //check SL Version
+ check = form.getSlVersion();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty SLVersion. Set SLVersion to 1.2");
+ form.setSlVersion("1.2");
+
+ } else {
+ if (!ValidationHelper.validateNumber(check)) {
+ log.info("Not valid SLVersion");
+ errors.add(LanguageHelper.getErrorString("validation.general.slversion"));
+ }
+ }
+
+ boolean businessservice = form.isBusinessService();
+
+ if (businessservice) {
+ //check identification number
+ check = form.getIdentificationNumber();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty IdentificationNumber");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.empty"));
+
+ } else {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.valid",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+
+ if (check.startsWith("FN")) {
+ CompanyNumberValidator val = new CompanyNumberValidator();
+ if (val.validate(check)) {
+ log.info("Not valid CompanyNumber");
+ errors.add(LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid"));
+ }
+ }
+ }
+
+ try {
+ float slversion = Float.valueOf(form.getSlVersion());
+ if (slversion < 1.2) {
+ log.info("BusinessService Applications requires SLVersion >= 1.2");
+ errors.add(LanguageHelper.getErrorString("validation.general.slversion.business"));
+ form.setSlVersion("1.2");
+ }
+
+ } catch (NumberFormatException e) {
+ }
+
+ } else {
+ //check targetFrindlyName();
+ check = form.getTargetFriendlyName();
+ if (MiscUtil.isNotEmpty(check)) {
+ if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+ log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+ errors.add(LanguageHelper.getErrorString("validation.general.targetfriendlyname",
+ new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+ }
+ }
+
+ //check Target
+ check = form.getTarget();
+ if (MiscUtil.isEmpty(check)) {
+ log.info("Empty Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.empty"));
+
+ } else {
+ if (!ValidationHelper.isValidTarget(check)) {
+ log.info("Not valid Target");
+ errors.add(LanguageHelper.getErrorString("validation.general.target.valid"));
+ }
+ }
+ }
+
+ return errors;
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 07:59:18 +0000