/* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; import java.util.ArrayList; import java.util.Collections; import java.util.List; import java.util.Map; import java.util.regex.Pattern; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import at.gv.egiz.components.configuration.api.Configuration; import at.gv.egiz.components.configuration.api.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; import at.gv.egovernment.moa.util.MiscUtil; /** * @author tlenz * */ public class ServicesGeneralInformationTask extends AbstractTaskValidator implements ITaskValidator { private static final Logger log = LoggerFactory.getLogger(ServicesGeneralInformationTask.class); private static final List KEYWHITELIST; private static MOAIDConfiguration dbconfig; static { ArrayList temp = new ArrayList(); KEYWHITELIST = Collections.unmodifiableList(temp); } @Autowired public void setDatabaseConfiguration(MOAIDConfiguration config) { dbconfig = config; } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() */ @Override public String getKeyPrefix() { return ""; } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() */ @Override public String getName() { return "Service - General Configuration Task"; } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) */ @Override public Map postProcessing(Map input, List keysToDelete, Configuration dbconfig) { return null; } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) */ @Override protected void taskValidate(Map input) throws ConfigurationTaskValidationException { if (dbconfig == null) { throw new ConfigurationTaskValidationException( new ValidationObjectIdentifier("internal", "Internal Error", "Configuration is not readable!")); } List errors = new ArrayList(); String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME); if (MiscUtil.isNotEmpty(check)) { if (ValidationHelper.containsNotValidCharacter(check, false)) { log.warn("OAFriendlyName contains potentail XSS characters: " + check); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, "FriendlyName", LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", new Object[] {ValidationHelper.getNotValidCharacter(false)}))); } } else { log.info("OA friendlyName is empty"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, "FriendlyName", LanguageHelper.getErrorString("validation.general.oafriendlyname.empty"))); } String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE); if (MiscUtil.isEmpty(isBusinessService)) { log.info("OA businessservice flag is empty"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, "BusinessService", LanguageHelper.getErrorString("validation.general.businessservice.empty"))); } String servicePrefixId = input.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); if (MiscUtil.isNotEmpty(servicePrefixId)) { String uniqueServiceID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); if (MiscUtil.isEmpty(uniqueServiceID)) { log.info("Empty unique service identifier"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, "Unique Identifier", LanguageHelper.getErrorString("validation.general.oaidentifier.empty"))); } else { if (!ValidationHelper.validateURL(uniqueServiceID)) { log.warn("Unique serice identifier is not a valid URL: " + uniqueServiceID); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, "Unique Identifier", LanguageHelper.getErrorString("validation.general.oaidentifier.valid"))); } else { //check uniqueness of service identifier try { String[] allServiceKeys = dbconfig.findConfigurationId( MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES +".%." + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); if (allServiceKeys != null) { List foundKeys = new ArrayList(); for (String elKey : allServiceKeys) { String elValue = dbconfig.getStringValue(elKey); if (uniqueServiceID.startsWith(elValue) || (elValue != null && elValue.startsWith(uniqueServiceID))) { log.debug("Found service with key: " + elKey + " and uniqueID: " + elValue + " which maches to edited service with uniqueID:" + uniqueServiceID); foundKeys.add(elKey); } } if ((foundKeys.size() > 1) || ((foundKeys.size() == 1) && !foundKeys.get(0).startsWith(servicePrefixId) )) { log.info("The service identifier is not unique"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, "Unique Identifier", LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"))); } } } catch (ConfigurationException e) { log.error("Configuration not readable!", e); new ValidationObjectIdentifier("internal", "Internal Error", "Configuration is not readable!"); } } } } else { throw new ConfigurationTaskValidationException( new ValidationObjectIdentifier("internal", "Internal Error", "No MOA-ID service prefix! Can not check uniqueness of service configuration.")); } if (!errors.isEmpty()) throw new ConfigurationTaskValidationException(errors); } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() */ @Override public List getAllAllowedPatterns() { return generatePatternsFromKeys(KEYWHITELIST); } }