From 373f48c67313bf479c49238ff7f69043b5e32e20 Mon Sep 17 00:00:00 2001
From: Pawel GUTOWSKI <Pawel.GUTOWSKI@ext.ec.europa.eu>
Date: Wed, 14 Feb 2018 11:46:11 +0100
Subject: [PATCH] EDELIVERY-2806 Fixed UTF-8 characters in ServiceGroup-Owner
HTTP header. User must provide URL-encoded characters since HTTP headers do
not support UTF-8
---
.../controllers/ServiceGroupController.java | 8 +++++--
.../ServiceGroupControllerTest.java | 23 +++++++++++++++++++
.../webapp_integration_test_data.sql | 3 ++-
3 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupController.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupController.java
index 6cc311744..0bb2c8e93 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupController.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupController.java
@@ -33,9 +33,11 @@ import org.springframework.security.access.annotation.Secured;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;
+import java.io.UnsupportedEncodingException;
import java.util.List;
import static eu.europa.ec.smp.api.Identifiers.asParticipantId;
+import static java.net.URLDecoder.decode;
import static org.apache.commons.lang3.StringUtils.isNotBlank;
import static org.springframework.http.ResponseEntity.created;
import static org.springframework.http.ResponseEntity.ok;
@@ -51,6 +53,8 @@ public class ServiceGroupController {
private static final Logger log = LoggerFactory.getLogger(ServiceGroupController.class);
+ private static final String UTF_8 = "UTF-8";
+
@Autowired
private ServiceGroupValidator serviceGroupValidator;
@@ -82,7 +86,7 @@ public class ServiceGroupController {
@PathVariable String serviceGroupId,
@RequestHeader(name = "ServiceGroup-Owner", required = false) String serviceGroupOwner,
@RequestHeader(name = "Domain", required = false) String domain,
- @RequestBody String body) throws XmlInvalidAgainstSchemaException {
+ @RequestBody String body) throws XmlInvalidAgainstSchemaException, UnsupportedEncodingException {
log.info("PUT ServiceGroup: {}\n{}", serviceGroupId, body);
@@ -92,7 +96,7 @@ public class ServiceGroupController {
serviceGroupValidator.validate(serviceGroupId, serviceGroup);
// Service action
- String newOwnerName = isNotBlank(serviceGroupOwner) ? serviceGroupOwner : SecurityContextHolder.getContext().getAuthentication().getName();
+ String newOwnerName = isNotBlank(serviceGroupOwner) ? decode(serviceGroupOwner, UTF_8) : SecurityContextHolder.getContext().getAuthentication().getName();
boolean newServiceGroupCreated = serviceGroupService.saveServiceGroup(serviceGroup, domain, newOwnerName);
log.info("Finished PUT ServiceGroup: {}", serviceGroupId);
diff --git a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java
index bce99f650..a5f9bae7c 100644
--- a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java
@@ -67,6 +67,9 @@ public class ServiceGroupControllerTest {
private static final String URL_PATH = format("/%s::%s", PARTICIPANT_SCHEME, PARTICIPANT_ID);
private static final String SERVICE_GROUP_INPUT_BODY = getSampleServiceGroupBodyWithScheme(PARTICIPANT_SCHEME);
private static final String HTTP_HEADER_KEY_DOMAIN = "Domain";
+ private static final String HTTP_HEADER_KEY_SERVICE_GROUP_OWNER = "ServiceGroup-Owner";
+
+ private static final String OTHER_OWNER_NAME_URL_ENCODED = "CN=utf-8_%C5%BC_SMP,O=EC,C=BE:0000000000000666";
private static final RequestPostProcessor ADMIN_CREDENTIALS = httpBasic("test_admin", "gutek123");
@@ -193,4 +196,24 @@ public class ServiceGroupControllerTest {
.andExpect(content().string(stringContainsInOrder("WRONG_FIELD")));
}
+ @Test
+ public void adminCanAssignNewServiceGroupToOtherOwner() throws Exception {
+ mvc.perform(put(URL_PATH)
+ .with(ADMIN_CREDENTIALS)
+ .contentType(APPLICATION_XML_VALUE)
+ .header(HTTP_HEADER_KEY_SERVICE_GROUP_OWNER, OTHER_OWNER_NAME_URL_ENCODED)
+ .content(SERVICE_GROUP_INPUT_BODY))
+ .andExpect(status().isCreated());
+ }
+
+ @Test
+ public void adminCannotAssignNewServiceGroupToNotExistingOwner() throws Exception {
+ mvc.perform(put(URL_PATH)
+ .with(ADMIN_CREDENTIALS)
+ .contentType(APPLICATION_XML_VALUE)
+ .header(HTTP_HEADER_KEY_SERVICE_GROUP_OWNER, "not-existing-user")
+ .content(SERVICE_GROUP_INPUT_BODY))
+ .andExpect(status().isBadRequest());
+ }
+
}
diff --git a/smp-webapp/src/test/resources/webapp_integration_test_data.sql b/smp-webapp/src/test/resources/webapp_integration_test_data.sql
index b54ce512a..b102c8209 100644
--- a/smp-webapp/src/test/resources/webapp_integration_test_data.sql
+++ b/smp-webapp/src/test/resources/webapp_integration_test_data.sql
@@ -14,7 +14,8 @@ insert into smp_user(username, password, isadmin) values ('test_admin',
insert into smp_user(username, password, isadmin) values ('test_user_hashed_pass', '$2a$06$k.Q/6anG4Eq/nNTZ0C1UIuAKxpr6ra5oaMkMSrlESIyA5jKEsUdyS', 0);
insert into smp_user(username, password, isadmin) values ('test_user_clear_pass', 'gutek123', 0);
insert into smp_user(username, password, isadmin) values ('CN=comon name,O=org,C=BE:0000000000000066', '', 0);
-insert into smp_user (username, isadmin) values ('CN=EHEALTH_SMP_TEST_BRAZIL,O=European Commission,C=BE:48b681ee8e0dcc08', 0);
+insert into smp_user(username, isadmin) values ('CN=EHEALTH_SMP_TEST_BRAZIL,O=European Commission,C=BE:48b681ee8e0dcc08', 0);
+insert into smp_user(username, isadmin) values ('CN=utf-8_ż_SMP,O=EC,C=BE:0000000000000666', 0);
insert into smp_service_group(businessidentifier, businessidentifierscheme) values ('urn:australia:ncpb', 'ehealth-actorid-qns');
insert into smp_service_group(businessidentifier, businessidentifierscheme) values ('urn:brazil:ncpb', 'ehealth-actorid-qns');
--
GitLab