From 77315eda2d56b4cdd9777d3cdcf6636deb2980c1 Mon Sep 17 00:00:00 2001
From: Pawel GUTOWSKI <Pawel.GUTOWSKI@ext.ec.europa.eu>
Date: Wed, 21 Feb 2018 15:48:48 +0100
Subject: [PATCH] EDELIVERY-3164 Added Domain ID validation

---
 .../smp/services/ServiceGroupService.java     | 19 +++++++++++----
 ...ServiceMultipleDomainsIntegrationTest.java |  2 +-
 ...oupServiceSingleDomainIntegrationTest.java | 23 ++++++++++++++++++-
 ...integration_multiple_domains_test_data.sql |  4 ++--
 .../ServiceGroupControllerTest.java           |  4 +++-
 5 files changed, 43 insertions(+), 9 deletions(-)

diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ServiceGroupService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ServiceGroupService.java
index aa46dc1ed..13d2593ab 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ServiceGroupService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ServiceGroupService.java
@@ -33,9 +33,11 @@ import org.springframework.transaction.annotation.Transactional;
 
 import java.util.HashSet;
 import java.util.Optional;
+import java.util.regex.Pattern;
 
 import static eu.europa.ec.edelivery.smp.conversion.ServiceGroupConverter.toDbModel;
 import static eu.europa.ec.smp.api.Identifiers.asString;
+import static java.lang.String.format;
 import static java.util.Arrays.asList;
 import static org.apache.commons.lang3.StringUtils.isNotBlank;
 
@@ -47,6 +49,8 @@ public class ServiceGroupService {
 
     private static final Logger log = LoggerFactory.getLogger(ServiceGroupService.class);
 
+    private static final Pattern DOMAIN_ID_PATTERN = Pattern.compile("[a-zA-Z0-9]+");
+
     @Autowired
     private CaseSensitivityNormalizer caseSensitivityNormalizer;
 
@@ -85,10 +89,10 @@ public class ServiceGroupService {
 
         DBServiceGroup dbServiceGroup = serviceGroupDao.find(toDbModel(normalizedParticipantId));
 
+        validateDomain(dbServiceGroup, domain);
         String extensions = ServiceGroupConverter.extractExtensionsPayload(normalizedServiceGroup);
 
         if (dbServiceGroup != null) {
-            blockPotentialDomainChange(dbServiceGroup, domain);
             dbServiceGroup.setExtension(extensions);
             serviceGroupDao.persistFlushDetach(dbServiceGroup);
             return false;
@@ -114,7 +118,7 @@ public class ServiceGroupService {
     private DBDomain findDomain(String domain) {
         if (isNotBlank(domain)) {
             DBDomain dbDomain = domainDao.find(domain);
-            if(dbDomain == null){
+            if (dbDomain == null) {
                 throw new WrongInputFieldException("Requested domain does not exist: " + domain);
             }
             return dbDomain;
@@ -127,8 +131,15 @@ public class ServiceGroupService {
     }
 
 
-    private void blockPotentialDomainChange(DBServiceGroup dbServiceGroup, String domain) {
-        if (isNotBlank(domain) && !domain.equalsIgnoreCase(dbServiceGroup.getDomain().getId())) {
+    private void validateDomain(DBServiceGroup dbServiceGroup, String domain) {
+        if (domain == null) {
+            return;
+        }
+        if (!DOMAIN_ID_PATTERN.matcher(domain).matches()) {
+            throw new WrongInputFieldException(format("Provided Domain ID [%s] does not match required pattern: %s", domain, DOMAIN_ID_PATTERN));
+        }
+        //blockPotentialDomainChange
+        if (dbServiceGroup != null && !domain.equalsIgnoreCase(dbServiceGroup.getDomain().getId())) {
             throw new WrongInputFieldException("The same SarviceGroup cannot exist under 2 different domains. ServiceGroup cannot be switched between domains. Remove domain parameter from request if you want to update existing ServiceGroup.");
         }
     }
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ServiceGroupServiceMultipleDomainsIntegrationTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ServiceGroupServiceMultipleDomainsIntegrationTest.java
index c76091857..3a7bbf209 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ServiceGroupServiceMultipleDomainsIntegrationTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ServiceGroupServiceMultipleDomainsIntegrationTest.java
@@ -36,7 +36,7 @@ import static org.springframework.util.StringUtils.isEmpty;
         "classpath:/service_integration_multiple_domains_test_data.sql"})
 public class ServiceGroupServiceMultipleDomainsIntegrationTest extends AbstractServiceGroupServiceIntegrationTest {
 
-    private static final String SECOND_DOMAIN_ID = "second_domain";
+    private static final String SECOND_DOMAIN_ID = "domain2";
     private static final String SECOND_DOMAIN_CERT_HEADER = "client-cert-header-value";
     private static final String SECOND_DOMAIN_SIGNING_ALIAS = "signature-alias";
     private static final String SECOND_DOMAIN_SMP_ID = "SECOND-SMP-ID";
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ServiceGroupServiceSingleDomainIntegrationTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ServiceGroupServiceSingleDomainIntegrationTest.java
index 18d8ba270..a265bce63 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ServiceGroupServiceSingleDomainIntegrationTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/services/ServiceGroupServiceSingleDomainIntegrationTest.java
@@ -128,7 +128,28 @@ public class ServiceGroupServiceSingleDomainIntegrationTest extends AbstractServ
         ServiceGroup newServiceGroup = unmarshal(loadDocumentAsString(SERVICE_GROUP_XML_PATH));
 
         //when-then
-        serviceGroupService.saveServiceGroup(newServiceGroup,"NOT-EXISTING-DOMAIN", ADMIN_USERNAME);
+        serviceGroupService.saveServiceGroup(newServiceGroup,"NOTEXISTINGDOMAIN", ADMIN_USERNAME);
+    }
+
+    @Test(expected = WrongInputFieldException.class)
+    public void onlyASCIICharactersAllowedInDomainId() throws Throwable {
+        //given
+        ServiceGroup newServiceGroup = unmarshal(loadDocumentAsString(SERVICE_GROUP_XML_PATH));
+
+        //when-then
+        serviceGroupService.saveServiceGroup(newServiceGroup,"notAllowedChars:-_;#$", ADMIN_USERNAME);
+    }
+
+    @Test
+    public void savingUnderTheOnlyDomainSpecifiedExpliciteIsAllowed() throws Throwable {
+        //given
+        ServiceGroup newServiceGroup = unmarshal(loadDocumentAsString(SERVICE_GROUP_XML_PATH));
+
+        //when
+        serviceGroupService.saveServiceGroup(newServiceGroup,"domain1", ADMIN_USERNAME);
+
+        //then
+        assertNotNull(serviceGroupService.getServiceGroup(SERVICE_GROUP_ID));
     }
 
 }
diff --git a/smp-server-library/src/test/resources/service_integration_multiple_domains_test_data.sql b/smp-server-library/src/test/resources/service_integration_multiple_domains_test_data.sql
index 471278f79..f1d00aaa6 100644
--- a/smp-server-library/src/test/resources/service_integration_multiple_domains_test_data.sql
+++ b/smp-server-library/src/test/resources/service_integration_multiple_domains_test_data.sql
@@ -1,2 +1,2 @@
-INSERT INTO smp_domain(domainId, bdmslClientCertHeader, bdmslClientCertAlias, bdmslSmpId, signatureCertAlias) VALUES('second_domain', 'client-cert-header-value', '', 'SECOND-SMP-ID', 'signature-alias');
-INSERT INTO smp_domain(domainId, bdmslClientCertHeader, bdmslClientCertAlias, bdmslSmpId, signatureCertAlias) VALUES('third_domain', '', 'client-keystore-alias-key', 'THIRD-SMP-ID', 'signature-alias');
\ No newline at end of file
+INSERT INTO smp_domain(domainId, bdmslClientCertHeader, bdmslClientCertAlias, bdmslSmpId, signatureCertAlias) VALUES('domain2', 'client-cert-header-value', '', 'SECOND-SMP-ID', 'signature-alias');
+INSERT INTO smp_domain(domainId, bdmslClientCertHeader, bdmslClientCertAlias, bdmslSmpId, signatureCertAlias) VALUES('domain3', '', 'client-keystore-alias-key', 'THIRD-SMP-ID', 'signature-alias');
\ No newline at end of file
diff --git a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java
index a5f9bae7c..a6c3be42d 100644
--- a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/controllers/ServiceGroupControllerTest.java
@@ -26,6 +26,7 @@ import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfig
 import org.springframework.test.annotation.Rollback;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.jdbc.Sql;
+import org.springframework.test.context.jdbc.SqlConfig;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.context.web.WebAppConfiguration;
 import org.springframework.test.web.servlet.MockMvc;
@@ -60,6 +61,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 @Transactional
 @Rollback(true)
 @Sql("classpath:/webapp_integration_test_data.sql")
+@SqlConfig(encoding = "UTF-8")
 public class ServiceGroupControllerTest {
 
     private static final String PARTICIPANT_SCHEME = "ehealth-participantid-qns";
@@ -203,7 +205,7 @@ public class ServiceGroupControllerTest {
                 .contentType(APPLICATION_XML_VALUE)
                 .header(HTTP_HEADER_KEY_SERVICE_GROUP_OWNER, OTHER_OWNER_NAME_URL_ENCODED)
                 .content(SERVICE_GROUP_INPUT_BODY))
-                .andExpect(status().isCreated());
+                .andExpect(status().isCreated())Å„;
     }
 
     @Test
-- 
GitLab