[Yanel-commits] rev 53765 -
public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi
michi at wyona.com
michi at wyona.com
Thu Oct 7 10:11:44 CEST 2010
Author: michi
Date: 2010-10-07 10:11:44 +0200 (Thu, 07 Oct 2010)
New Revision: 53765
Modified:
public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi/UserManagerResource.java
Log:
validation for group creation implemented
Modified: public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi/UserManagerResource.java
===================================================================
--- public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi/UserManagerResource.java 2010-10-07 07:32:33 UTC (rev 53764)
+++ public/yanel/trunk/src/contributions/resources/security-api/src/java/org/wyona/yanel/impl/resources/securityapi/UserManagerResource.java 2010-10-07 08:11:44 UTC (rev 53765)
@@ -69,7 +69,7 @@
log.warn("DEBUG: Delete group: " + getEnvironment().getRequest().getParameter("id"));
deleteGroup(getEnvironment().getRequest().getParameter("id"));
} else if (usecase.equals("creategroup")) {
- log.warn("DEBUG: Create group: " + getEnvironment().getRequest().getParameter("id"));
+ log.debug("Try to create group: " + getEnvironment().getRequest().getParameter("id"));
createGroup(getEnvironment().getRequest().getParameter("id"), getEnvironment().getRequest().getParameter("name"));
} else if (usecase.equals("importuser")) {
log.debug("Import user: " + getEnvironment().getRequest().getParameter("id"));
@@ -231,7 +231,22 @@
*/
private void createGroup(String id, String name) throws AccessManagementException {
GroupManager gm = getRealm().getIdentityManager().getGroupManager();
- gm.createGroup(id, name);
+ int MAX_LENGTH = 30;
+ if (id != null && name != null) {
+ if (id.length() <= 0 || name.length() <= 0) {
+ log.warn("Either ID or name is empty, hence will not be created!");
+ } else if (id.length() > MAX_LENGTH) { // TODO: Make this configurable
+ log.warn("ID '" + id + "' is more than '" + MAX_LENGTH + "' characters, hence will not be created!");
+ } else if (gm.existsGroup(id)) {
+ log.warn("Group with ID '" + id + "' already exists, hence will not be created!");
+ } else if (id.contains("/") || id.contains("*") || id.contains("?") || id.contains(".")) { // TODO: Make this configurable
+ log.warn("ID '" + id + "' contains special characters (/*?.), hence will not be created!");
+ } else {
+ gm.createGroup(id, name);
+ }
+ } else {
+ log.warn("Either ID or name is null, hence will not be created!");
+ }
}
/**
More information about the Yanel-commits
mailing list