DC/dc-project
1
1
Fork 0
Code Issues 25 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Add validation on route EditWorkgroup

Browse Source
This commit is contained in:
Fabrice Lecomte
2021-04-15 23:45:47 +02:00
parent 518b59e9aa
commit 3f392eece6
4 changed files with 84 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/main/kotlin/fr/dcproject/common/validation/Url.kt Normal file
View File

@@ -0,0 +1,15 @@
package fr.dcproject.common.validation
import io.konform.validation.ValidationBuilder
import java.net.MalformedURLException
import java.net.URL
fun ValidationBuilder<String>.isUrl() =
addConstraint("is not url") {
try {
val url = URL(it)
true
} catch (e: MalformedURLException) {
false
}
}

23
src/main/kotlin/fr/dcproject/component/workgroup/routes/EditWorkgroup.kt
View File

@@ -1,13 +1,18 @@
package fr.dcproject.component.workgroup.routes package fr.dcproject.component.workgroup.routes
import fr.dcproject.application.http.badRequestIfNotValid
import fr.dcproject.common.security.assert import fr.dcproject.common.security.assert
import fr.dcproject.common.utils.receiveOrBadRequest import fr.dcproject.common.utils.receiveOrBadRequest
import fr.dcproject.common.validation.isUrl
import fr.dcproject.component.auth.citizenOrNull import fr.dcproject.component.auth.citizenOrNull
import fr.dcproject.component.auth.mustBeAuth import fr.dcproject.component.auth.mustBeAuth
import fr.dcproject.component.workgroup.WorkgroupAccessControl import fr.dcproject.component.workgroup.WorkgroupAccessControl
import fr.dcproject.component.workgroup.database.WorkgroupForUpdate import fr.dcproject.component.workgroup.database.WorkgroupForUpdate
import fr.dcproject.component.workgroup.database.WorkgroupRepository import fr.dcproject.component.workgroup.database.WorkgroupRepository
import fr.dcproject.component.workgroup.routes.EditWorkgroup.PutWorkgroupRequest.Input import fr.dcproject.component.workgroup.routes.EditWorkgroup.PutWorkgroupRequest.Input
import io.konform.validation.Validation
import io.konform.validation.jsonschema.maxLength
import io.konform.validation.jsonschema.minLength
import io.ktor.application.call import io.ktor.application.call
import io.ktor.http.HttpStatusCode import io.ktor.http.HttpStatusCode
import io.ktor.locations.KtorExperimentalLocationsAPI import io.ktor.locations.KtorExperimentalLocationsAPI
@@ -27,7 +32,22 @@ object EditWorkgroup {
val description: String?, val description: String?,
val logo: String?, val logo: String?,
val anonymous: Boolean? val anonymous: Boolean?
) ) {
fun validate() = Validation<Input> {
Input::name ifPresent {
minLength(5)
maxLength(80)
}
Input::description ifPresent {
minLength(50)
maxLength(6000)
}
Input::logo ifPresent {
isUrl()
maxLength(2048)
}
}.validate(this)
}
} }
fun Route.editWorkgroup(repo: WorkgroupRepository, ac: WorkgroupAccessControl) { fun Route.editWorkgroup(repo: WorkgroupRepository, ac: WorkgroupAccessControl) {
@@ -35,6 +55,7 @@ object EditWorkgroup {
mustBeAuth() mustBeAuth()
repo.findById(it.workgroupId)?.let { old -> repo.findById(it.workgroupId)?.let { old ->
call.receiveOrBadRequest<Input>().run { call.receiveOrBadRequest<Input>().run {
validate().badRequestIfNotValid()
WorkgroupForUpdate( WorkgroupForUpdate(
id = old.id, id = old.id,
name = name ?: old.name, name = name ?: old.name,

6
src/main/resources/openapi.yaml
View File

@@ -1451,6 +1451,12 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/Workgroup' $ref: '#/components/schemas/Workgroup'
400:
description: BadReqest
content:
application/json:
schema:
$ref: '#/components/schemas/400'
delete: delete:
summary: Delete one workgroup summary: Delete one workgroup
security: security:

44
src/test/kotlin/integration/Workgroup routes.kt
View File

@@ -1,6 +1,7 @@
package integration package integration
import fr.dcproject.component.citizen.database.CitizenI.Name import fr.dcproject.component.citizen.database.CitizenI.Name
import integration.steps.`when`.Validate.REQUEST_BODY
import integration.steps.`when`.Validate.REQUEST_PARAM import integration.steps.`when`.Validate.REQUEST_PARAM
import integration.steps.`when`.`When I send a DELETE request` import integration.steps.`when`.`When I send a DELETE request`
import integration.steps.`when`.`When I send a GET request` import integration.steps.`when`.`When I send a GET request`
@@ -112,14 +113,15 @@ class `Workgroup routes` : BaseTest() {
""" """
{ {
"name":"La ratatouille", "name":"La ratatouille",
"description":"Une petite souris" "description":"Une petite souris avec un chapeau et qui aime la cuisine",
"logo": "http://sdf@exemple.com/sdfsd?sdf=sss"
} }
""" """
) )
} `Then the response should be` OK and { } `Then the response should be` OK and {
`And the response should contain`("$.id", "aa875a24-0050-4252-9130-d37391714e26") `And the response should contain`("$.id", "aa875a24-0050-4252-9130-d37391714e26")
`And the response should contain`("$.name", "La ratatouille") `And the response should contain`("$.name", "La ratatouille")
`And the response should contain`("$.description", "Une petite souris") `And the response should contain`("$.description", "Une petite souris avec un chapeau et qui aime la cuisine")
`And have property`("$.members") `And have property`("$.members")
`And the response should contain list`("$.members", 3) `And the response should contain list`("$.members", 3)
@@ -132,7 +134,43 @@ class `Workgroup routes` : BaseTest() {
} `Then the response should be` OK and { } `Then the response should be` OK and {
`And the response should contain`("$.id", "aa875a24-0050-4252-9130-d37391714e26") `And the response should contain`("$.id", "aa875a24-0050-4252-9130-d37391714e26")
`And the response should contain`("$.name", "La ratatouille") `And the response should contain`("$.name", "La ratatouille")
`And the response should contain`("$.description", "Une petite souris") `And the response should contain`("$.description", "Une petite souris avec un chapeau et qui aime la cuisine")
}
}
}
@Test
@Tag("BadRequest")
fun `I cannot edit a workgroup with bad request`() {
withIntegrationApplication {
`Given I have citizen`("John", "Wheeler")
`Given I have citizen`("Heinrich", "Hertz", id = "94f92424-c257-4582-907c-98564a8c4ac9")
`Given I have citizen`("William", "Thomson", id = "87909ba3-2069-431c-9924-219fd8411cf2")
`Given I have workgroup`("aa875a24-0050-4252-9130-d37391714e26", createdBy = Name("John", "Wheeler")) {
`With members`(
Name("Heinrich", "Hertz"),
Name("William", "Thomson"),
)
}
`When I send a PUT request`("/workgroups/aa875a24-0050-4252-9130-d37391714e26", -REQUEST_BODY) {
`authenticated as`("John", "Wheeler")
`with body`(
"""
{
"name":"sm",
"description":"small2",
"logo": "ws://sdfs.sdok"
}
"""
)
} `Then the response should be` BadRequest and {
`And the response should not be null`()
`And the response should contain`("$.invalidParams[0].name", ".name")
`And the response should contain`("$.invalidParams[0].reason", "must have at least 5 characters")
`And the response should contain`("$.invalidParams[1].name", ".description")
`And the response should contain`("$.invalidParams[1].reason", "must have at least 50 characters")
`And the response should contain`("$.invalidParams[2].name", ".logo")
`And the response should contain`("$.invalidParams[2].reason", "is not url")
} }
} }
} }