IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

update string validation

Browse Source 
- move it in extra function to have less code copies
- fix bug which return no error messag if input was an array instead of a string
This commit is contained in:
einhornimmond 2021-06-10 09:58:08 +02:00
parent a7009f935d
commit f88ddbbf1c
2 changed files with 58 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
login_server/src/cpp/JSONInterface/JsonUpdateUserInfos.cpp
View File

@ -68,49 +68,46 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params)
try { try {
if ( "User.first_name" == name && value.size() > 0) { if ( "User.first_name" == name) {
if (!value.isString()) { std::string str_val = validateString(value, "User.first_name", jsonErrorsArray);
jsonErrorsArray.add("User.first_name isn't a string");
} if (str_val.size() > 0) {
else { user_model->setFirstName(str_val);
user_model->setFirstName(value.toString());
extractet_values++; extractet_values++;
} }
} }
else if ("User.last_name" == name && value.size() > 0) { else if ("User.last_name" == name ) {
if (!value.isString()) { std::string str_val = validateString(value, "User.last_name", jsonErrorsArray);
jsonErrorsArray.add("User.last_name isn't a string");
} if (str_val.size() > 0) {
else { user_model->setLastName(str_val);
user_model->setLastName(value.toString());
extractet_values++; extractet_values++;
} }
} }
else if ("User.username" == name && value.size() > 3) { else if ("User.username" == name) {
if (!value.isString()) { std::string str_val = validateString(value, "User.username", jsonErrorsArray);
jsonErrorsArray.add("User.username isn't a string");
} if (str_val.size() > 0) {
else { if (user_model->getUsername() != str_val) {
auto new_username = value.toString(); if (user->isUsernameAlreadyUsed(str_val)) {
if (user_model->getUsername() != new_username) {
if (user->isUsernameAlreadyUsed(new_username)) {
jsonErrorsArray.add("username already used"); jsonErrorsArray.add("username already used");
} }
else { else {
user_model->setUsername(new_username); user_model->setUsername(str_val);
extractet_values++; extractet_values++;
} }
} }
} }
} }
else if ("User.description" == name && value.size() > 3) { else if ("User.description" == name) {
if (!value.isString()) { std::string str_val = validateString(value, "User.description", jsonErrorsArray);
jsonErrorsArray.add("description isn't a string");
} if (str_val.size() > 0) {
else { user_model->setDescription(str_val);
user_model->setDescription(value.toString());
extractet_values++; extractet_values++;
} }
} }
else if ("User.disabled" == name) { else if ("User.disabled" == name) {
if (value.isBoolean()) { if (value.isBoolean()) {
@ -130,11 +127,10 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params)
} }
} }
else if ("User.language" == name && value.size() > 0) { else if ("User.language" == name && value.size() > 0) {
if (!value.isString()) { std::string str_val = validateString(value, "User.language", jsonErrorsArray);
jsonErrorsArray.add("User.language isn't a string");
} if (str_val.size() > 0) {
else { auto lang = LanguageManager::languageFromString(str_val);
auto lang = LanguageManager::languageFromString(value.toString());
if (LANG_NULL == lang) { if (LANG_NULL == lang) {
jsonErrorsArray.add("User.language isn't a valid language"); jsonErrorsArray.add("User.language isn't a valid language");
} }
@ -143,12 +139,13 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params)
extractet_values++; extractet_values++;
} }
} }
} }
else if ("User.password" == name && value.size() > 0 && (ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_PASSWORD_REQUESTS) == ServerConfig::UNSECURE_PASSWORD_REQUESTS) { else if ("User.password" == name && (ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_PASSWORD_REQUESTS) == ServerConfig::UNSECURE_PASSWORD_REQUESTS) {
if (!value.isString()) { std::string str_val = validateString(value, "User.password", jsonErrorsArray);
jsonErrorsArray.add("User.password isn't string");
} if (str_val.size() > 0) {
else {
NotificationList errors; NotificationList errors;
if (!sm->checkPwdValidation(value.toString(), &errors, LanguageManager::getInstance()->getFreeCatalog(LANG_EN))) { if (!sm->checkPwdValidation(value.toString(), &errors, LanguageManager::getInstance()->getFreeCatalog(LANG_EN))) {
jsonErrorsArray.add("User.password isn't valid"); jsonErrorsArray.add("User.password isn't valid");
@ -174,7 +171,9 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params)
} }
} }
catch (Poco::Exception& ex) { catch (Poco::Exception& ex) {
jsonErrorsArray.add("update parameter invalid"); std::string error_message = "exception by parsing json: ";
error_message += ex.displayText();
jsonErrorsArray.add(error_message);
} }
} }
if (extractet_values > 0) { if (extractet_values > 0) {
@ -190,3 +189,22 @@ Poco::JSON::Object* JsonUpdateUserInfos::handle(Poco::Dynamic::Var params)
return result; return result;
} }
std::string JsonUpdateUserInfos::validateString(Poco::Dynamic::Var value, const char* fieldName, Poco::JSON::Array& errorArray)
{
std::string errorMessage = fieldName;
if (!value.isString()) {
errorMessage += " isn't a string";
errorArray.add(errorMessage);
return "";
}
std::string string_value = value.toString();
if (string_value.size() == 0) {
errorMessage += " is empty";
errorArray.add(errorArray);
return "";
}
return string_value;
}

2
login_server/src/cpp/JSONInterface/JsonUpdateUserInfos.h
View File

@ -18,6 +18,8 @@ public:
protected: protected:
std::string validateString(Poco::Dynamic::Var value, const char* fieldName, Poco::JSON::Array& errorArray);
}; };