worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Manager API: Check confKey is valid when adding a new cat or app to avoid breaking configuration

Browse Source
Moo
Soisik Froger 5 years ago
parent ad09bda8b7
commit cbe85dd6a2
3 changed files with 42 additions and 4 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/App.pm
  2. 8
      lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/Cat.pm
  3. 26
      lemonldap-ng-manager/t/04-menu-api.t

12
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/App.pm
Unescape View File

@ -133,6 +133,10 @@ sub addMenuApp {
400 )
if ( ref $add->{confKey} );
return $self->sendError( $req, 'Invalid input: confKey contains invalid characters',
400 )
unless ( $add->{confKey} =~ '^\w[\w\.\-]*$' );
return $self->sendError( $req, 'Invalid input: name is missing', 400 )
unless ( defined $add->{options} && defined $add->{options}{name} );
@ -150,10 +154,10 @@ sub addMenuApp {
return $self->sendError( $req,
"Menu category '$catConfKey' not found", 404 )
unless ( defined $conf->{applicationList}->{$catConfKey} );
return $self->sendError(
$req,
"Invalid input: A Menu Application with confKey $add->{confKey} already exists",
"Invalid input: A Menu Application with confKey $add->{confKey} already exists in category $catConfKey",
409
)
if (
@ -238,6 +242,10 @@ sub replaceMenuApp {
400 )
if ( ref $replace->{confKey} );
return $self->sendError( $req, 'Invalid input: confKey contains invalid characters',
400 )
unless ( $replace->{confKey} =~ '^\w[\w\.\-]*$' );
return $self->sendError( $req, 'Invalid input: name is missing', 400 )
unless ( defined $replace->{options}
&& defined $replace->{options}{name} );

8
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Menu/Cat.pm
Unescape View File

@ -76,6 +76,10 @@ sub addMenuCat {
400 )
if ( ref $add->{confKey} );
return $self->sendError( $req, 'Invalid input: confKey contains invalid characters',
400 )
unless ( $add->{confKey} =~ '^\w[\w\.\-]*$' );
return $self->sendError( $req, 'Invalid input: catname is missing', 400 )
unless ( defined $add->{catname} );
@ -155,6 +159,10 @@ sub replaceMenuCat {
400 )
if ( ref $replace->{confKey} );
return $self->sendError( $req, 'Invalid input: confKey contains invalid characters',
400 )
unless ( $replace->{confKey} =~ '^\w[\w\.\-]*$' );
return $self->sendError( $req, 'Invalid input: catname is missing', 400 )
unless ( defined $replace->{catname} );

26
lemonldap-ng-manager/t/04-menu-api.t
Unescape View File

@ -110,7 +110,7 @@ sub checkAddFailsIfExists {
check409( $test, add( $test, $type, $add ) );
}
sub checkAddWithUnknownAttributes {
sub checkAddFailsOnInvalidConfkey {
my ( $test, $type, $add ) = splice @_;
check400( $test, add( $test, $type, $add ) );
}
@ -305,7 +305,11 @@ my $cat2 = {
catname => 'My Cat 2',
order => 2
};
my $cat3 = {
confKey => 'mycat/mycat3',
catname => 'My Cat 3',
order => 2
};
$test = "Cat - Get mycat1 cat should err on not found";
checkGetNotFound( $test, 'cat', 'mycat1' );
@ -317,6 +321,11 @@ checkGet( $test, 'cat', 'mycat1', 'order', 1 );
$test = "Cat - Add should fail on duplicate confKey";
checkAddFailsIfExists( $test, 'cat', $cat1 );
$test = "Cat - Add should fail on invalid confKey";
checkAddFailsOnInvalidConfkey( $test, 'cat', $cat3 );
checkAddFailsOnInvalidConfkey
$test = "Cat - Update should succeed and keep existing values";
$cat1->{order} = 3;
delete $cat1->{catname};
@ -389,6 +398,16 @@ my $app3 = {
},
order => 1
};
my $app4 = {
confKey => 'myapp1/myapp4',
options => {
name => 'My App 4',
description => 'My app 4 description',
tooltip => 'My app 4 tooltip',
uri => 'http://app4.example.com/'
},
order => 1
};
$test = "App - Get mycat3 apps should err on not found";
checkGetNotFound( $test, 'app', 'mycat3' );
@ -427,6 +446,9 @@ checkGet( $test, 'app/mycat2', 'myapp3', 'options/display', "\$uid eq 'dwho'" );
$test = "App - Add should fail on duplicate confKey";
checkAddFailsIfExists( $test, 'app/mycat1', $app1 );
$test = "App - Add should fail on invalid confKey";
checkAddFailsOnInvalidConfkey( $test, 'app/mycat1', $app4 );
$test = "App - Check default value were set";
checkGet( $test, 'app/mycat1', 'myapp1', 'options/logo', 'network.png' );
checkGet( $test, 'app/mycat1', 'myapp1', 'options/display', 'auto' );

Write Preview
Loading…
Cancel
Save