From f4c55ef0d481d98d7bccacf44b03ff8b3ff73f95 Mon Sep 17 00:00:00 2001 From: Olivier Lamy Date: Mon, 16 Jan 2012 10:29:13 +0000 Subject: [PATCH] validate managedRepository before remowing it for update. In case of non valid cronExpression it was removed before the validation git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1231900 13f79535-47bb-0310-9956-ffa450edef68 --- .../model/managed/ManagedRepositoryAdmin.java | 3 ++ .../repository/RepositoryCommonValidator.java | 44 +++++++++++++++++-- .../DefaultManagedRepositoryAdmin.java | 32 ++------------ 3 files changed, 48 insertions(+), 31 deletions(-) diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/managed/ManagedRepositoryAdmin.java b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/managed/ManagedRepositoryAdmin.java index 156f7b6d3..2591b7569 100644 --- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/managed/ManagedRepositoryAdmin.java +++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/managed/ManagedRepositoryAdmin.java @@ -33,6 +33,9 @@ import java.util.Map; */ public interface ManagedRepositoryAdmin { + + String REPOSITORY_LOCATION_VALID_EXPRESSION = "^[-a-zA-Z0-9._/~:?!&=\\\\]+$"; + List getManagedRepositories() throws RepositoryAdminException; diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/RepositoryCommonValidator.java b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/RepositoryCommonValidator.java index 22d45f53f..2ffc2bfd5 100644 --- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/RepositoryCommonValidator.java +++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/RepositoryCommonValidator.java @@ -18,13 +18,16 @@ package org.apache.archiva.admin.repository; * under the License. */ -import org.apache.archiva.admin.model.beans.AbstractRepository; import org.apache.archiva.admin.model.RepositoryAdminException; -import org.apache.commons.lang.StringUtils; -import org.apache.commons.validator.GenericValidator; +import org.apache.archiva.admin.model.beans.AbstractRepository; +import org.apache.archiva.admin.model.beans.ManagedRepository; +import org.apache.archiva.admin.model.managed.ManagedRepositoryAdmin; import org.apache.archiva.configuration.ArchivaConfiguration; import org.apache.archiva.configuration.Configuration; +import org.apache.commons.lang.StringUtils; +import org.apache.commons.validator.GenericValidator; import org.codehaus.plexus.registry.Registry; +import org.codehaus.redback.components.scheduler.CronExpressionValidator; import org.springframework.stereotype.Service; import javax.inject.Inject; @@ -110,7 +113,42 @@ public class RepositoryCommonValidator + "forward-slashes(/), open-parenthesis('('), close-parenthesis(')'), underscores(_), dots(.), and dashes(-)." ); } + } + /** + * validate cronExpression and location format + * + * @param managedRepository + * @since 1.4-M2 + */ + public void validateManagedRepository( ManagedRepository managedRepository ) + throws RepositoryAdminException + { + String cronExpression = managedRepository.getCronExpression(); + // FIXME : olamy can be empty to avoid scheduled scan ? + if ( StringUtils.isNotBlank( cronExpression ) ) + { + CronExpressionValidator validator = new CronExpressionValidator(); + + if ( !validator.validate( cronExpression ) ) + { + throw new RepositoryAdminException( "Invalid cron expression." ); + } + } + else + { + throw new RepositoryAdminException( "Cron expression cannot be empty." ); + } + + String repoLocation = removeExpressions( managedRepository.getLocation() ); + + if ( !GenericValidator.matchRegexp( repoLocation, + ManagedRepositoryAdmin.REPOSITORY_LOCATION_VALID_EXPRESSION ) ) + { + throw new RepositoryAdminException( + "Invalid repository location. Directory must only contain alphanumeric characters, equals(=), question-marks(?), " + + "exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." ); + } } /** diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/managed/DefaultManagedRepositoryAdmin.java b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/managed/DefaultManagedRepositoryAdmin.java index a3ac32c0a..495fc8212 100644 --- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/managed/DefaultManagedRepositoryAdmin.java +++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/managed/DefaultManagedRepositoryAdmin.java @@ -41,7 +41,6 @@ import org.apache.archiva.scheduler.repository.RepositoryTask; import org.apache.archiva.security.common.ArchivaRoleConstants; import org.apache.commons.io.FileUtils; import org.apache.commons.lang.StringUtils; -import org.apache.commons.validator.GenericValidator; import org.apache.maven.index.NexusIndexer; import org.apache.maven.index.context.IndexCreator; import org.apache.maven.index.context.IndexingContext; @@ -49,7 +48,6 @@ import org.apache.maven.index.context.UnsupportedExistingLuceneIndexException; import org.codehaus.plexus.redback.role.RoleManager; import org.codehaus.plexus.redback.role.RoleManagerException; import org.codehaus.plexus.taskqueue.TaskQueueException; -import org.codehaus.redback.components.scheduler.CronExpressionValidator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; @@ -80,7 +78,6 @@ public class DefaultManagedRepositoryAdmin implements ManagedRepositoryAdmin { - public static final String REPOSITORY_LOCATION_VALID_EXPRESSION = "^[-a-zA-Z0-9._/~:?!&=\\\\]+$"; private Logger log = LoggerFactory.getLogger( getClass() ); @@ -215,6 +212,7 @@ public class DefaultManagedRepositoryAdmin { getRepositoryCommonValidator().basicValidation( managedRepository, false ); + getRepositoryCommonValidator().validateManagedRepository( managedRepository ); triggerAuditEvent( managedRepository.getId(), null, AuditEvent.ADD_MANAGED_REPO, auditInformation ); Boolean res = addManagedRepository( managedRepository.getId(), managedRepository.getLayout(), managedRepository.getName(), @@ -241,30 +239,6 @@ public class DefaultManagedRepositoryAdmin throws RepositoryAdminException { - // FIXME : olamy can be empty to avoid scheduled scan ? - if ( StringUtils.isNotBlank( cronExpression ) ) - { - CronExpressionValidator validator = new CronExpressionValidator(); - - if ( !validator.validate( cronExpression ) ) - { - throw new RepositoryAdminException( "Invalid cron expression." ); - } - } - else - { - throw new RepositoryAdminException( "Cron expression cannot be empty." ); - } - - String repoLocation = getRepositoryCommonValidator().removeExpressions( location ); - - if ( !GenericValidator.matchRegexp( repoLocation, REPOSITORY_LOCATION_VALID_EXPRESSION ) ) - { - throw new RepositoryAdminException( - "Invalid repository location. Directory must only contain alphanumeric characters, equals(=), question-marks(?), " - + "exclamation-points(!), ampersands(&), forward-slashes(/), back-slashes(\\), underscores(_), dots(.), colons(:), tildes(~), and dashes(-)." ); - } - ManagedRepositoryConfiguration repository = new ManagedRepositoryConfiguration(); repository.setId( repoId ); @@ -272,7 +246,7 @@ public class DefaultManagedRepositoryAdmin repository.setReleases( releasesIncluded ); repository.setSnapshots( snapshotsIncluded ); repository.setName( name ); - repository.setLocation( repoLocation ); + repository.setLocation( getRepositoryCommonValidator().removeExpressions( location ) ); repository.setLayout( layout ); repository.setRefreshCronExpression( cronExpression ); repository.setIndexDir( indexDir ); @@ -482,6 +456,8 @@ public class DefaultManagedRepositoryAdmin getRepositoryCommonValidator().basicValidation( managedRepository, true ); + getRepositoryCommonValidator().validateManagedRepository( managedRepository ); + Configuration configuration = getArchivaConfiguration().getConfiguration(); ManagedRepositoryConfiguration toremove = configuration.findManagedRepositoryById( managedRepository.getId() );