Skip to content
Snippets Groups Projects
Commit fe34479e authored by Kovács Balázs's avatar Kovács Balázs
Browse files

request validations for dogs and users

parent e6dc6822
No related branches found
No related tags found
No related merge requests found
......@@ -7,6 +7,7 @@ import hu.pazmany.dto.UserDTO;
import hu.pazmany.security.JwtTokenProvider;
import hu.pazmany.service.DogService;
import hu.pazmany.service.UserService;
import io.micrometer.common.lang.Nullable;
import jakarta.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
......@@ -17,6 +18,7 @@ import org.springframework.web.multipart.MultipartFile;
import java.io.IOException;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.regex.Pattern;
......@@ -53,12 +55,14 @@ public class Controller {
@PostMapping(value = "/newdog")
public ResponseEntity<?> addNewDog(@RequestHeader("Authorization") String token, @RequestParam("dog") String stringDogDTO, @RequestParam(value = "picture", required = false) MultipartFile mpf) {
if (!isValidToken(token)) return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
if (inValidToken(token)) return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
ObjectMapper objectMapper = new ObjectMapper();
DetailedDogDTO dogDTO;
try {
dogDTO = objectMapper.readValue(stringDogDTO, DetailedDogDTO.class);
ResponseEntity<?> response = validateDogData(dogDTO);
if (Objects.nonNull(response)) return response;
} catch (IOException e) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Hibás JSON formátum");
}
......@@ -77,7 +81,7 @@ public class Controller {
@PostMapping(value = "/dogs/{id}/edit", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
public ResponseEntity<?> editDog(@PathVariable Integer id, @RequestHeader("Authorization") String token, @RequestParam("dog") String stringDogDTO, @RequestParam(value = "picture", required = false) MultipartFile mpf) {
if (!isValidToken(token)) return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
if (inValidToken(token)) return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
// Retrieve the dog entity from the database
Optional<DetailedDogDTO> optionalDog = dogService.get(id);
......@@ -86,6 +90,8 @@ public class Controller {
if (optionalDog.isPresent()) {
try {
dogDTO = objectMapper.readValue(stringDogDTO, DetailedDogDTO.class);
ResponseEntity<?> response = validateDogData(dogDTO);
if (Objects.nonNull(response)) return response;
} catch (IOException e) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Hibás JSON formátum");
}
......@@ -108,7 +114,7 @@ public class Controller {
@DeleteMapping("/dogs/{id}")
public ResponseEntity<?> deleteDog(@PathVariable Integer id, @RequestHeader("Authorization") String token) {
if (!isValidToken(token)) return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
if (inValidToken(token)) return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
dogService.deleteDog(id);
return ResponseEntity.ok().build();
......@@ -116,21 +122,16 @@ public class Controller {
@PostMapping("/register")
public ResponseEntity<?> registerUser(@Valid @RequestBody UserDTO request) {
// Validate the registration request
ValidationError validationError = validateRegisterRequest(request);
if (validationError != null) {
return ResponseEntity.badRequest().body(validationError.getMessage());
}
// Validating and registering user inside a single function
if (request == null || request.getUsername() == null || request.getPassword() == null)
return ResponseEntity.badRequest().body("Érvénytelen kérés");
// Check if the username is already taken
if (userService.isUserExists(request.getUsername())) {
return ResponseEntity.badRequest().body("Felhasználónév foglalt");
}
ResponseEntity<?> response = validateRegister(request);
if (Objects.nonNull(response)) return response;
// Save the user entity
userService.registerUser(request);
return ResponseEntity.status(HttpStatus.CREATED).body("Felhasználó sikeresen létrehozva");
return ResponseEntity.status(HttpStatus.CREATED).body("Felhasználó sikeresen regisztrálva");
}
@PostMapping("/login")
......@@ -149,7 +150,37 @@ public class Controller {
}
/*-------- Validation functions --------*/
/*-------- Independent validation functions --------*/
@Nullable
public ResponseEntity<?> validateDogData(@Valid @RequestBody DetailedDogDTO request) {
if (request.getName().length() < 2 || request.getName().length() > 20)
return ResponseEntity.badRequest().body("A kutyanév 2 és 20 karakter között legyen");
if (!Pattern.matches("^[A-Z][a-z]*$",request.getName()))
return ResponseEntity.badRequest().body("A kutyanév kis- és nagybetűkből álljon");
if (request.getAge() < 0)
return ResponseEntity.badRequest().body("A kutya életkora nem lehet negatív");
return null;
}
@Nullable
private ResponseEntity<?> validateRegister(@Valid @RequestBody UserDTO request) {
// Check if the username is already taken
if (userService.isUserExists(request.getUsername()))
return ResponseEntity.badRequest().body("Felhasználónév már létezik");
if(!Pattern.matches("^[a-zA-Z0-9]+$", request.getUsername()))
return ResponseEntity.badRequest().body("A felhasználónév csak betűket és számokat tartalmazhat");
if(request.getUsername().length() < 5 || request.getUsername().length() > 20)
return ResponseEntity.badRequest().body("A felhasználónév hossza 5 és 20 karakter között legyen");
if(request.getPassword().length() < 8 || request.getPassword().length() > 20)
return ResponseEntity.badRequest().body("A jelszó hossza 5 és 20 karakter között legyen");
if(!Pattern.matches("^(?=.*[A-Z])(?=.*\\d)[A-Za-z\\d]+$", request.getPassword()))
return ResponseEntity.badRequest().body("A jelszó tartalmazzon nagybetűt és számot");
return null;
}
private boolean isValidLoginRequest(UserDTO request) {
if (request == null) {
......@@ -162,27 +193,8 @@ public class Controller {
// If all checks pass, return true
}
private ValidationError validateRegisterRequest(UserDTO request) {
String username_regex = "^\\w{5,20}$";
// username can contain numbers, upper and lowercase characters
String password_regex = "^(?=.*[A-Z])(?=.*\\d)[A-Za-z\\d]{8,20}$";
if (request == null || request.getUsername() == null || request.getPassword() == null) {
return new RequestValidationError();
}
if (!Pattern.matches(username_regex, request.getUsername())) {
return new UsernameValidationError();
}
if (!Pattern.matches(password_regex, request.getPassword())) {
return new PasswordValidationError();
}
return null;
}
private boolean isValidToken(String token) {
return token != null && verifyTokenSignature(token);
private boolean inValidToken(String token) {
return token == null || !verifyTokenSignature(token);
}
private boolean verifyTokenSignature(String token) {
......@@ -195,33 +207,4 @@ public class Controller {
}
private abstract static class ValidationError {
private final String message;
public String getMessage() {
return message;
}
ValidationError(String m) {
message = m;
}
}
private static class RequestValidationError extends ValidationError {
RequestValidationError() {
super("Érvénytelen kérés");
}
}
private static class UsernameValidationError extends ValidationError {
UsernameValidationError() {
super("Érvénytelen felhasználónév");
}
}
private static class PasswordValidationError extends ValidationError {
PasswordValidationError() {
super("Érvénytelen jelszó");
}
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment