Require namespace and apiVersion for PUT request
In order to prevent accidentally overwriting complete projects
or extensions with unrelated content we now require namespace and
apiVersion attributes in a PUT request.
Change-Id: I1062d414741566807f41e6da2f3a72a067de2849
Signed-off-by: Michael Ochmann <michael.ochmann@sap.com>
diff --git a/org.eclipse.skalli.core/src/main/java/org/eclipse/skalli/core/rest/resources/CommonProjectConverter.java b/org.eclipse.skalli.core/src/main/java/org/eclipse/skalli/core/rest/resources/CommonProjectConverter.java
index 78eeb22..d80a982 100644
--- a/org.eclipse.skalli.core/src/main/java/org/eclipse/skalli/core/rest/resources/CommonProjectConverter.java
+++ b/org.eclipse.skalli.core/src/main/java/org/eclipse/skalli/core/rest/resources/CommonProjectConverter.java
@@ -20,6 +20,7 @@
import java.util.SortedSet;
import java.util.UUID;
+import org.apache.commons.lang.StringUtils;
import org.eclipse.skalli.commons.CollectionUtils;
import org.eclipse.skalli.commons.XMLUtils;
import org.eclipse.skalli.model.Derived;
@@ -230,22 +231,14 @@
@SuppressWarnings("nls")
private Project unmarshal(Project project) throws RestException, IOException {
+ String apiVersion = null;
+ String namespace = null;
reader.object();
while (reader.hasMore()) {
if (reader.isKeyAnyOf("apiVersion")) {
- String apiVersion = reader.attributeString();
- if (!getApiVersion().equals(apiVersion)) {
- throw new RestException(MessageFormat.format(
- "Unsupported API version (requested: ''{0}'', expected: ''{1}'')",
- apiVersion, getApiVersion()));
- }
- } else if (reader.isKeyAnyOf(XMLUtils.XMLNS)) {
- String namespace = reader.attributeString();
- if (!getNamespace().equals(namespace)) {
- throw new RestException(MessageFormat.format(
- "Unsupported namespace (requested: ''{0}'', expected: ''{1}'')",
- namespace, getNamespace()));
- }
+ apiVersion = reader.attributeString();
+ } else if (reader.isKeyAnyOf(XMLUtils.XMLNS, "namespace")) {
+ namespace = reader.attributeString();
} else if (reader.isKey("id")) {
project.setProjectId(reader.valueString());
} else if (reader.isKey("name")) {
@@ -267,6 +260,22 @@
}
}
reader.end();
+ if (StringUtils.isBlank(apiVersion)) {
+ throw new RestException("Missing required apiVersion attribute");
+ }
+ if (!getApiVersion().equals(apiVersion)) {
+ throw new RestException(MessageFormat.format(
+ "Unsupported API version (requested: ''{0}'', expected: ''{1}'')",
+ apiVersion, getApiVersion()));
+ }
+ if (StringUtils.isBlank(namespace)) {
+ throw new RestException("Missing required namespace attribute");
+ }
+ if (!getNamespace().equals(namespace)) {
+ throw new RestException(MessageFormat.format(
+ "Unsupported namespace (requested: ''{0}'', expected: ''{1}'')",
+ namespace, getNamespace()));
+ }
return project;
}
diff --git a/org.eclipse.skalli.core/src/main/java/org/eclipse/skalli/core/rest/resources/InheritableExtensionConverter.java b/org.eclipse.skalli.core/src/main/java/org/eclipse/skalli/core/rest/resources/InheritableExtensionConverter.java
index bce4721..30751ca 100644
--- a/org.eclipse.skalli.core/src/main/java/org/eclipse/skalli/core/rest/resources/InheritableExtensionConverter.java
+++ b/org.eclipse.skalli.core/src/main/java/org/eclipse/skalli/core/rest/resources/InheritableExtensionConverter.java
@@ -13,6 +13,7 @@
import java.io.IOException;
import java.text.MessageFormat;
+import org.apache.commons.lang.StringUtils;
import org.eclipse.skalli.commons.XMLUtils;
import org.eclipse.skalli.model.Derived;
import org.eclipse.skalli.model.ExtensionEntityBase;
@@ -83,23 +84,15 @@
@SuppressWarnings("nls")
private void unmarshallCommonAttributes(InheritableExtension inheritable) throws IOException, RestException {
+ String apiVersion = null;
+ String namespace = null;
while (reader.hasMore()) {
if (reader.isKeyAnyOf("inherited")) {
inheritable.setInherited(reader.attributeBoolean());
} else if (reader.isKeyAnyOf("apiVersion")) {
- String apiVersion = reader.attributeString();
- if (!getApiVersion().equals(apiVersion)) {
- throw new RestException(MessageFormat.format(
- "Unsupported API version (requested: ''{0}'', expected: ''{1}'')",
- apiVersion, getApiVersion()));
- }
- } else if (reader.isKeyAnyOf(XMLUtils.XMLNS)) {
- String namespace = reader.attributeString();
- if (!getNamespace().equals(namespace)) {
- throw new RestException(MessageFormat.format(
- "Unsupported namespace (requested: ''{0}'', expected: ''{1}'')",
- namespace, getNamespace()));
- }
+ apiVersion = reader.attributeString();
+ } else if (reader.isKeyAnyOf(XMLUtils.XMLNS, "namespace")) {
+ namespace = reader.attributeString();
} else if (reader.isKeyAnyOf(XMLUtils.XMLNS_XSI, XMLUtils.XSI_SCHEMA_LOCATION,
"lastModified", "lastModifiedMillis", "modifiedBy", "derived")) {
// ignore these attributes
@@ -109,6 +102,22 @@
break;
}
}
+ if (StringUtils.isBlank(apiVersion)) {
+ throw new RestException("Missing required apiVersion attribute");
+ }
+ if (!getApiVersion().equals(apiVersion)) {
+ throw new RestException(MessageFormat.format(
+ "Unsupported API version (requested: ''{0}'', expected: ''{1}'')",
+ apiVersion, getApiVersion()));
+ }
+ if (StringUtils.isBlank(namespace)) {
+ throw new RestException("Missing required namespace attribute");
+ }
+ if (!getNamespace().equals(namespace)) {
+ throw new RestException(MessageFormat.format(
+ "Unsupported namespace (requested: ''{0}'', expected: ''{1}'')",
+ namespace, getNamespace()));
+ }
}
@Override