diff options
author | Endi S. Dewata <edewata@redhat.com> | 2013-11-10 16:40:15 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2013-11-10 21:17:28 -0500 |
commit | 014fdc85a7e018df419aad3dce460f0e58d42f92 (patch) | |
tree | 0fec6dbd11e9267257ab3588716eb90dbc624f1c /base/server/cms/src/com/netscape/cms/servlet/admin | |
parent | c75ce3cf5e20be3f9a4b12f8e2b982a41ca9b4ca (diff) | |
download | pki-014fdc85a7e018df419aad3dce460f0e58d42f92.tar.gz pki-014fdc85a7e018df419aad3dce460f0e58d42f92.tar.xz pki-014fdc85a7e018df419aad3dce460f0e58d42f92.zip |
Added null parameter checking.
Some REST services have been modified to throw BadRequestException
on null parameters.
Ticket #749
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/admin')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/admin/GroupService.java | 16 | ||||
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/admin/UserService.java | 20 |
2 files changed, 36 insertions, 0 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/GroupService.java b/base/server/cms/src/com/netscape/cms/servlet/admin/GroupService.java index 17c4387a3..065f93c8f 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/GroupService.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/GroupService.java @@ -188,6 +188,8 @@ public class GroupService extends PKIService implements GroupResource { @Override public Response addGroup(GroupData groupData) { + if (groupData == null) throw new BadRequestException("Group data is null."); + String groupID = groupData.getID(); // ensure that any low-level exceptions are reported @@ -249,6 +251,8 @@ public class GroupService extends PKIService implements GroupResource { @Override public Response modifyGroup(String groupID, GroupData groupData) { + if (groupData == null) throw new BadRequestException("Group data is null."); + // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { @@ -346,6 +350,10 @@ public class GroupService extends PKIService implements GroupResource { @Override public GroupMemberData getGroupMember(String groupID, String memberID) { + + if (groupID == null) throw new BadRequestException("Group ID is null."); + if (memberID == null) throw new BadRequestException("Member ID is null."); + try { GroupMemberProcessor processor = new GroupMemberProcessor(getLocale(headers)); processor.setUriInfo(uriInfo); @@ -362,6 +370,10 @@ public class GroupService extends PKIService implements GroupResource { @Override public Response addGroupMember(String groupID, String memberID) { + + if (groupID == null) throw new BadRequestException("Group ID is null."); + if (memberID == null) throw new BadRequestException("Member ID is null."); + GroupMemberData groupMemberData = new GroupMemberData(); groupMemberData.setID(memberID); groupMemberData.setGroupID(groupID); @@ -385,6 +397,10 @@ public class GroupService extends PKIService implements GroupResource { @Override public void removeGroupMember(String groupID, String memberID) { + + if (groupID == null) throw new BadRequestException("Group ID is null."); + if (memberID == null) throw new BadRequestException("Member ID is null."); + try { GroupMemberProcessor processor = new GroupMemberProcessor(getLocale(headers)); processor.setUriInfo(uriInfo); diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/UserService.java b/base/server/cms/src/com/netscape/cms/servlet/admin/UserService.java index b32bf6756..c24154094 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/UserService.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/UserService.java @@ -256,6 +256,8 @@ public class UserService extends PKIService implements UserResource { @Override public Response addUser(UserData userData) { + if (userData == null) throw new BadRequestException("User data is null."); + IConfigStore cs = CMS.getConfigStore(); String userID = userData.getID(); @@ -380,6 +382,8 @@ public class UserService extends PKIService implements UserResource { @Override public Response modifyUser(String userID, UserData userData) { + if (userData == null) throw new BadRequestException("User data is null."); + // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures IConfigStore cs = CMS.getConfigStore(); @@ -598,6 +602,9 @@ public class UserService extends PKIService implements UserResource { @Override public UserCertData getUserCert(String userID, String certID) { + + if (certID == null) throw new BadRequestException("Certificate ID is null."); + try { if (userID == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); @@ -672,6 +679,8 @@ public class UserService extends PKIService implements UserResource { @Override public Response addUserCert(String userID, UserCertData userCertData) { + if (userCertData == null) throw new BadRequestException("Certificate data is null."); + // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { @@ -870,6 +879,9 @@ public class UserService extends PKIService implements UserResource { @Override public void removeUserCert(String userID, String certID) { + if (userID == null) throw new BadRequestException("User ID is null."); + if (certID == null) throw new BadRequestException("Certificate ID is null."); + try { certID = URLDecoder.decode(certID, "UTF-8"); } catch (Exception e) { @@ -995,6 +1007,10 @@ public class UserService extends PKIService implements UserResource { @Override public Response addUserMembership(String userID, String groupID) { + + if (userID == null) throw new BadRequestException("User ID is null."); + if (groupID == null) throw new BadRequestException("Group ID is null."); + try { GroupMemberData groupMemberData = new GroupMemberData(); groupMemberData.setID(userID); @@ -1023,6 +1039,10 @@ public class UserService extends PKIService implements UserResource { @Override public void removeUserMembership(String userID, String groupID) { + + if (userID == null) throw new BadRequestException("User ID is null."); + if (groupID == null) throw new BadRequestException("Group ID is null."); + try { GroupMemberProcessor processor = new GroupMemberProcessor(getLocale(headers)); processor.setUriInfo(uriInfo); |