added @Length validations according to database restriction

2 years ago · 9f7d6737b3
8 changed files with 24 additions and 9 deletions
--- a/application/src/test/java/org/thingsboard/server/controller/MobileAppControllerTest.java
+++ b/application/src/test/java/org/thingsboard/server/controller/MobileAppControllerTest.java
@ -92,7 +92,7 @@ public class MobileAppControllerTest extends AbstractControllerTest {
        mobileApp.setAppSecret("short");
        doPost("/api/mobileApp", mobileApp)
                .andExpect(status().isBadRequest())
-                .andExpect(statusReason(containsString("appSecret must be at least 16 characters")));
+                .andExpect(statusReason(containsString("appSecret must be at least 16 and max 2048 characters")));
    }

    @Test
--- a/common/data/src/main/java/org/thingsboard/server/common/data/domain/Domain.java
+++ b/common/data/src/main/java/org/thingsboard/server/common/data/domain/Domain.java
@ -25,6 +25,7 @@ import org.thingsboard.server.common.data.HasName;
 import org.thingsboard.server.common.data.HasTenantId;
 import org.thingsboard.server.common.data.id.DomainId;
 import org.thingsboard.server.common.data.id.TenantId;
+import org.thingsboard.server.common.data.validation.Length;

@EqualsAndHashCode(callSuper = true)
@Data
@ -35,6 +36,7 @@ public class Domain extends BaseData<DomainId> implements HasTenantId, HasName {
    private TenantId tenantId;
    @Schema(description = "Domain name. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotBlank
+    @Length(fieldName = "name")
    private String name;
    @Schema(description = "Whether OAuth2 settings are enabled or not")
    private boolean oauth2Enabled;
--- a/common/data/src/main/java/org/thingsboard/server/common/data/mobile/MobileApp.java
+++ b/common/data/src/main/java/org/thingsboard/server/common/data/mobile/MobileApp.java
@ -38,10 +38,11 @@ public class MobileApp extends BaseData<MobileAppId> implements HasTenantId, Has
    private TenantId tenantId;
    @Schema(description = "Application package name. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotBlank
+    @Length(fieldName = "pkgName")
    private String pkgName;
    @Schema(description = "Application secret. The length must be at least 16 characters", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotEmpty
-    @Length(min = 16, message = "must be at least 16 characters")
+    @Length(fieldName = "appSecret", min = 16, max = 2048, message = "must be at least 16 and max 2048 characters")
    private String appSecret;
    @Schema(description = "Whether OAuth2 settings are enabled or not")
    private boolean oauth2Enabled;
--- a/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2Client.java
+++ b/common/data/src/main/java/org/thingsboard/server/common/data/oauth2/OAuth2Client.java
@ -42,42 +42,54 @@ public class OAuth2Client extends BaseDataWithAdditionalInfo<OAuth2ClientId> imp
    private TenantId tenantId;
    @Schema(description = "Oauth2 client title")
    @NotBlank
-    @Length(max = 100, message = "cannot be longer than 100 chars")
+    @Length(fieldName = "title", max = 100, message = "cannot be longer than 100 chars")
    private String title;
    @Schema(description = "Config for mapping OAuth2 log in response to platform entities", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotNull
    private OAuth2MapperConfig mapperConfig;
    @Schema(description = "OAuth2 client ID. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotBlank
+    @Length(fieldName = "clientId")
    private String clientId;
    @Schema(description = "OAuth2 client secret. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotBlank
+    @Length(fieldName = "clientSecret", max = 2048)
    private String clientSecret;
    @Schema(description = "Authorization URI of the OAuth2 provider. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotBlank
+    @Length(fieldName = "authorizationUri")
    private String authorizationUri;
    @Schema(description = "Access token URI of the OAuth2 provider. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotBlank
+    @Length(fieldName = "accessTokenUri")
    private String accessTokenUri;
    @Schema(description = "OAuth scopes that will be requested from OAuth2 platform. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotEmpty
+    @Length(fieldName = "scope")
    private List<String> scope;
    @Schema(description = "User info URI of the OAuth2 provider")
+    @Length(fieldName = "userInfoUri")
    private String userInfoUri;
    @Schema(description = "Name of the username attribute in OAuth2 provider response. Cannot be empty")
    @NotBlank
+    @Length(fieldName = "userNameAttributeName")
    private String userNameAttributeName;
    @Schema(description = "JSON Web Key URI of the OAuth2 provider")
+    @Length(fieldName = "jwkSetUri")
    private String jwkSetUri;
    @Schema(description = "Client authentication method to use: 'BASIC' or 'POST'. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotBlank
+    @Length(fieldName = "clientAuthenticationMethod")
    private String clientAuthenticationMethod;
    @Schema(description = "OAuth2 provider label. Cannot be empty", requiredMode = Schema.RequiredMode.REQUIRED)
    @NotBlank
+    @Length(fieldName = "loginButtonLabel")
    private String loginButtonLabel;
    @Schema(description = "Log in button icon for OAuth2 provider")
+    @Length(fieldName = "loginButtonIcon")
    private String loginButtonIcon;
    @Schema(description = "List of platforms for which usage of the OAuth2 client is allowed (empty for all allowed)")
+    @Length(fieldName = "platforms")
    private List<PlatformType> platforms;
    @Schema(description = "Additional info of OAuth2 client (e.g. providerName)", requiredMode = Schema.RequiredMode.REQUIRED)
    private JsonNode additionalInfo;
--- a/dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/OAuth2ClientRepository.java
+++ b/dao/src/main/java/org/thingsboard/server/dao/sql/oauth2/OAuth2ClientRepository.java
@ -57,13 +57,13 @@ public interface OAuth2ClientRepository extends JpaRepository<OAuth2ClientEntity
            "FROM OAuth2ClientEntity c " +
            "LEFT JOIN DomainOauth2ClientEntity dc on dc.oauth2ClientId = c.id " +
            "WHERE dc.domainId = :domainId ")
-    List<OAuth2ClientEntity> findByDomainId(UUID domainId);
+    List<OAuth2ClientEntity> findByDomainId(@Param("domainId") UUID domainId);

    @Query("SELECT c " +
            "FROM OAuth2ClientEntity c " +
            "LEFT JOIN MobileAppOauth2ClientEntity mc on mc.oauth2ClientId = c.id " +
            "WHERE mc.mobileAppId = :mobileAppId ")
-    List<OAuth2ClientEntity> findByMobileAppId(UUID mobileAppId);
+    List<OAuth2ClientEntity> findByMobileAppId(@Param("mobileAppId") UUID mobileAppId);

    @Query("SELECT m.appSecret " +
            "FROM MobileAppEntity m " +
--- a/dao/src/main/resources/sql/schema-entities.sql
+++ b/dao/src/main/resources/sql/schema-entities.sql
@ -586,7 +586,7 @@ CREATE TABLE IF NOT EXISTS oauth2_client (
    id uuid NOT NULL CONSTRAINT oauth2_client_pkey PRIMARY KEY,
    created_time bigint NOT NULL,
    tenant_id uuid NOT NULL,
-    title  varchar(100) NOT NULL,
+    title varchar(100) NOT NULL,
    additional_info varchar,
    client_id varchar(255),
    client_secret varchar(2048),
--- a/dao/src/test/java/org/thingsboard/server/dao/service/DomainServiceTest.java
+++ b/dao/src/test/java/org/thingsboard/server/dao/service/DomainServiceTest.java
@ -99,7 +99,7 @@ public class DomainServiceTest extends AbstractServiceTest {
    }

    @Test
-    public void tesGetDomainInfo() {
+    public void testGetDomainInfo() {
        OAuth2Client oAuth2Client = validClientInfo(TenantId.SYS_TENANT_ID, "Test google client");
        OAuth2Client savedOauth2Client = oAuth2ClientService.saveOAuth2Client(SYSTEM_TENANT_ID, oAuth2Client);
        PageData<OAuth2ClientInfo> infos = oAuth2ClientService.findOAuth2ClientInfosByTenantId(TenantId.SYS_TENANT_ID, new PageLink(10));
@ -115,7 +115,7 @@ public class DomainServiceTest extends AbstractServiceTest {

        //find clients by domain name
        List<OAuth2ClientLoginInfo> oauth2LoginInfo = oAuth2ClientService.findOAuth2ClientLoginInfosByDomainName(savedDomain.getName());
-        assertThat(oauth2LoginInfo).containsOnly(new OAuth2ClientLoginInfo(savedOauth2Client.getName(), savedOauth2Client.getLoginButtonIcon(), String.format(OAUTH2_AUTHORIZATION_PATH_TEMPLATE, savedOauth2Client.getUuidId().toString())));
+        assertThat(oauth2LoginInfo).containsOnly(new OAuth2ClientLoginInfo(savedOauth2Client.getLoginButtonLabel(), savedOauth2Client.getLoginButtonIcon(), String.format(OAUTH2_AUTHORIZATION_PATH_TEMPLATE, savedOauth2Client.getUuidId().toString())));
    }

    private Domain constructDomain(TenantId tenantId, String domainName, boolean oauth2Enabled, boolean propagateToEdge) {
--- a/dao/src/test/java/org/thingsboard/server/dao/service/MobileAppServiceTest.java
+++ b/dao/src/test/java/org/thingsboard/server/dao/service/MobileAppServiceTest.java
@ -101,7 +101,7 @@ public class MobileAppServiceTest extends AbstractServiceTest {

        //find clients by MobileApp name
        List<OAuth2ClientLoginInfo> oauth2LoginInfo = oAuth2ClientService.findOAuth2ClientLoginInfosByMobilePkgNameAndPlatformType(savedMobileApp.getName(), null);
-        assertThat(oauth2LoginInfo).containsOnly(new OAuth2ClientLoginInfo(savedOauth2Client.getName(), savedOauth2Client.getLoginButtonIcon(), String.format(OAUTH2_AUTHORIZATION_PATH_TEMPLATE, savedOauth2Client.getUuidId().toString())));
+        assertThat(oauth2LoginInfo).containsOnly(new OAuth2ClientLoginInfo(savedOauth2Client.getLoginButtonLabel(), savedOauth2Client.getLoginButtonIcon(), String.format(OAUTH2_AUTHORIZATION_PATH_TEMPLATE, savedOauth2Client.getUuidId().toString())));
    }

    private MobileApp validMobileApp(TenantId tenantId, String mobileAppName, boolean oauth2Enabled) {