From 88a17e3cfa93dcba6dbc77c2457eee6e64ffcd98 Mon Sep 17 00:00:00 2001 From: dashevchenko Date: Mon, 11 Sep 2023 18:07:30 +0300 Subject: [PATCH 1/2] added validation on space key --- .../server/controller/TelemetryControllerTest.java | 13 +++++++++++++ .../org/thingsboard/server/dao/util/KvUtils.java | 4 ++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/application/src/test/java/org/thingsboard/server/controller/TelemetryControllerTest.java b/application/src/test/java/org/thingsboard/server/controller/TelemetryControllerTest.java index f7e5f6f6f3..7b7554c559 100644 --- a/application/src/test/java/org/thingsboard/server/controller/TelemetryControllerTest.java +++ b/application/src/test/java/org/thingsboard/server/controller/TelemetryControllerTest.java @@ -149,6 +149,19 @@ public class TelemetryControllerTest extends AbstractControllerTest { doPostAsync("/api/plugins/telemetry/DEVICE/" + device.getId() + "/timeseries/smth", invalidRequestBody, String.class, status().isBadRequest()); } + @Test + public void testEmptyKeyIsProhibited() throws Exception { + loginTenantAdmin(); + Device device = createDevice(); + String invalidRequestBody = "{\"\": \"value\"}"; + doPostAsync("/api/plugins/telemetry/" + device.getId() + "/SHARED_SCOPE", invalidRequestBody, String.class, status().isBadRequest()); + doPostAsync("/api/plugins/telemetry/DEVICE/" + device.getId() + "/timeseries/smth", invalidRequestBody, String.class, status().isBadRequest()); + + String invalidRequestBody2 = "{\" \": \"value\"}"; + doPostAsync("/api/plugins/telemetry/" + device.getId() + "/SHARED_SCOPE", invalidRequestBody2, String.class, status().isBadRequest()); + doPostAsync("/api/plugins/telemetry/DEVICE/" + device.getId() + "/timeseries/smth", invalidRequestBody2, String.class, status().isBadRequest()); + } + private Device createDevice() throws Exception { String testToken = "TEST_TOKEN"; diff --git a/dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java b/dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java index e417a5a50a..f94d76ba89 100644 --- a/dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java +++ b/dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java @@ -48,8 +48,8 @@ public class KvUtils { String key = tsKvEntry.getKey(); - if (key == null) { - throw new DataValidationException("Key can't be null"); + if (key == null || key.isBlank()) { + throw new DataValidationException("Key can't be null or empty"); } if (key.length() > 255) { From 66f598b4d84b7f0322666ddd1bbde9021857bde9 Mon Sep 17 00:00:00 2001 From: dashevchenko Date: Tue, 12 Sep 2023 11:13:57 +0300 Subject: [PATCH 2/2] refactored KvUtils.validate method --- dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java b/dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java index f94d76ba89..31bb00ebd9 100644 --- a/dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java +++ b/dao/src/main/java/org/thingsboard/server/dao/util/KvUtils.java @@ -18,6 +18,7 @@ package org.thingsboard.server.dao.util; import com.fasterxml.jackson.databind.JsonNode; import com.github.benmanes.caffeine.cache.Cache; import com.github.benmanes.caffeine.cache.Caffeine; +import org.thingsboard.server.common.data.StringUtils; import org.thingsboard.server.common.data.kv.KvEntry; import org.thingsboard.server.dao.exception.DataValidationException; import org.thingsboard.server.dao.exception.IncorrectParameterException; @@ -48,7 +49,7 @@ public class KvUtils { String key = tsKvEntry.getKey(); - if (key == null || key.isBlank()) { + if (StringUtils.isBlank(key)) { throw new DataValidationException("Key can't be null or empty"); }