getMappedServers(String toolSig);
+
+ ExtServerToolAdapterMap getMappedServer(String serverId, String toolSig);
+
+ void saveExtServerToolAdapterMap(ExtServerToolAdapterMap map);
+
+ void deleteExtServerToolAdapterMap(ExtServerToolAdapterMap map);
+
+ /**
+ * Checks whether the lesson was created from extServer and returns lessonFinishCallbackUrl if it's not blank.
+ *
+ * @param user
+ * @param lesson
+ * @return
+ * @throws UnsupportedEncodingException
+ */
+ String getLessonFinishCallbackUrl(User user, Lesson lesson) throws UnsupportedEncodingException;
}
Index: lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java
===================================================================
diff -u -r606581007abbdaee5483777096f32ffac1c3e3eb -r0d275bf753620ae71aeb4e7589c540c9777532cb
--- lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java (.../IntegrationService.java) (revision 606581007abbdaee5483777096f32ffac1c3e3eb)
+++ lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java (.../IntegrationService.java) (revision 0d275bf753620ae71aeb4e7589c540c9777532cb)
@@ -41,12 +41,14 @@
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
+import org.apache.struts.action.ActionMessage;
import org.lamsfoundation.lams.integration.ExtCourseClassMap;
import org.lamsfoundation.lams.integration.ExtServerLessonMap;
import org.lamsfoundation.lams.integration.ExtServerOrgMap;
import org.lamsfoundation.lams.integration.ExtServerToolAdapterMap;
import org.lamsfoundation.lams.integration.ExtUserUseridMap;
import org.lamsfoundation.lams.integration.UserInfoFetchException;
+import org.lamsfoundation.lams.integration.UserInfoValidationException;
import org.lamsfoundation.lams.integration.security.RandomPasswordGenerator;
import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher;
import org.lamsfoundation.lams.lesson.Lesson;
@@ -64,6 +66,7 @@
import org.lamsfoundation.lams.util.ConfigurationKeys;
import org.lamsfoundation.lams.util.HashUtil;
import org.lamsfoundation.lams.util.LanguageUtil;
+import org.lamsfoundation.lams.util.ValidationUtil;
/**
*
@@ -98,7 +101,7 @@
// wrapper method for compatibility with original integration modules
public ExtCourseClassMap getExtCourseClassMap(ExtServerOrgMap serverMap, ExtUserUseridMap userMap,
String extCourseId, String countryIsoCode, String langIsoCode, String prettyCourseName, String method,
- Boolean prefix) {
+ Boolean prefix) throws UserInfoValidationException {
// Set the pretty course name if available, otherwise maintain the extCourseId
String courseName = "";
@@ -119,7 +122,7 @@
// wrapper method for compatibility with original integration modules
public ExtCourseClassMap getExtCourseClassMap(ExtServerOrgMap serverMap, ExtUserUseridMap userMap,
- String extCourseId, String countryIsoCode, String langIsoCode, String prettyCourseName, String method) {
+ String extCourseId, String countryIsoCode, String langIsoCode, String prettyCourseName, String method) throws UserInfoValidationException {
return getExtCourseClassMap(serverMap, userMap, extCourseId, countryIsoCode, langIsoCode, prettyCourseName,
method, true);
}
@@ -128,7 +131,7 @@
// 'teacher' roles, and a flag for whether to use a prefix in the org's name
public ExtCourseClassMap getExtCourseClassMap(ExtServerOrgMap serverMap, ExtUserUseridMap userMap,
String extCourseId, String extCourseName, String countryIsoCode, String langIsoCode, String parentOrgId,
- Boolean isTeacher, Boolean prefix) {
+ Boolean isTeacher, Boolean prefix) throws UserInfoValidationException {
ExtCourseClassMap map;
Organisation org;
User user = userMap.getUser();
@@ -193,7 +196,7 @@
}
public ExtUserUseridMap getExtUserUseridMap(ExtServerOrgMap serverMap, String extUsername, boolean prefix)
- throws UserInfoFetchException {
+ throws UserInfoFetchException, UserInfoValidationException {
Map properties = new HashMap();
properties.put("extServerOrgMap.sid", serverMap.getSid());
properties.put("extUsername", extUsername);
@@ -206,7 +209,7 @@
}
public ExtUserUseridMap getExtUserUseridMap(ExtServerOrgMap serverMap, String extUsername)
- throws UserInfoFetchException {
+ throws UserInfoFetchException, UserInfoValidationException {
return getExtUserUseridMap(serverMap, extUsername, true);
}
@@ -224,7 +227,7 @@
}
public ExtUserUseridMap getImplicitExtUserUseridMap(ExtServerOrgMap serverMap, String extUsername, String password,
- String firstName, String lastName, String email) throws UserInfoFetchException {
+ String firstName, String lastName, String email) throws UserInfoValidationException {
Map properties = new HashMap();
properties.put("extServerOrgMap.sid", serverMap.getSid());
properties.put("extUsername", extUsername);
@@ -241,7 +244,7 @@
public ExtUserUseridMap getImplicitExtUserUseridMap(ExtServerOrgMap serverMap, String extUsername,
String firstName, String lastName, String language, String country, String email, boolean prefix)
- throws UserInfoFetchException {
+ throws UserInfoValidationException {
Map properties = new HashMap();
properties.put("extServerOrgMap.sid", serverMap.getSid());
properties.put("extUsername", extUsername);
@@ -254,9 +257,19 @@
}
private Organisation createOrganisation(ExtServerOrgMap serverMap, User user, String extCourseId,
- String extCourseName, String countryIsoCode, String langIsoCode, String parentOrgId, Boolean prefix) {
+ String extCourseName, String countryIsoCode, String langIsoCode, String parentOrgId, Boolean prefix) throws UserInfoValidationException {
+
Organisation org = new Organisation();
- org.setName(prefix ? buildName(serverMap.getPrefix(), extCourseName) : extCourseName);
+
+ // org name validation
+ String orgName = prefix ? buildName(serverMap.getPrefix(), extCourseName) : extCourseName;
+ if (StringUtils.isNotBlank(orgName) && !ValidationUtil.isFirstLastNameValid(orgName)) {
+ throw new UserInfoValidationException("Can't create organisation due to validation error: "
+ + "organisation name cannot contain any of these characters < > ^ * @ % $. External server:"
+ + serverMap.getServerid() + ", orgId:" + extCourseId + ", orgName:" + orgName);
+ }
+ org.setName(orgName);
+
org.setDescription(extCourseId);
org.setOrganisationState((OrganisationState) service
.findById(OrganisationState.class, OrganisationState.ACTIVE));
@@ -284,9 +297,47 @@
// flexible method to specify username and password
private ExtUserUseridMap createExtUserUseridMap(ExtServerOrgMap serverMap, String extUsername, String password,
- String[] userData, boolean prefix) throws UserInfoFetchException {
+ String[] userData, boolean prefix) throws UserInfoValidationException {
+
+ String login = prefix ? buildName(serverMap.getPrefix(), extUsername) : extUsername;
+ String firstName = userData[1];
+ String lastName = userData[2];
+ String email = userData[11];
+
+ // login validation
+ if (StringUtils.isBlank(login)) {
+ throw new UserInfoValidationException("Can't create user due to validation error: "
+ + "Username cannot be blank. External server:" + serverMap.getServerid() + ", firstName:"
+ + firstName + ", lastName:" + lastName);
+ } else if (!ValidationUtil.isUserNameValid(login)) {
+ throw new UserInfoValidationException("Can't create user due to validation error: "
+ + "Username can only contain alphanumeric characters and no spaces. External server:"
+ + serverMap.getServerid() + ", Username:" + login);
+ }
+
+ // first name validation
+ if (StringUtils.isNotBlank(firstName) && !ValidationUtil.isFirstLastNameValid(firstName)) {
+ throw new UserInfoValidationException("Can't create user due to validation error: "
+ + "First name contains invalid characters. External server:" + serverMap.getServerid()
+ + ", Username:" + login + ", firstName:" + firstName + ", lastName:" + lastName);
+ }
+
+ // last name validation
+ if (StringUtils.isNotBlank(lastName) && !ValidationUtil.isFirstLastNameValid(lastName)) {
+ throw new UserInfoValidationException("Can't create user due to validation error: "
+ + "Last name contains invalid characters. External server:" + serverMap.getServerid()
+ + ", Username:" + login + ", firstName:" + firstName + ", lastName:" + lastName);
+ }
+
+ // user email validation
+ if (StringUtils.isNotBlank(email) && !ValidationUtil.isEmailValid(email)) {
+ throw new UserInfoValidationException("Can't create user due to validation error: "
+ + "Email format is invalid. External server:" + serverMap.getServerid() + ", Username:" + login
+ + ", firstName:" + firstName + ", lastName:" + lastName);
+ }
+
User user = new User();
- user.setLogin(prefix ? buildName(serverMap.getPrefix(), extUsername) : extUsername);
+ user.setLogin(login);
user.setPassword(password);
user.setTitle(userData[0]);
user.setFirstName(userData[1]);
@@ -318,16 +369,16 @@
// compatibility method to support integrations
private ExtUserUseridMap createExtUserUseridMap(ExtServerOrgMap serverMap, String extUsername, boolean prefix)
- throws UserInfoFetchException {
+ throws UserInfoFetchException, UserInfoValidationException {
String[] userData = getUserDataFromExtServer(serverMap, extUsername);
String password = HashUtil.sha1(RandomPasswordGenerator.nextPassword(10));
return createExtUserUseridMap(serverMap, extUsername, password, userData, prefix);
}
// compatibility method
- public ExtUserUseridMap createImplicitExtUserUseridMap(ExtServerOrgMap serverMap, String extUsername,
+ private ExtUserUseridMap createImplicitExtUserUseridMap(ExtServerOrgMap serverMap, String extUsername,
String firstName, String lastName, String language, String country, String email, boolean prefix)
- throws UserInfoFetchException {
+ throws UserInfoValidationException {
String[] userData = { "", firstName, lastName, "", "", "", "", "", "", "", "", email, country, language };
String password = HashUtil.sha1(RandomPasswordGenerator.nextPassword(10));
return createExtUserUseridMap(serverMap, extUsername, password, userData, prefix);
Index: lams_common/src/java/org/lamsfoundation/lams/integration/util/LoginRequestDispatcher.java
===================================================================
diff -u -rdfe9ef3dde4b722b5d87c4964a66f19fd48ea2b0 -r0d275bf753620ae71aeb4e7589c540c9777532cb
--- lams_common/src/java/org/lamsfoundation/lams/integration/util/LoginRequestDispatcher.java (.../LoginRequestDispatcher.java) (revision dfe9ef3dde4b722b5d87c4964a66f19fd48ea2b0)
+++ lams_common/src/java/org/lamsfoundation/lams/integration/util/LoginRequestDispatcher.java (.../LoginRequestDispatcher.java) (revision 0d275bf753620ae71aeb4e7589c540c9777532cb)
@@ -30,6 +30,7 @@
import org.lamsfoundation.lams.integration.ExtServerOrgMap;
import org.lamsfoundation.lams.integration.ExtUserUseridMap;
import org.lamsfoundation.lams.integration.UserInfoFetchException;
+import org.lamsfoundation.lams.integration.UserInfoValidationException;
import org.lamsfoundation.lams.integration.service.IIntegrationService;
import org.lamsfoundation.lams.integration.service.IntegrationService;
import org.lamsfoundation.lams.lesson.service.ILessonService;
@@ -119,6 +120,8 @@
addUserToLessonClass(request, lessonId, method);
} catch (UserInfoFetchException e) {
throw new ServletException(e);
+ } catch (UserInfoValidationException e) {
+ throw new ServletException(e);
}
}
@@ -169,7 +172,7 @@
}
private static void addUserToLessonClass(HttpServletRequest request, String lessonId, String method)
- throws UserInfoFetchException {
+ throws UserInfoFetchException, UserInfoValidationException {
if (integrationService == null) {
integrationService = (IntegrationService) WebApplicationContextUtils.getRequiredWebApplicationContext(
request.getSession().getServletContext()).getBean("integrationService");
Index: lams_common/src/java/org/lamsfoundation/lams/util/ValidationUtil.java
===================================================================
diff -u
--- lams_common/src/java/org/lamsfoundation/lams/util/ValidationUtil.java (revision 0)
+++ lams_common/src/java/org/lamsfoundation/lams/util/ValidationUtil.java (revision 0d275bf753620ae71aeb4e7589c540c9777532cb)
@@ -0,0 +1,107 @@
+/****************************************************************
+ * Copyright (C) 2005 LAMS Foundation (http://lamsfoundation.org)
+ * =============================================================
+ * License Information: http://lamsfoundation.org/licensing/lams/2.0/
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2.0
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA
+ *
+ * http://www.gnu.org/licenses/gpl.txt
+ * ****************************************************************
+ */
+
+/* $Id$ */
+package org.lamsfoundation.lams.util;
+
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * Utility methods for String validation.
+ */
+public class ValidationUtil {
+
+ private final static String REGEX_USER_NAME = "^[^<>^!#&()/\\|'\"?,.:{}= ~`*@%$]*$";
+
+ private final static String REGEX_FIRST_LAST_NAME = "^[\\p{L}]++(?:[' -][\\p{L}]++)*+\\.?$";
+
+ private final static String REGEX_EMAIL = "^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";
+
+ private final static String REGEX_ORGANISATION_NAME = "^[^<>^*@%$]*$";
+
+ /**
+ * Checks whether supplied username is valid. Username can only contain alphanumeric characters and no spaces.
+ *
+ * @param Username
+ * @return
+ */
+ public static boolean isUserNameValid(String userName) {
+
+ boolean isUserNameValid = ValidationUtil.isRegexMatches(REGEX_USER_NAME,userName);
+ return isUserNameValid;
+ }
+
+ /**
+ * Checks whether supplied name is valid, which should only contain letters and the following characters ''',' ','-'
+ *
+ * @param name
+ * @return
+ */
+ public static boolean isFirstLastNameValid(String name) {
+
+ boolean isNameValid = ValidationUtil.isRegexMatches(REGEX_FIRST_LAST_NAME, name);
+ return isNameValid;
+ }
+
+ /**
+ * Checks whether supplied email address is valid.
+ *
+ * @param email
+ * @return
+ */
+ public static boolean isEmailValid(String email) {
+
+ boolean isEmailValid = ValidationUtil.isRegexMatches(REGEX_EMAIL, email);
+ return isEmailValid;
+ }
+
+ /**
+ * Checks whether supplied string is valid. Name cannot contain any of these characters < > ^ * @ % $
+ *
+ * @param orgName
+ * @return
+ */
+ public static boolean isOrgNameValid(String orgName) {
+
+ boolean isOrgNameValid = ValidationUtil.isRegexMatches(REGEX_ORGANISATION_NAME, orgName);
+ return isOrgNameValid;
+ }
+
+ /**
+ * Checks whether regex matches the input string.
+ *
+ * @param regex
+ * @param input
+ * @return
+ */
+ private static boolean isRegexMatches(final String regex, final String input) {
+
+ if (input == null) {
+ return true;
+ }
+
+ Pattern p = Pattern.compile(regex);
+ Matcher m = p.matcher(input.trim());
+ return m.matches();
+ }
+}