Commit 79916664 authored by Piotr Gawron's avatar Piotr Gawron
Browse files

Merge branch '950-minervanet-error-report-113' into 'master'

Resolve "MINERVANET - Error Report 113"

Closes #950

See merge request minerva/core!928
parents ff285a55 5d0a570c
Pipeline #13865 passed with stage
in 14 minutes and 24 seconds
minerva (14.0.0~beta.2) unstable; urgency=low
* Bug fix: allow user to remove own comments (#931)
* Bug fix: validation of project name length is provided (#950)
-- Piotr Gawron <piotr.gawron@uni.lu> Mon, 16 Sep 2019 21:00:00 +0200
minerva (14.0.0~beta.1) unstable; urgency=low
* Bug fix: problem with changing user role (#932)
......
......@@ -1282,6 +1282,11 @@ AddProjectDialog.prototype.checkValidity = function () {
isValid = false;
}
var name = self.getName();
if (name.length > 255) {
error += "<li>name must be shorter than 256 characters</li>";
isValid = false;
}
var rootExist = 0, i;
for (i = 0; i < self.getZipEntries().length; i++) {
......
......@@ -113,17 +113,18 @@ CommentsAdminPanel.prototype.refreshComments = function () {
comments = result;
return self.getServerConnector().getLoggedUser();
}).then(function (user) {
var curatorAccess = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_CURATOR);
var writeAccess = self.getConfiguration().getPrivilegeType(PrivilegeType.WRITE_PROJECT);
var isAdmin = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN);
var adminAccess = self.getConfiguration().getPrivilegeType(PrivilegeType.IS_ADMIN);
var disable = true;
if (user.hasPrivilege(writeAccess, self.getProject().getProjectId()) || user.hasPrivilege(isAdmin)) {
if ((user.hasPrivilege(writeAccess, self.getProject().getProjectId()) && user.hasPrivilege(curatorAccess)) || user.hasPrivilege(adminAccess)) {
disable = false;
}
var dataTable = $($("[name='commentsTable']", self.getElement())[0]).DataTable();
var data = [];
for (var i = 0; i < comments.length; i++) {
data.push(self.commentToTableRow(comments[i], disable));
data.push(self.commentToTableRow(comments[i], disable && comments[i].getAuthor() !== user.getLogin()));
}
dataTable.clear().rows.add(data).draw();
});
......@@ -169,12 +170,12 @@ CommentsAdminPanel.prototype.commentToTableRow = function (comment, disable) {
}
var author = comment.getAuthor();
if (author === undefined) {
if (author === undefined || author === null) {
author = "N/A";
}
var email = comment.getEmail();
if (email === undefined) {
if (email === undefined || email === null) {
email = "N/A";
}
......
......@@ -25,7 +25,7 @@ function Comment(javaObject) {
this.setTitle(javaObject.title);
this.setContent(javaObject.content);
}
this.setAuthor(javaObject.author);
this.setAuthor(javaObject.owner);
this.setEmail(javaObject.email);
}
......
......@@ -276,6 +276,9 @@ public class ProjectRestImpl extends BaseRestImpl {
throw new QueryException("You cannot modify projectId");
}
} else if (fieldName.equalsIgnoreCase("name")) {
if (value != null && ((String) value).length() > 255) {
throw new QueryException("name is too long");
}
project.setName((String) value);
} else if (fieldName.equalsIgnoreCase("notifyEmail")) {
project.setNotifyEmail(stringValue);
......@@ -377,6 +380,9 @@ public class ProjectRestImpl extends BaseRestImpl {
params.projectFile(file);
params.projectId(projectId);
params.projectName(getFirstValue(data.get("name")));
if (params.getProjectName() != null && params.getProjectName().length() > 255) {
throw new QueryException("name is too long");
}
params.projectOrganism(getFirstValue(data.get("organism")));
params.sbgnFormat(getFirstValue(data.get("sbgn")));
params.semanticZoomContainsMultipleLayouts(getFirstValue(data.get("semantic-zoom-contains-multiple-layouts")));
......
......@@ -305,6 +305,12 @@ abstract public class ControllerIntegrationTest {
});
}
protected Project createProjectInSeparateThread(String projectId) throws Exception {
return callInSeparateThread(() -> {
return createProject(projectId);
});
}
protected Layout createOverlay(Project project, User admin) {
return createOverlay(project, admin, "elementIdentifier\tvalue\n\t-1");
}
......
......@@ -194,13 +194,6 @@ public class ProjectControllerIntegrationTestForAsyncCalls extends ControllerInt
}
}
private Project createProjectInSeparateThread(String projectId) throws Exception {
return callInSeparateThread(() -> {
return createProject(projectId);
});
}
private void grantPrivilegeInSeparateThread(User user, String string) throws Exception {
callInSeparateThread(() -> {
userService.grantUserPrivilege(user, PrivilegeType.valueOf(string.split(":")[0]), string.split(":")[1]);
......
package lcsb.mapviewer.web;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.patch;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
......@@ -101,4 +102,52 @@ public class ProjectControllerIntegrationTestWithoutTransaction extends Controll
}
}
@Test
public void addProjectWithTooLongName() throws Exception {
User admin = userService.getUserByLogin(BUILT_IN_ADMIN_LOGIN);
UploadedFileEntry fileEntry = createFileInSeparateThread(
new String(Files.readAllBytes(Paths.get("./src/test/resources/generic.xml")), "UTF-8"),
admin);
try {
String invalidName = "aaaaaaaaxvncnbvscbnmcnbmccbnsbnsdsnbmdsvbnmsdvnbmsdbmnbndvmsbnmsvdnbmnmbdsvnbmdsvxncbmbnmscbnzdnbnabnsbnamsdbmnsadbmnasdbnmnbmsadbnmasdnbasdbnmsadnbnbmsadbnmadsnbmadsnbnbsadnbmadsbnndsabnbmdasbnmdsajqwrhgjrwhjghgjwerghjwreghwewnjnnbbbnbnbmbnbnzcmnnbmzcnmbcsbnmcsnbcnbzmnbczxnbmczxnbmcxznbcnxbmznbmxzcnbzcxnnbcxznbmzcnbczxnbmnbzcxnbmcznnczbnbzcnbmzcbnmbncznbcznbcz";
String body = EntityUtils.toString(new UrlEncodedFormEntity(Arrays.asList(
new BasicNameValuePair("file-id", String.valueOf(fileEntry.getId())),
new BasicNameValuePair("mapCanvasType", "OPEN_LAYERS"),
new BasicNameValuePair("name", invalidName),
new BasicNameValuePair("parser",
"lcsb.mapviewer.converter.model.celldesigner.CellDesignerXmlParser"))));
RequestBuilder request = post("/projects/" + TEST_PROJECT)
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.content(body)
.session(createSession(BUILT_IN_ADMIN_LOGIN, BUILT_IN_ADMIN_PASSWORD));
mockMvc.perform(request).andExpect(status().isBadRequest());
} finally {
removeFileInSeparateThread(fileEntry);
}
}
@Test
public void modifyProjectWithTooLongName() throws Exception {
createProjectInSeparateThread(TEST_PROJECT);
try {
String invalidName = "aaaaaaaaxvncnbvscbnmcnbmccbnsbnsdsnbmdsvbnmsdvnbmsdbmnbndvmsbnmsvdnbmnmbdsvnbmdsvxncbmbnmscbnzdnbnabnsbnamsdbmnsadbmnasdbnmnbmsadbnmasdnbasdbnmsadnbnbmsadbnmadsnbmadsnbnbsadnbmadsbnndsabnbmdasbnmdsajqwrhgjrwhjghgjwerghjwreghwewnjnnbbbnbnbmbnbnzcmnnbmzcnmbcsbnmcsnbcnbzmnbczxnbmczxnbmcxznbcnxbmznbmxzcnbzcxnnbcxznbmzcnbczxnbmnbzcxnbmcznnczbnbzcnbmzcbnmbncznbcznbcz";
String content = "{\"project\":{\"name\":\"" + invalidName + "\"}}";
RequestBuilder request = patch("/projects/" + TEST_PROJECT + "/")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.content(content)
.session(createSession(BUILT_IN_ADMIN_LOGIN, BUILT_IN_ADMIN_PASSWORD));
mockMvc.perform(request).andExpect(status().isBadRequest());
} finally {
removeProjectInSeparateThread(TEST_PROJECT);
}
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment