Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(osp): applied regex validation on uniqueIds param #1163

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/framework/Framework.Async/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.Cors/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.DBAccess/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.IO/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.Linq/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.Logging/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.Models/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
5 changes: 5 additions & 0 deletions src/framework/Framework.Models/ValidationExpressions.cs
Original file line number Diff line number Diff line change
Expand Up @@ -36,4 +36,9 @@ public static class ValidationExpressions
/// </remarks>
public const string Company = @"^(?!.*\s$)([\p{L}\u0E00-\u0E7F\d\p{Sc}@%*+_\-/\\,.:;=<>!?&^#'\x22()[\]]\s?){1,160}$";
public const string ExternalCertificateNumber = @"^[a-zA-Z0-9]{0,36}$";
public const string COMMERCIAL_REG_NUMBER = "^(?!.*\\s$)([A-Za-z0-9](\\.|\\s|-)?){4,21}$";
public const string VAT_ID = "^(?!.*\\s$)([A-Za-z0-9](\\.|\\s|-|\\/)?){5,18}$";
public const string LEI_CODE = "^[A-Za-z0-9]{20}$";
public const string VIES = "^[A-Z]{2}[0-9A-Za-z+*.]{2,12}$";
public const string EORI = "^[A-Z]{2}[A-Za-z0-9]{1,15}$";
}
2 changes: 1 addition & 1 deletion src/framework/Framework.Seeding/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.Swagger/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.Token/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
2 changes: 1 addition & 1 deletion src/framework/Framework.Web/Directory.Build.props
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

<Project>
<PropertyGroup>
<VersionPrefix>2.13.0</VersionPrefix>
<VersionPrefix>2.14.0</VersionPrefix>
<VersionSuffix></VersionSuffix>
</PropertyGroup>
</Project>
25 changes: 25 additions & 0 deletions src/registration/Registration.Common/RegistrationValidation.cs
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
********************************************************************************/

using Org.Eclipse.TractusX.Portal.Backend.Framework.ErrorHandling;
using Org.Eclipse.TractusX.Portal.Backend.Framework.Linq;
using Org.Eclipse.TractusX.Portal.Backend.Framework.Models;
using Org.Eclipse.TractusX.Portal.Backend.PortalBackend.PortalEntities.Enums;
using System.Text.RegularExpressions;
Expand All @@ -27,6 +28,11 @@ namespace Org.Eclipse.TractusX.Portal.Backend.Registration.Common;
public static class RegistrationValidation
{
private static readonly Regex BpnRegex = new(ValidationExpressions.Bpn, RegexOptions.Compiled, TimeSpan.FromSeconds(1));
private static readonly Regex CommercialRegNumRegex = new(ValidationExpressions.COMMERCIAL_REG_NUMBER, RegexOptions.Compiled, TimeSpan.FromSeconds(1));
private static readonly Regex VatIdRegex = new(ValidationExpressions.VAT_ID, RegexOptions.Compiled, TimeSpan.FromSeconds(1));
private static readonly Regex LeiCodeRegex = new(ValidationExpressions.LEI_CODE, RegexOptions.Compiled, TimeSpan.FromSeconds(1));
private static readonly Regex ViesRegex = new(ValidationExpressions.VIES, RegexOptions.Compiled, TimeSpan.FromSeconds(1));
private static readonly Regex EoriRegex = new(ValidationExpressions.EORI, RegexOptions.Compiled, TimeSpan.FromSeconds(1));

public static void ValidateData(this RegistrationData data)
{
Expand Down Expand Up @@ -72,6 +78,14 @@ public static void ValidateData(this RegistrationData data)
$"uniqueIds must not contain duplicate types: '{string.Join(", ", duplicateIds.Select(uniqueId => uniqueId.UniqueIdentifierId))}'",
nameof(data.UniqueIds));
}

data.UniqueIds.Where(uniqueId => IsInvalidValueByUniqueIdentifier(uniqueId.Value, uniqueId.UniqueIdentifierId))
.IfAny(invalidUniqueIdentifiersValues =>
{
throw new ControllerArgumentException(
$"Invalid value of uniqueIds: '{string.Join(", ", invalidUniqueIdentifiersValues.Select(uniqueId => uniqueId.UniqueIdentifierId))}'",
nameof(data.UniqueIds));
});
}

public static async Task ValidateDatabaseData(this RegistrationData data, Func<string, Task<bool>> checkBpn, Func<string, Task<bool>> checkCountryExistByAlpha2Code, Func<string, IEnumerable<UniqueIdentifierId>, Task<(bool IsValidCountry, IEnumerable<UniqueIdentifierId> UniqueIdentifierIds)>> getCountryAssignedIdentifiers, bool checkBpnAlreadyExists)
Expand Down Expand Up @@ -105,4 +119,15 @@ public static async Task ValidateDatabaseData(this RegistrationData data, Func<s
}
}
}

private static bool IsInvalidValueByUniqueIdentifier(string value, UniqueIdentifierId uniqueIdentifierId) =>
uniqueIdentifierId switch
{
UniqueIdentifierId.COMMERCIAL_REG_NUMBER => !CommercialRegNumRegex.IsMatch(value),
UniqueIdentifierId.VAT_ID => !VatIdRegex.IsMatch(value),
UniqueIdentifierId.LEI_CODE => !LeiCodeRegex.IsMatch(value),
UniqueIdentifierId.VIES => !ViesRegex.IsMatch(value),
UniqueIdentifierId.EORI => !EoriRegex.IsMatch(value),
_ => throw new ControllerArgumentException($"Unique identifier: {uniqueIdentifierId} is not available in the system", nameof(uniqueIdentifierId))
};
}
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ namespace Org.Eclipse.TractusX.Portal.Backend.Administration.Service.Tests.Busin
public class NetworkBusinessLogicTests
{
private const string Bpn = "BPNL00000001TEST";
private const string VatId = "DE123456789";
private static readonly string ExistingExternalId = Guid.NewGuid().ToString();
private static readonly Guid CompanyId = new("95c4339e-e087-4cd2-a5b8-44d385e64630");
private static readonly Guid UserRoleId = Guid.NewGuid();
Expand Down Expand Up @@ -136,13 +137,33 @@ public async Task HandlePartnerRegistration_WithInvalidBusinessPartnerNumber_Thr
ex.ParamName.Should().Be("BusinessPartnerNumber");
}

[Fact]
public async Task HandlePartnerRegistration_WithInvalidUniqueId_ThrowsControllerArgumentException()
{
// Arrange
var data = _fixture.Build<PartnerRegistrationData>()
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, "123"), new CompanyUniqueIdData(UniqueIdentifierId.COMMERCIAL_REG_NUMBER, "12")])
.Create();

// Act
async Task Act() => await _sut.HandlePartnerRegistration(data);

// Assert
var ex = await Assert.ThrowsAsync<ControllerArgumentException>(Act);
ex.Message.Should().Be("Invalid value of uniqueIds: 'VAT_ID, COMMERCIAL_REG_NUMBER' (Parameter 'UniqueIds')");
ex.ParamName.Should().Be("UniqueIds");
}

[Fact]
public async Task HandlePartnerRegistration_WithoutExistingBusinessPartnerNumber_ThrowsControllerArgumentException()
{
// Arrange
var data = _fixture.Build<PartnerRegistrationData>()
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.BusinessPartnerNumber, "BPNL00000001FAIL")
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();

// Act
Expand All @@ -162,6 +183,7 @@ public async Task HandlePartnerRegistration_WithInvalidCompanyUserRole_ThrowsCon
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.CompanyRoles, Enumerable.Empty<CompanyRoleId>())
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();

// Act
Expand All @@ -184,6 +206,7 @@ public async Task HandlePartnerRegistration_WithInvalidEmail_ThrowsControllerArg
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UserDetails, new[] { new UserDetailData(null, Guid.NewGuid().ToString(), "test", "Test", "test", email) })
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();

// Act
Expand All @@ -203,6 +226,7 @@ public async Task HandlePartnerRegistration_WithInvalidFirstnameEmail_ThrowsCont
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UserDetails, new[] { new UserDetailData(null, Guid.NewGuid().ToString(), "test", firstName, "test", "[email protected]") })
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();

// Act
Expand All @@ -222,6 +246,7 @@ public async Task HandlePartnerRegistration_WithInvalidLastnameEmail_ThrowsContr
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UserDetails, new[] { new UserDetailData(null, Guid.NewGuid().ToString(), "test", "test", lastname, "[email protected]") })
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();

// Act
Expand All @@ -241,6 +266,7 @@ public async Task HandlePartnerRegistration_WithExistingExternalId_ThrowsControl
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UserDetails, new[] { new UserDetailData(null, Guid.NewGuid().ToString(), "test", "test", "test", "[email protected]") })
.With(x => x.ExternalId, ExistingExternalId)
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();

// Act
Expand All @@ -260,6 +286,7 @@ public async Task HandlePartnerRegistration_WithInvalidCountryCode_ThrowsControl
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.UserDetails, new[] { new UserDetailData(null, Guid.NewGuid().ToString(), "test", "test", "test", "[email protected]") })
.With(x => x.CountryAlpha2Code, "XX")
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();

// Act
Expand All @@ -280,6 +307,7 @@ public async Task HandlePartnerRegistration_WithNoIdpIdSetAndNoManagedIdps_Throw
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UserDetails, new[] { new UserDetailData(null, "123", "test", "test", "test", "[email protected]") })
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();
A.CallTo(() => _identity.CompanyId).Returns(NoIdpCompanyId);

Expand All @@ -300,6 +328,7 @@ public async Task HandlePartnerRegistration_WithNoIdpIdSetAndMultipleManagedIdps
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UserDetails, new[] { new UserDetailData(null, "123", "test", "test", "test", "[email protected]") })
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();
A.CallTo(() => _identity.CompanyId).Returns(MultiIdpCompanyId);

Expand All @@ -322,6 +351,7 @@ public async Task HandlePartnerRegistration_WithNotExistingIdpIdSet_ThrowsContro
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UserDetails, new[] { new UserDetailData(notExistingIdpId, "123", "test", "test", "test", "[email protected]") })
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();

// Act
Expand All @@ -341,6 +371,7 @@ public async Task HandlePartnerRegistration_WithInvalidInitialRole_ThrowsConfigu
.With(x => x.BusinessPartnerNumber, Bpn)
.With(x => x.CountryAlpha2Code, "DE")
.With(x => x.UserDetails, new[] { new UserDetailData(IdpId, "123", "test", "test", "test", "[email protected]") })
.With(x => x.UniqueIds, [new CompanyUniqueIdData(UniqueIdentifierId.VAT_ID, VatId)])
.Create();
A.CallTo(() => _userProvisioningService.GetRoleDatas(A<IEnumerable<UserRoleConfig>>._))
.Throws(new ControllerArgumentException($"invalid roles: clientId: 'cl1', roles: [Company Admin]"));
Expand Down
Loading
Loading