From cc206df0a1eb21e23bc6fe5a237f3f38ca01e424 Mon Sep 17 00:00:00 2001 From: Ritik Jain Date: Mon, 30 Jan 2023 20:13:52 +0530 Subject: [PATCH 1/3] MOSIP-24848 added validation on schemaType --- .../resident/controller/IdentityController.java | 15 +++++++++++---- .../resident/service/impl/UISchemaTypes.java | 10 ++++++++++ .../resident/validator/RequestValidator.java | 10 ++++++++++ 3 files changed, 31 insertions(+), 4 deletions(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/controller/IdentityController.java b/resident/resident-service/src/main/java/io/mosip/resident/controller/IdentityController.java index ee9276d27bf..5761af71573 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/controller/IdentityController.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/controller/IdentityController.java @@ -8,9 +8,11 @@ import io.mosip.resident.exception.ApisResourceAccessException; import io.mosip.resident.exception.InvalidInputException; import io.mosip.resident.exception.ResidentServiceCheckedException; +import io.mosip.resident.exception.ResidentServiceException; import io.mosip.resident.service.IdentityService; import io.mosip.resident.util.AuditUtil; import io.mosip.resident.util.EventEnum; +import io.mosip.resident.validator.RequestValidator; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.media.Schema; @@ -44,6 +46,9 @@ public class IdentityController { @Autowired private IdentityService idServiceImpl; + @Autowired + private RequestValidator validator; + @Value("${resident.identity.info.id}") private String residentIdentityInfoId; @@ -66,16 +71,18 @@ public ResponseWrapper getInputAttributeValues(@PathVariable("schemaType throws ResidentServiceCheckedException, ApisResourceAccessException, IOException { logger.debug("IdentityController::getInputAttributeValues()::entry"); auditUtil.setAuditRequestDto(EventEnum.GET_INPUT_ATTRIBUTES); + try { + validator.validateSchemaType(schemaType); + } catch (InvalidInputException e) { + throw new ResidentServiceException(e.getErrorCode(), e.getErrorText(), e, + Map.of(ResidentConstants.REQ_RES_ID, residentIdentityInfoId)); + } ResponseWrapper responseWrapper = new ResponseWrapper<>(); - try{ String id = getIdFromUser(); Map propertiesResponse = idServiceImpl.getIdentityAttributes(id, true, schemaType, List.of()); auditUtil.setAuditRequestDto(EventEnum.GET_INPUT_ATTRIBUTES_SUCCESS); logger.debug("IdentityController::getInputAttributeValues()::exit"); responseWrapper.setResponse(propertiesResponse); - }catch (Exception exception){ - throw new InvalidInputException(ResidentConstants.SCHEMA_TYPE); - } responseWrapper.setId(residentIdentityInfoId); responseWrapper.setVersion(residentIdentityInfoVersion); diff --git a/resident/resident-service/src/main/java/io/mosip/resident/service/impl/UISchemaTypes.java b/resident/resident-service/src/main/java/io/mosip/resident/service/impl/UISchemaTypes.java index fd0ee7ac418..0a490058127 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/service/impl/UISchemaTypes.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/service/impl/UISchemaTypes.java @@ -1,5 +1,7 @@ package io.mosip.resident.service.impl; +import java.util.Optional; + public enum UISchemaTypes { UPDATE_DEMOGRAPHICS("update-demographics"), PERSONALIZED_CARD("personalized-card"), @@ -16,4 +18,12 @@ public String getFileIdentifier() { return fileIdentifier; } + public static Optional getUISchemaTypeFromString(String schemaTypeString) { + for (UISchemaTypes uiSchemaType : values()) { + if (uiSchemaType.getFileIdentifier().equals(schemaTypeString)) { + return Optional.of(uiSchemaType); + } + } + return Optional.empty(); + } } diff --git a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java index 47a14700b22..36ba96539bc 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/validator/RequestValidator.java @@ -51,6 +51,7 @@ import io.mosip.resident.repository.ResidentTransactionRepository; import io.mosip.resident.service.impl.IdentityServiceImpl; import io.mosip.resident.service.impl.ResidentServiceImpl; +import io.mosip.resident.service.impl.UISchemaTypes; import io.mosip.resident.util.AuditUtil; import io.mosip.resident.util.EventEnum; import org.springframework.beans.factory.annotation.Autowired; @@ -966,6 +967,15 @@ private void validateServiceType(String serviceType, String requestServiceHistor } } + public void validateSchemaType(String schemaType) { + Optional uiSchemaTypeOptional = UISchemaTypes.getUISchemaTypeFromString(schemaType); + if (uiSchemaTypeOptional.isEmpty()) { + audit.setAuditRequestDto(EventEnum.getEventEnumWithValue(EventEnum.INPUT_INVALID, + ResidentConstants.SCHEMA_TYPE, "Validating schema type")); + throw new InvalidInputException(ResidentConstants.SCHEMA_TYPE); + } + } + public void validateEventId(String eventId) { validateMissingInputParameter(eventId, TemplateVariablesConstants.EVENT_ID); if (isNumeric(eventId) || eventId.length()!=EVENT_ID_LENGTH) { From 4dcf48a252110185c7fbfc308779a7116c68e687 Mon Sep 17 00:00:00 2001 From: Ritik Jain Date: Mon, 30 Jan 2023 21:20:37 +0530 Subject: [PATCH 2/3] MOSIP-24848 added junit --- .../test/controller/IdentityControllerTest.java | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/resident/resident-service/src/test/java/io/mosip/resident/test/controller/IdentityControllerTest.java b/resident/resident-service/src/test/java/io/mosip/resident/test/controller/IdentityControllerTest.java index 0155c570036..d4f7800773e 100644 --- a/resident/resident-service/src/test/java/io/mosip/resident/test/controller/IdentityControllerTest.java +++ b/resident/resident-service/src/test/java/io/mosip/resident/test/controller/IdentityControllerTest.java @@ -2,6 +2,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; +import java.io.IOException; import java.security.PrivateKey; import java.security.PublicKey; import java.util.LinkedHashMap; @@ -22,6 +23,7 @@ import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.mock.mockito.MockBean; import org.springframework.test.context.junit4.SpringRunner; +import org.springframework.test.util.ReflectionTestUtils; import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; import org.springframework.test.web.servlet.setup.MockMvcBuilders; @@ -32,6 +34,10 @@ import io.mosip.resident.controller.DocumentController; import io.mosip.resident.controller.IdAuthController; import io.mosip.resident.controller.IdentityController; +import io.mosip.resident.exception.ApisResourceAccessException; +import io.mosip.resident.exception.InvalidInputException; +import io.mosip.resident.exception.ResidentServiceCheckedException; +import io.mosip.resident.exception.ResidentServiceException; import io.mosip.resident.helper.ObjectStoreHelper; import io.mosip.resident.service.ProxyIdRepoService; import io.mosip.resident.service.ResidentVidService; @@ -39,6 +45,7 @@ import io.mosip.resident.service.impl.ResidentServiceImpl; import io.mosip.resident.test.ResidentTestBootApplication; import io.mosip.resident.util.AuditUtil; +import io.mosip.resident.validator.RequestValidator; /** * Resident identity controller test class. @@ -65,6 +72,9 @@ public class IdentityControllerTest { @Mock private AuditUtil auditUtil; + @Mock + private RequestValidator validator; + @MockBean @Qualifier("selfTokenRestTemplate") private RestTemplate residentRestTemplate; @@ -107,6 +117,7 @@ public void setUp() throws Exception { responseWrapper.setVersion("v1"); responseWrapper.setId("1"); responseWrapper.setResponse(identityMap); + ReflectionTestUtils.setField(identityController, "residentIdentityInfoId", "identity.id"); } @Test @@ -115,4 +126,10 @@ public void testGetInputAttributeValues() throws Exception { mockMvc.perform(MockMvcRequestBuilders.get("/identity/info/type/schemaType")).andExpect(status().isOk()); } + @Test(expected = ResidentServiceException.class) + public void testGetInputAttributeValuesWithInvalidInputException() + throws ApisResourceAccessException, ResidentServiceCheckedException, IOException { + Mockito.doThrow(new InvalidInputException()).when(validator).validateSchemaType(Mockito.anyString()); + identityController.getInputAttributeValues("schema-type"); + } } From 6cdf31effe6ff137b6d984f5c58fe4369514c6f0 Mon Sep 17 00:00:00 2001 From: Ritik Jain Date: Tue, 31 Jan 2023 12:19:48 +0530 Subject: [PATCH 3/3] removed unused boolean variable --- .../resident/controller/IdentityController.java | 2 +- .../mosip/resident/service/IdentityService.java | 16 +++------------- .../service/impl/IdentityServiceImpl.java | 14 ++++---------- 3 files changed, 8 insertions(+), 24 deletions(-) diff --git a/resident/resident-service/src/main/java/io/mosip/resident/controller/IdentityController.java b/resident/resident-service/src/main/java/io/mosip/resident/controller/IdentityController.java index 5761af71573..2fd551006c8 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/controller/IdentityController.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/controller/IdentityController.java @@ -79,7 +79,7 @@ public ResponseWrapper getInputAttributeValues(@PathVariable("schemaType } ResponseWrapper responseWrapper = new ResponseWrapper<>(); String id = getIdFromUser(); - Map propertiesResponse = idServiceImpl.getIdentityAttributes(id, true, schemaType, List.of()); + Map propertiesResponse = idServiceImpl.getIdentityAttributes(id, schemaType, List.of()); auditUtil.setAuditRequestDto(EventEnum.GET_INPUT_ATTRIBUTES_SUCCESS); logger.debug("IdentityController::getInputAttributeValues()::exit"); responseWrapper.setResponse(propertiesResponse); diff --git a/resident/resident-service/src/main/java/io/mosip/resident/service/IdentityService.java b/resident/resident-service/src/main/java/io/mosip/resident/service/IdentityService.java index ee48638ea21..d855b7d0b34 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/service/IdentityService.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/service/IdentityService.java @@ -46,26 +46,16 @@ public interface IdentityService { * Get ID-Repo api data by id. * * @param id + * @param schemaType * @return Map * @throws ResidentServiceCheckedException * @throws IOException */ - Map getIdentityAttributes(String id,String schemaType) throws ResidentServiceCheckedException, IOException; - - /** - * Get ID-Repo api data by id, type and includeUin. - * - * @param id - * @param includeUin - * @return Map - * @throws ResidentServiceCheckedException - */ - Map getIdentityAttributes(String id, boolean includeUin,String schemaType) - throws ResidentServiceCheckedException; + Map getIdentityAttributes(String id, String schemaType) throws ResidentServiceCheckedException, IOException; public String getResidentIndvidualId() throws ApisResourceAccessException; - Map getIdentityAttributes(String id, boolean includeUin, String schemaType, + Map getIdentityAttributes(String id, String schemaType, List additionalAttributes) throws ResidentServiceCheckedException; String getUinForIndividualId(String idvid) throws ResidentServiceCheckedException; diff --git a/resident/resident-service/src/main/java/io/mosip/resident/service/impl/IdentityServiceImpl.java b/resident/resident-service/src/main/java/io/mosip/resident/service/impl/IdentityServiceImpl.java index abd6d629352..4734d7254fa 100644 --- a/resident/resident-service/src/main/java/io/mosip/resident/service/impl/IdentityServiceImpl.java +++ b/resident/resident-service/src/main/java/io/mosip/resident/service/impl/IdentityServiceImpl.java @@ -176,7 +176,7 @@ public IdentityDTO getIdentity(String id, boolean fetchFace, String langCode) th IdentityDTO identityDTO = new IdentityDTO(); try { Map identity = - getIdentityAttributes(id, true,env.getProperty(ResidentConstants.RESIDENT_IDENTITY_SCHEMATYPE)); + getIdentityAttributes(id, env.getProperty(ResidentConstants.RESIDENT_IDENTITY_SCHEMATYPE)); /** * It is assumed that in the UI schema the UIN is added. */ @@ -208,20 +208,14 @@ public IdentityDTO getIdentity(String id, boolean fetchFace, String langCode) th } @Override - public Map getIdentityAttributes(String id,String schemaType) throws ResidentServiceCheckedException, IOException { - Map identityAttributes = getIdentityAttributes(id, false,schemaType); - return identityAttributes; - } - - @Override - public Map getIdentityAttributes(String id, boolean includeUin,String schemaType) throws ResidentServiceCheckedException { - return getIdentityAttributes(id, includeUin, schemaType, List.of( + public Map getIdentityAttributes(String id, String schemaType) throws ResidentServiceCheckedException, IOException { + return getIdentityAttributes(id, schemaType, List.of( Objects.requireNonNull(env.getProperty(ResidentConstants.ADDITIONAL_ATTRIBUTE_TO_FETCH)) .split(ResidentConstants.COMMA))); } @Override - public Map getIdentityAttributes(String id, boolean includeUin, String schemaType, + public Map getIdentityAttributes(String id, String schemaType, List additionalAttributes) throws ResidentServiceCheckedException { logger.debug("IdentityServiceImpl::getIdentityAttributes()::entry"); Map pathsegments = new HashMap();