diff --git a/src/main/java/biz/nynja/account/components/PendingAccountValidator.java b/src/main/java/biz/nynja/account/components/PendingAccountValidator.java index 96a74cbddc662f36d67bcde1a486927858d24478..c10e8f72faac0a435693a9058105d17603bf3a77 100644 --- a/src/main/java/biz/nynja/account/components/PendingAccountValidator.java +++ b/src/main/java/biz/nynja/account/components/PendingAccountValidator.java @@ -27,6 +27,10 @@ public class PendingAccountValidator { return Cause.MISSING_ACCOUNT_ID; } + if (!validator.isValidUuid(request.getAccountId())) { + return Cause.INVALID_ACCOUNT_ID; + } + if (request.getFirstName() != null && request.getFirstName().trim().isEmpty()) { return Cause.MISSING_FIRST_NAME; } else if (!validator.isFirstNameValid(request.getFirstName())) { diff --git a/src/main/java/biz/nynja/account/components/Validator.java b/src/main/java/biz/nynja/account/components/Validator.java index 3a473e1051016b22e2745a7a0be91822bb2928be..b086d2826dea9ab10e8e2d0ffb32238c5673b569 100644 --- a/src/main/java/biz/nynja/account/components/Validator.java +++ b/src/main/java/biz/nynja/account/components/Validator.java @@ -17,6 +17,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; +import biz.nynja.account.grpc.AccountResponse; import biz.nynja.account.grpc.AddAuthenticationProviderRequest; import biz.nynja.account.grpc.AuthProviderDetails; import biz.nynja.account.grpc.AuthenticationType; @@ -184,6 +185,10 @@ public class Validator { public Cause validateUpdateAccountRequest(UpdateAccountRequest request) { + if (!isValidUuid(request.getAccountId())) { + return Cause.INVALID_ACCOUNT_ID; + } + if (request.getUsername() != null && !request.getUsername().trim().isEmpty() && !isUsernameValid(request.getUsername())) { return Cause.INVALID_USERNAME; diff --git a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java index e0ae5f7927fec937493bfedff6eac840b0652f13..cf62db60d7295b9d0748ac7a639d7b23a239237f 100644 --- a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java +++ b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java @@ -181,7 +181,6 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas Cause.MISSING_PHONENUMBER); return; } - if (!phoneNumberValidator.isPhoneNumberValid(request.getPhoneNumber())) { logAndBuildGrpcSearchResponse(responseObserver, SearchResponse.newBuilder(), "Invalid phone number. Value : ", request.getPhoneNumber(), Cause.INVALID_PHONENUMBER); @@ -337,8 +336,8 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas request.getProfileId(), Cause.INVALID_PROFILE_ID); return; } - Optional accounts = accountProvider.getAllAccountsByProfileId(request); + Optional accounts = accountProvider.getAllAccountsByProfileId(request); if (!accounts.isPresent()) { logAndBuildGrpcAccountsResponse(responseObserver, AccountsResponse.newBuilder(), "Account not found for profile id: {}", request.getProfileId(), Cause.ACCOUNT_NOT_FOUND); @@ -360,7 +359,6 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas Cause.MISSING_ACCOUNT_ID); return; } - if (!validator.isValidUuid(request.getAccountId())) { logAndBuildGrpcAccountResponse(responseObserver, AccountResponse.newBuilder(), "Invalid account id: {}", request.getAccountId(), Cause.INVALID_ACCOUNT_ID); @@ -368,7 +366,6 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas } Optional account = accountProvider.getAccountByAccountId(request); - if (!account.isPresent()) { logAndBuildGrpcAccountResponse(responseObserver, AccountResponse.newBuilder(), "Account id not found: {}", request.getAccountId(), Cause.ACCOUNT_NOT_FOUND); @@ -413,13 +410,13 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas Cause.MISSING_ACCOUNT_ID); return; } + Cause cause = validator.validateUpdateAccountRequest(request); if (cause != null) { logAndBuildGrpcAccountResponse(responseObserver, AccountResponse.newBuilder(), "Validation failed", "", cause); return; } - if (request.getUsername() != null && !request.getUsername().trim().isEmpty() && accountRepositoryAdditional .foundExistingNotOwnUsername(UUID.fromString(request.getAccountId()), request.getUsername())) { logAndBuildGrpcAccountResponse(responseObserver, AccountResponse.newBuilder(), @@ -428,7 +425,6 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas } Account updatedAccount = accountRepositoryAdditional.updateAccount(request); - if (updatedAccount == null) { logAndBuildGrpcAccountResponse(responseObserver, AccountResponse.newBuilder(), "Error updating account.", "", Cause.ERROR_UPDATING_ACCOUNT); @@ -452,6 +448,11 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas Cause.MISSING_ACCOUNT_ID); return; } + if (!validator.isValidUuid(request.getAccountId())) { + logAndBuildGrpcStatusResponse(responseObserver, StatusResponse.newBuilder(), "Invalid account id: {}", + request.getAccountId(), Cause.INVALID_ACCOUNT_ID); + return; + } boolean wasAccountDeleted = accountRepositoryAdditional.deleteAccount(UUID.fromString(request.getAccountId())); if (wasAccountDeleted) { @@ -474,6 +475,11 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas Cause.MISSING_PROFILE_ID); return; } + if (!validator.isValidUuid(request.getProfileId())) { + logAndBuildGrpcStatusResponse(responseObserver, StatusResponse.newBuilder(), "Invalid profile id: {}", + request.getProfileId(), Cause.INVALID_PROFILE_ID); + return; + } boolean wasProfileDeleted = accountRepositoryAdditional.deleteProfile(UUID.fromString(request.getProfileId())); if (wasProfileDeleted) { @@ -509,13 +515,13 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas "Missing auth provider identifier", "", Cause.MISSING_AUTH_PROVIDER_ID); return; } + Cause cause = validator.validateAddAuthenticationProviderRequest(request); if (cause != null) { logAndBuildGrpcStatusResponse(responseObserver, StatusResponse.newBuilder(), "Validation failed", "", cause); return; } - if (request.getAuthenticationProvider().getAuthenticationType() == AuthenticationType.PHONE) { // Get the normalized phone number from libphone AuthProviderDetails newAuthProviderDetails = AuthProviderDetails.newBuilder() @@ -535,6 +541,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas "Profile id {} misnot found in DB.", request.getProfileId(), Cause.PROFILE_NOT_FOUND); return; } + // Make sure that the requested authentication provider is not already used in the system. ProfileByAuthenticationProvider profileByAuthProvider = profileByAutheticationProviderRepository .findByAuthenticationProviderAndAuthenticationProviderType( @@ -546,6 +553,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas Cause.AUTH_PROVIDER_ALREADY_USED); return; } + boolean result = accountRepositoryAdditional.addAuthenticationProvider(UUID.fromString(request.getProfileId()), AuthenticationProvider.createAuthenticationProviderFromProto(request.getAuthenticationProvider())); if (result) { @@ -567,6 +575,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas StreamObserver responseObserver) { logger.info("Adding contact info to account requested."); logger.debug("Adding contact info to account requested: {}", request); + Optional> validationResult = validator .validateContactInfoRequest(request.getAccountId(), request.getContactInfo()); if (validationResult.isPresent()) { @@ -577,6 +586,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas if (request.getContactInfo().getType() == ContactType.PHONE_CONTACT) { request = phoneNumberNormalizer.normalizePhoneNumber(request); } + boolean result = accountRepositoryAdditional.addContactInfo(UUID.fromString(request.getAccountId()), ContactInfo.createContactInfoFromProto(request.getContactInfo())); if (result) { @@ -596,6 +606,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas StreamObserver responseObserver) { logger.info("Removing contact info from account requested."); logger.debug("Removing contact info from account requested: {}", request); + Optional> validationResult = validator .validateContactInfoRequest(request.getAccountId(), request.getContactInfo()); if (validationResult.isPresent()) { @@ -606,6 +617,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas if (request.getContactInfo().getType() == ContactType.PHONE_CONTACT) { request = phoneNumberNormalizer.normalizePhoneNumber(request); } + boolean result = accountRepositoryAdditional.deleteContactInfo(UUID.fromString(request.getAccountId()), ContactInfo.createContactInfoFromProto(request.getContactInfo())); if (result) { @@ -736,6 +748,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas StreamObserver responseObserver) { logger.info("Removing contact info from account requested."); logger.debug("Removing contact info from account requested: {}", request); + Optional> validationResultEditContactInfo = validator .validateEditContactInfoRequest(request.getAccountId(), request.getOldContactInfo(), request.getEditedContactInfo()); @@ -745,17 +758,16 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas validationResultEditContactInfo.get().getKey()); return; } - if (!request.getOldContactInfo().getType().equals(request.getEditedContactInfo().getType())) { logAndBuildGrpcStatusResponse(responseObserver, StatusResponse.newBuilder(), "Error editing Contact info for account {}. Different types: {} and {}.", request.getAccountId(), Cause.ERROR_EDITING_CONTACT_INFO); return; } - if (request.getOldContactInfo().getType() == ContactType.PHONE_CONTACT) { request = phoneNumberNormalizer.normalizePhoneNumbers(request); } + boolean result = accountRepositoryAdditional.editContactInfo(UUID.fromString(request.getAccountId()), ContactInfo.createContactInfoFromProto(request.getOldContactInfo()), ContactInfo.createContactInfoFromProto(request.getEditedContactInfo())); @@ -807,14 +819,12 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas validationResultUpdateAuthProvider.get().getKey()); return; } - if (request.getOldAuthProvider().equals(request.getUpdatedAuthProvider())) { logAndBuildGrpcStatusResponse(responseObserver, StatusResponse.newBuilder(), "The same old and new auth providers requested to update for profile {}.", request.getProfileId(), Cause.ERROR_UPDATING_AUTH_PROVIDER); return; } - if (request.getOldAuthProvider().getAuthenticationTypeValue() == AuthenticationType.PHONE_VALUE || request.getUpdatedAuthProvider().getAuthenticationTypeValue() == AuthenticationType.PHONE_VALUE) { request = phoneNumberNormalizer.normalizePhoneNumbers(request);