diff --git a/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java b/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java new file mode 100644 index 0000000000000000000000000000000000000000..bcb6ad994769cffa4939d867747e73cfeb4ddff6 --- /dev/null +++ b/src/main/java/biz/nynja/account/configuration/ProfileDataConfiguration.java @@ -0,0 +1,21 @@ +/** + * Copyright (C) 2018 Nynja Inc. All rights reserved. + */ +package biz.nynja.account.configuration; + +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Configuration +@ConfigurationProperties(prefix = "profile-data") +public class ProfileDataConfiguration { + private int maxAuthenticationprovidersPerProfile; + + public int getMaxAuthenticationprovidersPerProfile() { + return maxAuthenticationprovidersPerProfile; + } + + public void setMaxAuthenticationprovidersPerProfile(int maxAuthenticationprovidersPerProfile) { + this.maxAuthenticationprovidersPerProfile = maxAuthenticationprovidersPerProfile; + } +} diff --git a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java index a3cd2a77b4467530239aca4efaf64ea5f6439c6a..75455333fe66bd36298559d8a2c460ae76ad93bd 100644 --- a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java +++ b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java @@ -18,6 +18,8 @@ import org.lognet.springboot.grpc.GRpcService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import biz.nynja.account.configuration.AccountDataConfiguration; +import biz.nynja.account.configuration.ProfileDataConfiguration; import biz.nynja.account.grpc.AccountByAccountIdRequest; import biz.nynja.account.grpc.AccountResponse; import biz.nynja.account.grpc.AccountServiceGrpc; @@ -100,6 +102,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas private final AccountCreator accountCreator; private final ProfileProvider profileProvider; private final PermissionsValidator permissionsValidator; + private final ProfileDataConfiguration profileDataConfiguration; public AccountServiceImpl(AccountRepositoryAdditional accountRepositoryAdditional, ProfileRepository profileRepository, @@ -108,7 +111,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas AccountByUsernameRepository accountByUsernameRepository, AccountProvider accountProvider, AccountByProfileIdRepository accountByProfileIdRepository, PhoneNumberNormalizer phoneNumberNormalizer, AccountCreator accountCreator, ProfileProvider profileProvider, - PermissionsValidator permissionsValidator) { + PermissionsValidator permissionsValidator, ProfileDataConfiguration profileDataConfiguration) { this.accountRepositoryAdditional = accountRepositoryAdditional; this.profileRepository = profileRepository; this.profileByAutheticationProviderRepository = profileByAutheticationProviderRepository; @@ -120,6 +123,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas this.accountCreator = accountCreator; this.profileProvider = profileProvider; this.permissionsValidator = permissionsValidator; + this.profileDataConfiguration = profileDataConfiguration; } @Override @@ -647,6 +651,13 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas return; } + // Make sure there will be no more than providers in this profile + if(profile.getAuthenticationProviders().size() >= profileDataConfiguration.getMaxAuthenticationprovidersPerProfile()) { + logAndBuildGrpcStatusResponse(responseObserver, StatusResponse.newBuilder(), + "Max number of authentication providers reached for profile id {}.", request.getProfileId(), Cause.MAX_PROVIDERS_PER_PROFILE_REACHED); + return; + } + // Make sure that the requested authentication provider is not already used in the system. ProfileByAuthenticationProvider profileByAuthProvider = profileByAutheticationProviderRepository .findByAuthenticationProviderAndAuthenticationProviderType( diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml index 5de0eb4131e96a65d07733a20701b83b0977a70c..a958a6a4086e848ddca21f3bbe63bb2a3d8ec0e3 100644 --- a/src/main/resources/application-dev.yml +++ b/src/main/resources/application-dev.yml @@ -37,6 +37,9 @@ pending-account: account-data: max-contact-info-of-type: 10 +profile-data: + max-authenticationproviders-per-profile: 20 + erlang-bridge: enable: false; ip: diff --git a/src/main/resources/application-production.yml b/src/main/resources/application-production.yml index e42ba70b961bb1c5d9c885988f45962254660012..fb7c565fef29e86d4e36620165d159f806e98a8b 100644 --- a/src/main/resources/application-production.yml +++ b/src/main/resources/application-production.yml @@ -31,6 +31,9 @@ pending-account: account-data: max-contact-info-of-type: ${MAX_CONTACT_INFO_OF_TYPE:10} +profile-data: +max-authenticationproviders-per-profile: 20 + erlang-bridge: enable: false; ip: ${ERLANG_IP}