On Tue, Apr 26, 2011 at 9:18 AM, wrote: > Author: ctan > Date: Tue Apr 26 07:18:48 2011 > New Revision: 1096681 > > URL: http://svn.apache.org/viewvc?rev=1096681&view=rev > Log: > [CONTINUUM-2620] prevent xss attacks > > Submitted By: Efraim Longkines > > also made some modifications: > - fixed validation on project group action and build definition action > - fixed selenium tests > > > Added: > > continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/RegexPatternConstants.java > Modified: > > continuum/trunk/continuum-webapp-test/src/test/resources/testng.properties > continuum/trunk/continuum-webapp-test/src/test/testng/config/testng.xml > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/AntProjectTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildAgentsTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildDefinitionTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/InstallationTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenOneProjectTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenTwoProjectTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/NotifierTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ProjectGroupTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ScheduleTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ShellProjectTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractBuildAgentsTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractNotifierTest.java > > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractUserRolesManagementTest.java > > continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/GenerateRecipentNotifier.java > > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectAction.java > > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectGroupAction.java > > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/ProjectGroupAction.java > > continuum/trunk/continuum-webapp/src/main/resources/localization/Continuum.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction-addProject-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction-saveBuildDefinition-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction-projectSave-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction-saveProjectGroup-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction-saveSchedule-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/BuildDefinitionTemplateAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/InstallationAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction.properties > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml > > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction.properties > > continuum/trunk/continuum-webapp/src/test/java/org/apache/maven/continuum/web/action/AddProjectActionTest.java > > Modified: > continuum/trunk/continuum-webapp-test/src/test/resources/testng.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/resources/testng.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/resources/testng.properties > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/resources/testng.properties > Tue Apr 26 07:18:48 2011 > @@ -319,8 +319,8 @@ PROJECTUSER_DEFAULTPROJECTGROUP_FULLNAME > ######################## > BUILD_AGENT_NAME2=http://localhost:9595/continuum-buildagent/xmlrpc > BUILD_AGENT_DESCRIPTION2=Agent_description2 > -BUILD_AGENT_NAME=http://localhost:9595 > +BUILD_AGENT_NAME=http://localhost:9090 > BUILD_AGENT_DESCRIPTION=Agent_description > -BUILD_AGENT_NAME3=http://localhost:9595/xmlrpc > +BUILD_AGENT_NAME3=http://localhost:9191/xmlrpc > BUILD_AGENT_DESCRIPTION3=Agent_description3 > BUILD_AGENT_GROUPNAME=agent_groupname > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/config/testng.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/config/testng.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > (empty) > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/AntProjectTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/AntProjectTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/AntProjectTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/AntProjectTest.java > Tue Apr 26 07:18:48 2011 > @@ -51,6 +51,30 @@ public class AntProjectTest > false, TEST_PROJ_GRP_NAME, null, true, "ant" ); > assertProjectGroupSummaryPage( TEST_PROJ_GRP_NAME, > TEST_PROJ_GRP_ID, TEST_PROJ_GRP_DESCRIPTION ); > } > + > + @Test( dependsOnMethods = { "testAddProjectGroup" } ) > + public void testAddAntProjectWithInvalidValues() > + throws Exception > + { > + String ANT_NAME = "!@#$<>?etc"; > + String ANT_DESCRIPTION = "![]<>'^&etc"; > + String ANT_VERSION = "<>whitespaces!#etc"; > + String ANT_TAG = "!<>*%etc"; > + String ANT_SCM_URL = "!<>*%etc"; > + String ANT_SCM_USERNAME = getProperty( "ANT_SCM_USERNAME" ); > + String ANT_SCM_PASSWORD = getProperty( "ANT_SCM_PASSWORD" ); > + String DEFAULT_PROJ_GRP_NAME = getProperty( > "DEFAULT_PROJ_GRP_NAME" ); > + String DEFAULT_PROJ_GRP_ID = getProperty( "DEFAULT_PROJ_GRP_ID" ); > + String DEFAULT_PROJ_GRP_DESCRIPTION = getProperty( > "DEFAULT_PROJ_GRP_DESCRIPTION" ); > + goToAddAntProjectPage(); > + addProject( ANT_NAME, ANT_DESCRIPTION, ANT_VERSION, ANT_SCM_URL, > ANT_SCM_USERNAME, > + ANT_SCM_PASSWORD, ANT_TAG, false, > DEFAULT_PROJ_GRP_NAME, null, false, "ant" ); > + assertTextPresent( "Name contains invalid characters." ); > + assertTextPresent( "Description contains invalid characters." ); > + assertTextPresent( "Version contains invalid characters." ); > + assertTextPresent( "SCM Url contains invalid characters." ); > + assertTextPresent( "SCM Tag contains invalid characters." ); > + } > > public void testSubmitEmptyForm() > { > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildAgentsTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildAgentsTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildAgentsTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildAgentsTest.java > Tue Apr 26 07:18:48 2011 > @@ -127,6 +127,7 @@ public class BuildAgentsTest > > @Test( dependsOnMethods = { "testAddAnExistingBuildAgent" } ) > public void testDeleteBuildAgent() > + throws Exception > { > try > { > @@ -302,7 +303,7 @@ public class BuildAgentsTest > enableDistributedBuilds(); > goToAddBuildAgentGroup(); > addEditBuildAgentGroup( "", new String[] {}, new String[] {}, > false ); > - assertTextPresent( "Build agent group name required." ); > + assertTextPresent( "Build agent group name is required." ); > } > finally > { > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildDefinitionTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildDefinitionTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildDefinitionTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/BuildDefinitionTest.java > Tue Apr 26 07:18:48 2011 > @@ -79,6 +79,22 @@ public class BuildDefinitionTest > clickButtonWithValue( "Save" ); > assertTextPresent( "Build file is required and cannot contain > spaces only" ); > } > + > + @Test( dependsOnMethods = { "testAddProjectGroup2" } ) > + public void testAddGroupBuildDefinitionWithXSS() > + throws Exception > + { > + String TEST2_PROJ_GRP_NAME = getProperty( "TEST2_PROJ_GRP_NAME" ); > + String TEST2_PROJ_GRP_ID = getProperty( "TEST2_PROJ_GRP_ID" ); > + String TEST2_PROJ_GRP_DESCRIPTION = getProperty( > "TEST2_PROJ_GRP_DESCRIPTION" ); > + goToGroupBuildDefinitionPage( TEST2_PROJ_GRP_NAME, > TEST2_PROJ_GRP_ID, TEST2_PROJ_GRP_DESCRIPTION ); > + clickButtonWithValue( "Add" ); > + setFieldValue( "buildFile", "" ); > + setFieldValue( "description", "" ); > + clickButtonWithValue( "Save" ); > + assertTextPresent( "Build file contains invalid characters." ); > + assertTextPresent( "Description contains invalid characters." ); > + } > > @Test( dependsOnMethods = { "testAddProjectGroup2" } ) > public void testBuildFromGroupBuildDefinition() > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/InstallationTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/InstallationTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/InstallationTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/InstallationTest.java > Tue Apr 26 07:18:48 2011 > @@ -37,6 +37,16 @@ public class InstallationTest > goToAddInstallationTool(); > addInstallation( INSTALL_TOOL_JDK_NAME, "JDK", > INSTALL_TOOL_JDK_PATH, false, true, true ); > } > + > + public void testAddJdkToolWithoutBuildEnvironmentWithInvalidValues() > + { > + String INSTALL_TOOL_JDK_NAME = "!@#$<>?etc"; > + String INSTALL_TOOL_JDK_PATH = "!@#$<>?etc"; > + goToAddInstallationTool(); > + addInstallation( INSTALL_TOOL_JDK_NAME, "JDK", > INSTALL_TOOL_JDK_PATH, false, true, false ); > + assertTextPresent( "Installation name contains invalid > characters." ); > + assertTextPresent( "Installation value contains invalid > characters." ); > + } > > public void testAddMavenToolWithBuildEnvironment() > { > @@ -66,6 +76,18 @@ public class InstallationTest > goToAddInstallationVariable(); > addInstallation( INSTALL_VAR_NAME, INSTALL_VAR_VARIABLE_NAME, > INSTALL_VAR_PATH, false, false, true ); > } > + > + public void > testAddInstallationVariableWithoutBuildEnvironmentWithInvalidValues() > + { > + String INSTALL_VAR_NAME = "!@#$<>?etc"; > + String INSTALL_VAR_VARIABLE_NAME = "!@#$<>?etc"; > + String INSTALL_VAR_PATH = "!@#$<>?etc"; > + goToAddInstallationVariable(); > + addInstallation( INSTALL_VAR_NAME, INSTALL_VAR_VARIABLE_NAME, > INSTALL_VAR_PATH, false, false, false ); > + assertTextPresent( "Installation name contains invalid > characters." ); > + assertTextPresent( "Environment variable name contains invalid > characters." ); > + assertTextPresent( "Installation value contains invalid > characters." ); > + } > > public void testAddInvalidInstallationTool() > { > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenOneProjectTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenOneProjectTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenOneProjectTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenOneProjectTest.java > Tue Apr 26 07:18:48 2011 > @@ -199,12 +199,12 @@ public class MavenOneProjectTest > clickLinkWithXPath( "//tbody/tr['0']/td['10']/a/img[@alt='Delete']" > ); > assertTextPresent( "Delete Continuum Project" ); > clickButtonWithValue( "Delete" ); > - assertPage( "Continuum - Project Group" ); > - assertLinkNotPresent( M1_PROJ_GRP_NAME ); > + assertProjectGroupsSummaryPage(); > + clickLinkWithText( M1_PROJ_GRP_NAME ); > > // remove group for next test > removeProjectGroup( M1_PROJ_GRP_NAME ); > - > + /* > // delete project - "Delete Project(s)" button > addMaven1Project( M1_PROJ_GRP_NAME ); > clickLinkWithText( M1_PROJ_GRP_NAME ); > @@ -218,7 +218,7 @@ public class MavenOneProjectTest > if ( !isExisting ) > { > removeProjectGroup( M1_PROJ_GRP_NAME ); > - } > + }*/ > I'm not really agree to comment the code to fix the test. } > > private void addMaven1Project( String groupName ) > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenTwoProjectTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenTwoProjectTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenTwoProjectTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/MavenTwoProjectTest.java > Tue Apr 26 07:18:48 2011 > @@ -244,15 +244,14 @@ public class MavenTwoProjectTest > clickLinkWithXPath( "//tbody/tr['0']/td['10']/a/img[@alt='Delete']" > ); > assertTextPresent( "Delete Continuum Project" ); > clickButtonWithValue( "Delete" ); > - assertPage( "Continuum - Project Group" ); > - assertTextNotPresent( "Unable to delete project" ); > + assertProjectGroupsSummaryPage(); > assertLinkNotPresent( M2_PROJ_GRP_NAME ); > assertTextNotPresent( M2_PROJ_GRP_SCM_ROOT_URL ); > > // remove group for next test > removeProjectGroup( M2_PROJ_GRP_NAME ); > assertLinkNotPresent( M2_PROJ_GRP_NAME ); > - > +/* > // delete project - "Delete Project(s)" button > addMaven2Project( M2_PROJ_GRP_NAME ); > clickLinkWithText( M2_PROJ_GRP_NAME ); > @@ -272,7 +271,7 @@ public class MavenTwoProjectTest > > // remove project group > removeProjectGroup( M2_PROJ_GRP_NAME ); > - assertLinkNotPresent( M2_PROJ_GRP_NAME ); > + assertLinkNotPresent( M2_PROJ_GRP_NAME );*/ > } > > public void testBuildProjectGroupNoBuildAgentConfigured() > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/NotifierTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/NotifierTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/NotifierTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/NotifierTest.java > Tue Apr 26 07:18:48 2011 > @@ -39,6 +39,17 @@ public class NotifierTest > goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > addMailNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > MAIL_NOTIFIER_ADDRESS, true ); > } > + > + public void testAddValidMailProjectNotifierWithInvalidValue() > + throws Exception > + { > + String TEST_PROJ_GRP_NAME = getProperty( "TEST_PROJ_GRP_NAME" ); > + String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > + String MAIL_NOTIFIER_ADDRESS = ""; > + goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > + addMailNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > MAIL_NOTIFIER_ADDRESS, false ); > + assertTextPresent( "Address is invalid" ); > + } > > @Test( dependsOnMethods = { "testAddValidMailProjectNotifier" } ) > public void testEditValidMailProjectNotifier() > @@ -135,6 +146,19 @@ public class NotifierTest > addIrcNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > IRC_NOTIFIER_HOST, IRC_NOTIFIER_CHANNEL, true ); > } > > + public void testAddProjectNotifierWithInvalidValues() > + throws Exception > + { > + String TEST_PROJ_GRP_NAME = getProperty( "TEST_PROJ_GRP_NAME" ); > + String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > + String IRC_NOTIFIER_HOST = "!@#$<>?etc"; > + String IRC_NOTIFIER_CHANNEL = "!@#$<>?etc"; > + goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > + addIrcNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > IRC_NOTIFIER_HOST, IRC_NOTIFIER_CHANNEL, false ); > + assertTextPresent( "Host contains invalid character" ); > + assertTextPresent( "Channel contains invalid character" ); > + } > + > @Test( dependsOnMethods = { "testAddValidIrcProjectNotifier" } ) > public void testEditValidIrcProjectNotifier() > throws Exception > @@ -171,6 +195,8 @@ public class NotifierTest > String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > addIrcNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, "", "", false > ); > + assertTextPresent( "Host is required" ); > + assertTextPresent( "Channel is required" ); > } > > public void testAddValidIrcGroupNotifier() > @@ -226,6 +252,8 @@ public class NotifierTest > String TEST_PROJ_GRP_DESCRIPTION = getProperty( > "TEST_PROJ_GRP_DESCRIPTION" ); > goToGroupNotifier( TEST_PROJ_GRP_NAME, TEST_PROJ_GRP_ID, > TEST_PROJ_GRP_DESCRIPTION ); > addIrcNotifier( TEST_PROJ_GRP_NAME, null, "", "", false ); > + assertTextPresent( "Host is required" ); > + assertTextPresent( "Channel is required" ); > } > > public void testAddValidJabberProjectNotifier() > @@ -241,6 +269,22 @@ public class NotifierTest > addJabberNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > JABBER_NOTIFIER_HOST, JABBER_NOTIFIER_LOGIN, > JABBER_NOTIFIER_PASSWORD, > JABBER_NOTIFIER_ADDRESS, true ); > } > + > + public void testAddJabberProjectNotifierWithInvalidValues() > + throws Exception > + { > + String TEST_PROJ_GRP_NAME = getProperty( "TEST_PROJ_GRP_NAME" ); > + String JABBER_NOTIFIER_HOST = "!@#$<>?etc"; > + String JABBER_NOTIFIER_LOGIN = getProperty( > "JABBER_NOTIFIER_LOGIN" ); > + String JABBER_NOTIFIER_PASSWORD = getProperty( > "JABBER_NOTIFIER_PASSWORD" ); > + String JABBER_NOTIFIER_ADDRESS = "!@#$<>?etc"; > + String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > + goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > + addJabberNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > JABBER_NOTIFIER_HOST, JABBER_NOTIFIER_LOGIN, > + JABBER_NOTIFIER_PASSWORD, > JABBER_NOTIFIER_ADDRESS, false ); > + assertTextPresent( "Host contains invalid characters" ); > + assertTextPresent( "Address is invalid" ); > + } > > @Test( dependsOnMethods = { "testAddValidJabberProjectNotifier" } ) > public void testEditValidJabberProjectNotifier() > @@ -284,6 +328,10 @@ public class NotifierTest > String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > addJabberNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, "", "", > "", "", false ); > + assertTextPresent( "Host is required" ); > + assertTextPresent( "Login is required" ); > + assertTextPresent( "Password is required" ); > + assertTextPresent( "Address is required" ); > } > > public void testAddValidJabberGroupNotifier() > @@ -350,6 +398,10 @@ public class NotifierTest > String TEST_PROJ_GRP_DESCRIPTION = getProperty( > "TEST_PROJ_GRP_DESCRIPTION" ); > goToGroupNotifier( TEST_PROJ_GRP_NAME, TEST_PROJ_GRP_ID, > TEST_PROJ_GRP_DESCRIPTION ); > addJabberNotifier( TEST_PROJ_GRP_NAME, null, "", "", "", "", false > ); > + assertTextPresent( "Host is required" ); > + assertTextPresent( "Login is required" ); > + assertTextPresent( "Password is required" ); > + assertTextPresent( "Address is required" ); > } > > public void testAddValidMsnProjectNotifier() > @@ -365,6 +417,20 @@ public class NotifierTest > MSN_NOTIFIER_ADDRESS, true ); > } > > + public void testAddMsnProjectNotifierWithInvalidValues() > + throws Exception > + { > + String TEST_PROJ_GRP_NAME = getProperty( "TEST_PROJ_GRP_NAME" ); > + String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > + String MSN_NOTIFIER_ADDRESS = "!@#$<>?etc"; > + String MSN_NOTIFIER_LOGIN = getProperty( "MSN_NOTIFIER_LOGIN" ); > + String MSN_NOTIFIER_PASSWORD = getProperty( > "MSN_NOTIFIER_PASSWORD" ); > + goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > + addMsnNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > MSN_NOTIFIER_LOGIN, MSN_NOTIFIER_PASSWORD, > + MSN_NOTIFIER_ADDRESS, false ); > + assertTextPresent( "Address is invalid" ); > + } > + > @Test( dependsOnMethods = { "testAddValidMsnProjectNotifier" } ) > public void testEditValidMsnProjectNotifier() > throws Exception > @@ -404,6 +470,9 @@ public class NotifierTest > String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > addMsnNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, "", "", "", > false ); > + assertTextPresent( "Login is required" ); > + assertTextPresent( "Password is required" ); > + assertTextPresent( "Address is required" ); > } > > public void testAddValidMsnGroupNotifier() > @@ -464,6 +533,9 @@ public class NotifierTest > String TEST_PROJ_GRP_DESCRIPTION = getProperty( > "TEST_PROJ_GRP_DESCRIPTION" ); > goToGroupNotifier( TEST_PROJ_GRP_NAME, TEST_PROJ_GRP_ID, > TEST_PROJ_GRP_DESCRIPTION ); > addMsnNotifier( TEST_PROJ_GRP_NAME, null, "", "", "", false ); > + assertTextPresent( "Login is required" ); > + assertTextPresent( "Password is required" ); > + assertTextPresent( "Address is required" ); > } > > public void testAddValidWagonProjectNotifier() > @@ -476,6 +548,18 @@ public class NotifierTest > goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > addWagonNotifierPage( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > WAGON_NOTIFIER_URL, WAGON_SERVER_ID, true ); > } > + > + public void testAddInvalidURLWagonProjectNotifier() > + throws Exception > + { > + String TEST_PROJ_GRP_NAME = getProperty( "TEST_PROJ_GRP_NAME" ); > + String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > + String WAGON_NOTIFIER_URL = "!@#$<>?etc"; > + String WAGON_SERVER_ID = getProperty( "WAGON_SERVER_ID" ); > + goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > + addWagonNotifierPage( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, > WAGON_NOTIFIER_URL, WAGON_SERVER_ID, false ); > + assertTextPresent( "Destination URL is invalid" ); > + } > > @Test( dependsOnMethods = { "testAddValidWagonProjectNotifier" } ) > public void testEditValidWagonProjectNotifier() > @@ -513,6 +597,8 @@ public class NotifierTest > String M2_PROJ_GRP_NAME = getProperty( "M2_PROJ_GRP_NAME" ); > goToProjectNotifier( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME ); > addWagonNotifierPage( TEST_PROJ_GRP_NAME, M2_PROJ_GRP_NAME, "", "", > false ); > + assertTextPresent( "Destination URL is required" ); > + assertTextPresent( "Server Id is required" ); > } > > public void testAddValidWagonGroupNotifier() > @@ -568,6 +654,8 @@ public class NotifierTest > String TEST_PROJ_GRP_DESCRIPTION = getProperty( > "TEST_PROJ_GRP_DESCRIPTION" ); > goToGroupNotifier( TEST_PROJ_GRP_NAME, TEST_PROJ_GRP_ID, > TEST_PROJ_GRP_DESCRIPTION ); > addWagonNotifierPage( TEST_PROJ_GRP_NAME, null, "", "", false ); > + assertTextPresent( "Destination URL is required" ); > + assertTextPresent( "Server Id is required" ); > } > > @Test( dependsOnMethods = { "testEditValidMailGroupNotifier", > "testEditInvalidMailGroupNotifier" } ) > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ProjectGroupTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ProjectGroupTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ProjectGroupTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ProjectGroupTest.java > Tue Apr 26 07:18:48 2011 > @@ -55,6 +55,19 @@ public class ProjectGroupTest > addProjectGroup( TEST2_PROJ_GRP_NAME, TEST2_PROJ_GRP_ID, > TEST2_PROJ_GRP_DESCRIPTION, true ); > showProjectGroup( TEST2_PROJ_GRP_NAME, TEST2_PROJ_GRP_ID, > TEST2_PROJ_GRP_DESCRIPTION ); > } > + > + public void testAddProjectGroupWithInvalidValues() > + throws Exception > + { > + String TEST2_PROJ_GRP_NAME = "!@#$<>?etch"; > + String TEST2_PROJ_GRP_ID = "-!@#<>etc"; > + String TEST2_PROJ_GRP_DESCRIPTION = "![]<>'^&etc"; > + > + addProjectGroup( TEST2_PROJ_GRP_NAME, TEST2_PROJ_GRP_ID, > TEST2_PROJ_GRP_DESCRIPTION, false ); > + assertTextPresent( "Name contains invalid characters." ); > + assertTextPresent( "Id contains invalid characters." ); > + assertTextPresent( "Description contains invalid characters." ); > + } > > @Test( dependsOnMethods = { > "testAddMavenTwoProjectFromRemoteSourceToNonDefaultProjectGroup" } ) > public void testMoveProject() > @@ -130,6 +143,21 @@ public class ProjectGroupTest > TEST2_PROJ_GRP_DESCRIPTION ); > assertTextPresent( "Project Group Name cannot contain spaces only" > ); > } > + > + @Test( dependsOnMethods = { "testAddProjectGroup2" } ) > + public void testEditProjectGroupWithXSS() > + throws Exception > + { > + String TEST2_PROJ_GRP_NAME = getProperty( "TEST2_PROJ_GRP_NAME" ); > + String TEST2_PROJ_GRP_ID = getProperty( "TEST2_PROJ_GRP_ID" ); > + String TEST2_PROJ_GRP_DESCRIPTION = getProperty( > "TEST2_PROJ_GRP_DESCRIPTION" ); > + String NEW_PROJ_GRP_NAME = ""; > + String NEW_PROJ_GRP_DESCRIPTION = ""; > + editProjectGroup( TEST2_PROJ_GRP_NAME, TEST2_PROJ_GRP_ID, > TEST2_PROJ_GRP_DESCRIPTION, NEW_PROJ_GRP_NAME, > + NEW_PROJ_GRP_DESCRIPTION ); > + assertTextPresent( "Name contains invalid characters." ); > + assertTextPresent( "Description contains invalid characters." ); > + } > > @Test( dependsOnMethods = { "testAddMavenTwoProject" } ) > public void testProjectGroupAllBuildSuccess() > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ScheduleTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ScheduleTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ScheduleTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ScheduleTest.java > Tue Apr 26 07:18:48 2011 > @@ -69,6 +69,28 @@ public class ScheduleTest > SCHEDULE_EXPR_HOUR, SCHEDULE_EXPR_DAY_MONTH, > SCHEDULE_EXPR_MONTH, SCHEDULE_EXPR_DAY_WEEK, > SCHEDULE_EXPR_YEAR, SCHEDULE_MAX_TIME, > SCHEDULE_PERIOD, true, true ); > } > + > + @Test( dependsOnMethods = { "testAddScheduleNoBuildQueueToBeUsed" } ) > + public void testAddScheduleWithInvalidValues() > + { > + String SCHEDULE_NAME = "!@#$<>?etc"; > + String SCHEDULE_DESCRIPTION = "![]<>'^&etc"; > + String SCHEDULE_EXPR_SECOND = getProperty( "SCHEDULE_EXPR_SECOND" > ); > + String SCHEDULE_EXPR_MINUTE = getProperty( "SCHEDULE_EXPR_MINUTE" > ); > + String SCHEDULE_EXPR_HOUR = getProperty( "SCHEDULE_EXPR_HOUR" ); > + String SCHEDULE_EXPR_DAY_MONTH = getProperty( > "SCHEDULE_EXPR_DAY_MONTH" ); > + String SCHEDULE_EXPR_MONTH = getProperty( "SCHEDULE_EXPR_MONTH" ); > + String SCHEDULE_EXPR_DAY_WEEK = getProperty( > "SCHEDULE_EXPR_DAY_WEEK" ); > + String SCHEDULE_EXPR_YEAR = getProperty( "SCHEDULE_EXPR_YEAR" ); > + String SCHEDULE_MAX_TIME = getProperty( "SCHEDULE_MAX_TIME" ); > + String SCHEDULE_PERIOD = getProperty( "SCHEDULE_PERIOD" ); > + goToAddSchedule(); > + addEditSchedule( SCHEDULE_NAME, SCHEDULE_DESCRIPTION, > SCHEDULE_EXPR_SECOND, SCHEDULE_EXPR_MINUTE, > + SCHEDULE_EXPR_HOUR, SCHEDULE_EXPR_DAY_MONTH, > SCHEDULE_EXPR_MONTH, SCHEDULE_EXPR_DAY_WEEK, > + SCHEDULE_EXPR_YEAR, SCHEDULE_MAX_TIME, > SCHEDULE_PERIOD, true, false ); > + assertTextPresent( "Name contains invalid characters." ); > + assertTextPresent( "Description contains invalid characters." ); > + } > > public void testAddInvalidSchedule() > { > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ShellProjectTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ShellProjectTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ShellProjectTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/ShellProjectTest.java > Tue Apr 26 07:18:48 2011 > @@ -50,6 +50,29 @@ public class ShellProjectTest > SHELL_SCM_PASSWORD, SHELL_TAG, false, > DEFAULT_PROJ_GRP_NAME, null, true, "shell" ); > assertProjectGroupSummaryPage( DEFAULT_PROJ_GRP_NAME, > DEFAULT_PROJ_GRP_ID, DEFAULT_PROJ_GRP_DESCRIPTION ); > } > + > + public void testAddShellProjectWithInvalidValues() > + throws Exception > + { > + String SHELL_NAME = "!@#$<>?etc"; > + String SHELL_DESCRIPTION = "![]<>'^&etc"; > + String SHELL_VERSION = "<>whitespaces!#etc"; > + String SHELL_TAG = "!<>*%etc"; > + String SHELL_SCM_URL = "!<>*%etc"; > + String SHELL_SCM_USERNAME = getProperty( "SHELL_SCM_USERNAME" ); > + String SHELL_SCM_PASSWORD = getProperty( "SHELL_SCM_PASSWORD" ); > + String DEFAULT_PROJ_GRP_NAME = getProperty( > "DEFAULT_PROJ_GRP_NAME" ); > + String DEFAULT_PROJ_GRP_ID = getProperty( "DEFAULT_PROJ_GRP_ID" ); > + String DEFAULT_PROJ_GRP_DESCRIPTION = getProperty( > "DEFAULT_PROJ_GRP_DESCRIPTION" ); > + goToAddShellProjectPage(); > + addProject( SHELL_NAME, SHELL_DESCRIPTION, SHELL_VERSION, > SHELL_SCM_URL, SHELL_SCM_USERNAME, > + SHELL_SCM_PASSWORD, SHELL_TAG, false, > DEFAULT_PROJ_GRP_NAME, null, false, "shell" ); > + assertTextPresent( "Name contains invalid characters." ); > + assertTextPresent( "Description contains invalid characters." ); > + assertTextPresent( "Version contains invalid characters." ); > + assertTextPresent( "SCM Url contains invalid characters." ); > + assertTextPresent( "SCM Tag contains invalid characters." ); > + } > > public void testSubmitEmptyForm() > { > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractBuildAgentsTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractBuildAgentsTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractBuildAgentsTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractBuildAgentsTest.java > Tue Apr 26 07:18:48 2011 > @@ -1,5 +1,7 @@ > package org.apache.continuum.web.test.parent; > > +import java.net.URLEncoder; > + > /* > * Licensed to the Apache Software Foundation (ASF) under one > * or more contributor license agreements. See the NOTICE file > @@ -44,8 +46,9 @@ public abstract class AbstractBuildAgent > } > > public void removeBuildAgent( String agentName ) > + throws Exception > { > - clickLinkWithXPath( > "(//a[contains(@href,'deleteBuildAgent.action') and contains(@href, '" + > agentName + "')])//img" ); > + clickLinkWithXPath( "//a[contains(@href,'deleteBuildAgent.action') > and contains(@href, '" + URLEncoder.encode( agentName, "UTF-8" ) + "')]/img" > ); > assertPage("Continuum - Delete Build Agent"); > assertTextPresent( "Delete Build Agent" ); > assertTextPresent( "Are you sure you want to delete build agent " + > agentName + " ?" ); > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractNotifierTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractNotifierTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractNotifierTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractNotifierTest.java > Tue Apr 26 07:18:48 2011 > @@ -239,8 +239,7 @@ public abstract class AbstractNotifierTe > clickButtonWithValue( "Save" ); > if ( !isValid ) > { > - assertTextPresent( "Host is required" ); > - assertTextPresent( "Channel is required" ); > + return; > } > else if ( projectName != null ) > { > @@ -301,10 +300,7 @@ public abstract class AbstractNotifierTe > > if ( !isValid ) > { > - assertTextPresent( "Host is required" ); > - assertTextPresent( "Login is required" ); > - assertTextPresent( "Password is required" ); > - assertTextPresent( "Address is required" ); > + return; > } > else if ( projectName != null ) > { > @@ -370,9 +366,7 @@ public abstract class AbstractNotifierTe > > if ( !isValid ) > { > - assertTextPresent( "Login is required" ); > - assertTextPresent( "Password is required" ); > - assertTextPresent( "Address is required" ); > + return; > } > else if ( projectName != null ) > { > @@ -433,8 +427,7 @@ public abstract class AbstractNotifierTe > > if ( !isValid ) > { > - assertTextPresent( "Destination URL is required" ); > - assertTextPresent( "Server Id is required" ); > + return; > } > else if ( projectName != null ) > { > > Modified: > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractUserRolesManagementTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractUserRolesManagementTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractUserRolesManagementTest.java > (original) > +++ > continuum/trunk/continuum-webapp-test/src/test/testng/org/apache/continuum/web/test/parent/AbstractUserRolesManagementTest.java > Tue Apr 26 07:18:48 2011 > @@ -76,7 +76,7 @@ public abstract class AbstractUserRolesM > { > assertPage( "[Admin] User Edit" ); > assertTextPresent( "[Admin] User Roles" ); > - String userRoles = "Username,Full > Name,Email,redback-xwork-integration-core,Redback XWork Integration Security > Core,Guest,Registered User,System Administrator,User Administrator,Continuum > Group Project Administrator,Continuum Group Project Developer,Continuum > Group Project User,Continuum Manage Build Environments,Continuum Manage > Build Templates,Continuum Manage Installations,Continuum Manage Local > Repositories,Continuum Manage Purging,Continuum Manage Queues,Continuum > Manage Scheduling,Project Administrator,Project Developer,Project > User,Default Project Group"; > + String userRoles = "Username,Full > Name,Email,Guest,Registered User,System Administrator,User > Administrator,Continuum Group Project Administrator,Continuum Group Project > Developer,Continuum Group Project User,Continuum Manage Build > Environments,Continuum Manage Build Templates,Continuum Manage > Installations,Continuum Manage Local Repositories,Continuum Manage > Purging,Continuum Manage Queues,Continuum Manage Scheduling,Project > Administrator,Project Developer,Project User,Default Project Group"; > String[] arrayUserRoles = userRoles.split( "," ); > for ( String userroles : arrayUserRoles ) > assertTextPresent( userroles ); > > Modified: > continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/GenerateRecipentNotifier.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/GenerateRecipentNotifier.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/GenerateRecipentNotifier.java > (original) > +++ > continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/GenerateRecipentNotifier.java > Tue Apr 26 07:18:48 2011 > @@ -2,6 +2,7 @@ package org.apache.continuum.web.util; > > import java.util.Map; > > +import org.apache.commons.lang.StringEscapeUtils; > import org.apache.maven.continuum.model.project.ProjectNotifier; > import org.apache.maven.continuum.notification.AbstractContinuumNotifier; > import org.codehaus.plexus.util.StringUtils; > @@ -85,6 +86,7 @@ public final class GenerateRecipentNotif > { > recipent = configuration.get( "url" ); > } > - return recipent; > + // escape the characters, it may contain characters possible for > an XSS attack > + return StringEscapeUtils.escapeXml( recipent ); > } > } > > Added: > continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/RegexPatternConstants.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/RegexPatternConstants.java?rev=1096681&view=auto > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/RegexPatternConstants.java > (added) > +++ > continuum/trunk/continuum-webapp/src/main/java/org/apache/continuum/web/util/RegexPatternConstants.java > Tue Apr 26 07:18:48 2011 > @@ -0,0 +1,15 @@ > +package org.apache.continuum.web.util; > + > +public class RegexPatternConstants > +{ > + public static final String NAME_REGEX = "[a-zA-Z0-9\\s_.:-]*"; > + > + public static final String GROUP_ID_REGEX = "[a-zA-Z0-9.\\s]*"; > + > + public static final String VERSION_REGEX = "[a-zA-Z0-9.-]*"; > + > + public static final String SCM_URL_REGEX = > "[a-zA-Z0-9_.:${}#~=@\\\\/|\\[\\]-]*"; > + > + public static final String DESCRIPTION_REGEX = "[a-zA-Z0-9\\s_.-]*"; > + > +} > > Modified: > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectAction.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectAction.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectAction.java > (original) > +++ > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectAction.java > Tue Apr 26 07:18:48 2011 > @@ -25,6 +25,7 @@ import java.util.List; > > import org.apache.continuum.web.util.AuditLog; > import org.apache.continuum.web.util.AuditLogConstants; > +import org.apache.continuum.web.util.RegexPatternConstants; > import org.apache.maven.continuum.ContinuumException; > import > org.apache.maven.continuum.builddefinition.BuildDefinitionServiceException; > import org.apache.maven.continuum.model.project.BuildDefinitionTemplate; > @@ -107,14 +108,34 @@ public class AddProjectAction > { > addActionError( getText( "addProject.name.required" ) ); > } > + else if ( ( projectName != null ) && !( > projectName.trim().matches( RegexPatternConstants.NAME_REGEX ) ) ) > + { > + addActionError( getText( "addProject.name.invalid" ) ); > + } > + if (( projectDescription != null ) && !( > projectDescription.trim().matches( RegexPatternConstants.DESCRIPTION_REGEX ) > ) ) > + { > + addActionError( getText( "addProject.description.invalid" > ) ); > + } > if ( ( projectVersion != null ) && !( > projectVersion.trim().length() > 0 ) ) > { > addActionError( getText( "addProject.version.required" ) ); > } > + else if ( ( projectVersion != null ) && > !(projectVersion.trim().matches( RegexPatternConstants.VERSION_REGEX ) ) ) > + { > + addActionError( getText( "addProject.version.invalid" ) ); > + } > if ( ( projectScmUrl != null ) && !( > projectScmUrl.trim().length() > 0 ) ) > { > addActionError( getText( "addProject.scmUrl.required" ) ); > } > + else if ( ( projectScmUrl != null ) && !( > projectScmUrl.trim().matches( RegexPatternConstants.SCM_URL_REGEX ) ) ) > + { > + addActionError( getText( "addProject.scmUrl.invalid" ) ); > + } > + if ( ( projectScmTag != null ) && !( > projectScmTag.trim().matches( RegexPatternConstants.SCM_URL_REGEX ) ) ) > + { > + addActionError( getText( "addProject.scmTag.invalid" ) ); > + } > if ( isEmptyProjectGroups() ) > { > addActionError( getText( "addProject.projectGroup.required" > ) ); > @@ -139,7 +160,7 @@ public class AddProjectAction > { > initializeProjectGroupName(); > initializeActionContext(); > - > + > try > { > if ( StringUtils.isEmpty( getProjectGroupName() ) ) > > Modified: > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectGroupAction.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectGroupAction.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectGroupAction.java > (original) > +++ > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/AddProjectGroupAction.java > Tue Apr 26 07:18:48 2011 > @@ -27,6 +27,7 @@ import org.apache.continuum.model.reposi > import org.apache.continuum.repository.RepositoryServiceException; > import org.apache.continuum.web.util.AuditLog; > import org.apache.continuum.web.util.AuditLogConstants; > +import org.apache.continuum.web.util.RegexPatternConstants; > import org.apache.maven.continuum.ContinuumException; > import org.apache.maven.continuum.model.project.ProjectGroup; > import > org.apache.maven.continuum.web.exception.AuthorizationRequiredException; > @@ -62,8 +63,8 @@ public class AddProjectGroupAction > } > > public void validate() > - { > - clearErrorsAndMessages(); > + { > + clearErrorsAndMessages(); > if ( name != null && name.equals( "" ) ) > { > addActionError( getText( "projectGroup.error.name.required" ) > ); > @@ -72,6 +73,10 @@ public class AddProjectGroupAction > { > addActionError( getText( > "projectGroup.error.name.cannot.be.spaces" ) ); > } > + else if ( name != null && !name.trim().matches( > RegexPatternConstants.NAME_REGEX ) ) > + { > + addActionError( getText( "projectGroup.error.name.invalid" ) > ); > + } > else if ( name != null && !name.equals( "" ) ) > { > for ( ProjectGroup projectGroup : > getContinuum().getAllProjectGroups() ) > @@ -91,6 +96,10 @@ public class AddProjectGroupAction > { > addActionError( getText( > "projectGroup.error.groupId.cannot.be.spaces" ) ); > } > + else if ( groupId != null && !groupId.trim().matches( > RegexPatternConstants.GROUP_ID_REGEX )) > + { > + addActionError( getText( "projectGroup.error.groupId.invalid" > ) ); > + } > else > { > try > @@ -106,6 +115,10 @@ public class AddProjectGroupAction > //this exception > } > } > + if( description != null && !description.trim().matches( > RegexPatternConstants.DESCRIPTION_REGEX )) > + { > + addActionError( getText( > "projectGroup.error.description.invalid" ) ); > + } > } > > public String execute() > @@ -122,9 +135,9 @@ public class AddProjectGroupAction > > ProjectGroup projectGroup = new ProjectGroup(); > > - projectGroup.setName( name ); > + projectGroup.setName( name.trim() ); > > - projectGroup.setGroupId( groupId ); > + projectGroup.setGroupId( groupId.trim() ); > > projectGroup.setDescription( description ); > > > Modified: > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/ProjectGroupAction.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/ProjectGroupAction.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/ProjectGroupAction.java > (original) > +++ > continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/ProjectGroupAction.java > Tue Apr 26 07:18:48 2011 > @@ -31,6 +31,7 @@ import java.util.LinkedList; > import java.util.List; > import java.util.Map; > import java.util.Random; > +import java.util.regex.Pattern; > > import org.apache.commons.codec.binary.Base64; > import org.apache.commons.collections.ComparatorUtils; > @@ -44,6 +45,7 @@ import org.apache.continuum.model.reposi > import org.apache.continuum.utils.build.BuildTrigger; > import org.apache.continuum.web.util.AuditLog; > import org.apache.continuum.web.util.AuditLogConstants; > +import org.apache.continuum.web.util.RegexPatternConstants; > import org.apache.maven.continuum.ContinuumException; > import org.apache.maven.continuum.model.project.BuildDefinition; > import org.apache.maven.continuum.model.project.BuildResult; > @@ -211,7 +213,7 @@ public class ProjectGroupAction > } > > if ( projectGroup != null ) > - { > + { > if ( projectGroup.getProjects() != null && > projectGroup.getProjects().size() > 0 ) > { > int nbMaven2Projects = 0; > @@ -482,7 +484,7 @@ public class ProjectGroupAction > addActionError( authzE.getMessage() ); > return REQUIRES_AUTHORIZATION; > } > - > + > if ( name != null ) > { > if ( name.equals( "" ) ) > @@ -493,6 +495,10 @@ public class ProjectGroupAction > { > addActionError( getText( > "projectGroup.error.name.cannot.be.spaces" ) ); > } > + else if ( !name.trim().matches( > RegexPatternConstants.NAME_REGEX ) ) > + { > + addActionError( getText( "projectGroup.error.name.invalid" > ) ); > + } > else > { > name = name.trim(); > @@ -504,11 +510,15 @@ public class ProjectGroupAction > } > } > } > - if ( hasActionErrors() ) > - { > - initialize(); > - return INPUT; > - } > + } > + if ( description != null && !description.trim().matches( > RegexPatternConstants.DESCRIPTION_REGEX ) ) > + { > + addActionError( getText( > "projectGroup.error.description.invalid" ) ); > + } > + if ( hasActionErrors() ) > + { > + initialize(); > + return INPUT; > } > > projectGroup = getContinuum().getProjectGroupWithProjects( > projectGroupId ); > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/localization/Continuum.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/localization/Continuum.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/localization/Continuum.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/localization/Continuum.properties > Tue Apr 26 07:18:48 2011 > @@ -223,9 +223,12 @@ projectGroup.add.section.title = Add Pro > projectGroup.error.name.required = Project Group Name is required. > projectGroup.error.name.cannot.be.spaces = Project Group Name cannot > contain spaces only. > projectGroup.error.name.already.exists = Project Group Name already > exists. > +projectGroup.error.name.invalid = Name contains invalid characters. > projectGroup.error.groupId.required = Project Group ID is required. > projectGroup.error.groupId.cannot.be.spaces = Project Group ID cannot > contain spaces only. > projectGroup.error.groupId.already.exists = Project Group ID already > exists. > +projectGroup.error.groupId.invalid = Id contains invalid characters. > +projectGroup.error.description.invalid = Description contains invalid > characters. > > # ---------------------------------------------------------------------- > # Page: Edit Project Group > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction-addProject-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction-addProject-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction-addProject-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction-addProject-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -26,15 +26,44 @@ > > > > + > + true > + > + > + > + > + > + > + true > + > + > + > > > > > > + > + true > + > + > + > > > > > > + > + true > + ${}\\/|#~=\[\]-]*]]> > + > + > + > + > + > + true > + \\/|#~=\[\]-]*]]> > + > + > > > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/AddProjectAction.properties > Tue Apr 26 07:18:48 2011 > @@ -18,6 +18,11 @@ > # > > addProject.name.required = Name is required and cannot contain null or > spaces only > -addProject.version.required = Version is required and cannot contain null > or spaces only > -addProject.scmUrl.required = SCM Url is required and cannot contain null > or spaces only > +addProject.name.invalid = Name contains invalid characters. > +addProject.description.invalid = Description contains invalid characters. > +addProject.version.required = Version is required and cannot contain null > or spaces only. > +addProject.version.invalid = Version contains invalid characters. > +addProject.scmUrl.required = SCM Url is required and cannot contain null > or spaces only. > +addProject.scmUrl.invalid = SCM Url contains invalid characters. > +addProject.scmTag.invalid = SCM Tag contains invalid characters. > addProject.projectGroup.required = Project Group is required and all > projects must be in a project group > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction-saveBuildDefinition-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction-saveBuildDefinition-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction-saveBuildDefinition-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction-saveBuildDefinition-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -26,5 +26,31 @@ > > > > + > + true > + > + > + > + > + > + > + true > + > + > + > + > + > + > + true > + name="expression"> > + > + > + > + > + > + true > + > + > + > > > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/BuildDefinitionAction.properties > Tue Apr 26 07:18:48 2011 > @@ -17,4 +17,8 @@ > # under the License. > # > > -buildDefinition.buildFile.required = Build file is required and cannot > contain spaces only > +buildDefinition.buildFile.required = Build file is required and cannot > contain spaces only. > +buildDefinition.buildFile.invalid = Build file contains invalid > characters. > +buildDefinition.goals.invalid = Goals contains invalid characters. > +buildDefinition.arguments.invalid = Arguments contains invalid characters. > +buildDefinition.description.invalid = Description contains invalid > characters. > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction-projectSave-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction-projectSave-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction-projectSave-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction-projectSave-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -26,15 +26,37 @@ > > > > + > + true > + > + > + > > > > > > + > + true > + > + > + > > > > > > + > + true > + \\/|#~=\[\]-]*]]> > + > + > + > + > + > + true > + \\/|#~=\[\]-]*]]> > + > + > > > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectEditAction.properties > Tue Apr 26 07:18:48 2011 > @@ -17,6 +17,10 @@ > # under the License. > # > > -projectEdit.name.required = Project Name is required > -projectEdit.version.required = version is required > -projectEdit.scmUrl.required = scmUrl is required > +projectEdit.name.required = Project Name is required. > +projectEdit.name.invalid = Name contains invalid characters. > +projectEdit.version.required = Version is required. > +projectEdit.version.invalid = Version contains invalid characters. > +projectEdit.scmUrl.required = Scm Url is required. > +projectEdit.scmUrl.invalid = Scm Url contains invalid characters. > +projectEdit.scmTag.invalid = Scm Tag contains invalid characters. > \ No newline at end of file > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction-saveProjectGroup-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction-saveProjectGroup-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction-saveProjectGroup-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction-saveProjectGroup-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -27,4 +27,4 @@ > > > > - > + > \ No newline at end of file > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ProjectGroupAction.properties > Tue Apr 26 07:18:48 2011 > @@ -18,3 +18,7 @@ > # > > projectGroup.name.required = Project Group Name is required > +projectGroup.name.invalid = Name contains invalid characters. > +projectGroup.id.invalid = Id contains invalid characters. > +projectGroup.description.invalid = Description contains invalid > characters. > + > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction-saveSchedule-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction-saveSchedule-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction-saveSchedule-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction-saveSchedule-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -26,11 +26,21 @@ > > > > + > + true > + > + > + > > > > > > + > + true > + > + > + > > > > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/ScheduleAction.properties > Tue Apr 26 07:18:48 2011 > @@ -17,8 +17,10 @@ > # under the License. > # > > -schedule.name.required = Name is required and cannot contain spaces only > -schedule.version.required = Description is required and cannot contain > spaces only > -schedule.maxJobExecutionTime.required = Maximum job execution time is > required > -schedule.maxJobExecutionTime.invalid = Maximum job execution time must be > an integer > -schedule.delay.invalid = Quiet period must be an integer > +schedule.name.required = Name is required and cannot contain spaces only. > +schedule.name.invalid = Name contains invalid characters. > +schedule.version.required = Description is required and cannot contain > spaces only. > +schedule.version.invalid = Description contains invalid characters. > +schedule.maxJobExecutionTime.required = Maximum job execution time is > required. > +schedule.maxJobExecutionTime.invalid = Maximum job execution time must be > an integer. > +schedule.delay.invalid = Quiet period must be an integer. > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/BuildDefinitionTemplateAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/BuildDefinitionTemplateAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/BuildDefinitionTemplateAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/BuildDefinitionTemplateAction.properties > Tue Apr 26 07:18:48 2011 > @@ -16,6 +16,7 @@ > # specific language governing permissions and limitations > # under the License. > # > + > buildDefinitionTemplate.name.exists = Name already exists > buildDefinitionTemplate.name.required = Name is required > buildDefinitionTemplate.name.invalid = Name contains invalid characters > @@ -24,4 +25,4 @@ buildDefinition.buildFile.invalid = Buil > buildDefinition.description.required = Description is required > buildDefinition.description.invalid = Description contains invalid > characters > buildDefinition.goals.invalid = Goals contain invalid characters > -buildDefinition.arguments.invalid = Arguments contain invalid characters > \ No newline at end of file > +buildDefinition.arguments.invalid = Arguments contain invalid characters > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/InstallationAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/InstallationAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/InstallationAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/admin/InstallationAction.properties > Tue Apr 26 07:18:48 2011 > @@ -22,4 +22,4 @@ installation.name.invalid = Installation > installation.varValue.required = You must define a value. > installation.varValue.invalid = Installation value contains invalid > characters. > installation.varValue.version.failed = Failed to validate installation, > check server log. > -installation.varName.invalid = Environment variable name contains invalid > characters. > \ No newline at end of file > +installation.varName.invalid = Environment variable name contains invalid > characters. > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction-ircProjectGroupNotifierSave-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -26,6 +26,11 @@ > > > > + > + true > + > + > + > > > > @@ -38,5 +43,10 @@ > > > > + > + true > + > + > + > > > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcGroupNotifierEditAction.properties > Tue Apr 26 07:18:48 2011 > @@ -18,5 +18,7 @@ > # > > ircNotifier.host.required = Host is required > +ircNotifier.host.invalid = Host contains invalid character > ircNotifier.port.invalid = Port must be an integer from 0 to 65535 > ircNotifier.channel.required = Channel is required > +ircNotifier.channel.invalid = Channel contains invalid character > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction-ircProjectNotifierSave-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -26,6 +26,11 @@ > > > > + > + true > + > + > + > > > > @@ -38,5 +43,10 @@ > > > > + > + true > + > + > + > > > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/IrcProjectNotifierEditAction.properties > Tue Apr 26 07:18:48 2011 > @@ -18,5 +18,7 @@ > # > > ircNotifier.host.required = Host is required > +ircNotifier.host.invalid = Host contains invalid character > ircNotifier.port.invalid = Port must be an integer from 0 to 65535 > ircNotifier.channel.required = Channel is required > +ircNotifier.channel.invalid = Channel contains invalid character > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction-jabberProjectGroupNotifierSave-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -26,6 +26,11 @@ > > > > + > + true > + > + > + > > > > @@ -44,6 +49,13 @@ > > > > + > + > + true > + > + > + > + > > > > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberGroupNotifierEditAction.properties > Tue Apr 26 07:18:48 2011 > @@ -18,8 +18,10 @@ > # > > jabberNotifier.host.required = Host is required > +jabberNotifier.host.invalid = Host contains invalid character > jabberNotifier.port.invalid = Port must be an integer from 0 to 65535 > jabberNotifier.login.required = Login is required > jabberNotifier.password.required = Password is required > +jabberNotifier.domain.invalid = Domain contains invalid character > jabberNotifier.address.required = Address is required > jabberNotifier.address.invalid = Address is invalid > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction-jabberProjectNotifierSave-validation.xml > Tue Apr 26 07:18:48 2011 > @@ -26,6 +26,11 @@ > > > > + > + true > + > + > + > > > > @@ -44,6 +49,13 @@ > > > > + > + > + true > + > + > + > + > > > > > Modified: > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction.properties > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction.properties?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction.properties > (original) > +++ > continuum/trunk/continuum-webapp/src/main/resources/org/apache/maven/continuum/web/action/notifier/JabberProjectNotifierEditAction.properties > Tue Apr 26 07:18:48 2011 > @@ -18,8 +18,10 @@ > # > > jabberNotifier.host.required = Host is required > +jabberNotifier.host.invalid = Host contains invalid characters > jabberNotifier.port.invalid = Port must be an integer from 0 to 65535 > jabberNotifier.login.required = Login is required > jabberNotifier.password.required = Password is required > +jabberNotifier.domain.invalid = Domain contains invalid characters > jabberNotifier.address.required = Address is required > jabberNotifier.address.invalid = Address is invalid > > Modified: > continuum/trunk/continuum-webapp/src/test/java/org/apache/maven/continuum/web/action/AddProjectActionTest.java > URL: > http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/test/java/org/apache/maven/continuum/web/action/AddProjectActionTest.java?rev=1096681&r1=1096680&r2=1096681&view=diff > > ============================================================================== > --- > continuum/trunk/continuum-webapp/src/test/java/org/apache/maven/continuum/web/action/AddProjectActionTest.java > (original) > +++ > continuum/trunk/continuum-webapp/src/test/java/org/apache/maven/continuum/web/action/AddProjectActionTest.java > Tue Apr 26 07:18:48 2011 > @@ -42,6 +42,26 @@ public class AddProjectActionTest > > private Mock continuumMock; > > + private static final String VALID_NAME_CHARACTER = > "abcABC123whitespaces_.:-"; > + > + private static final String INVALID_NAME_CHARACTER = "!@#$<>?etc"; > + > + private static final String VALID_VERSION_CHARACTER = "abcABC123.-"; > + > + private static final String INVALID_VERSION_CHARACTER = > "<>whitespaces!#etc"; > + > + private static final String VALID_SCM_URL_CHARACTER = > "abcABC123_.:-#~=@\\/|[]"; > + > + private static final String INVALID_SCM_URL_CHARACTER = "!<>*%etc"; > + > + private static final String VALID_SCM_TAG_CHARACTER = > "abcABC123_.:-#~=@\\/|[]"; > + > + private static final String INVALID_SCM_TAG_CHARACTER = "!<>*%etc"; > + > + private static final String VALID_DESCRIPTION_CHARACTER = > "abcABC123whitespaces_.-"; > + > + private static final String INVALID_DESCRIPTION_CHARACTER = > "![]<>'^&etc"; > + > protected void setUp() > throws Exception > { > @@ -94,6 +114,54 @@ public class AddProjectActionTest > continuumMock.verify(); > > } > + > + public void testAddAntProjectWithValidValues() > + throws Exception > + { > + List projects = createProjectList(); > + continuumMock.expects( once() ).method( "getProjects" ).will( > returnValue( projects ) ); > + continuumMock.expects( once() ).method( "addProject" ).will( > returnValue( 3 ) ); > + > + action.setProjectName( VALID_NAME_CHARACTER ); > + action.setProjectDescription( VALID_DESCRIPTION_CHARACTER ); > + action.setProjectVersion( VALID_VERSION_CHARACTER ); > + action.setProjectScmUrl( VALID_SCM_URL_CHARACTER ); > + action.setProjectScmTag( VALID_SCM_TAG_CHARACTER ); > + action.setProjectType( "ant" ); > + action.setSelectedProjectGroup( 1 ); > + action.setBuildDefintionTemplateId( 1 ); > + > + // validate > + action.validate(); > + > + // verify > + assertFalse( action.hasActionErrors() ); > + assertEquals( 0, action.getActionErrors().size() ); > + > + // add > + action.add(); > + > + continuumMock.verify(); > + } > + > + public void testAddAntProjectWithInvalidValues() > + { > + action.setProjectName( INVALID_NAME_CHARACTER ); > + action.setProjectDescription( INVALID_DESCRIPTION_CHARACTER ); > + action.setProjectVersion( INVALID_VERSION_CHARACTER ); > + action.setProjectScmUrl( INVALID_SCM_URL_CHARACTER ); > + action.setProjectScmTag( INVALID_SCM_TAG_CHARACTER ); > + action.setProjectType( "ant" ); > + action.setSelectedProjectGroup( 1 ); > + action.setBuildDefintionTemplateId( 1 ); > + > + // validate > + action.validate(); > + > + // verify > + assertTrue( action.hasActionErrors() ); > + assertEquals( 5, action.getActionErrors().size() ); > + } > > /** > * Test add of Shell project > @@ -120,7 +188,55 @@ public class AddProjectActionTest > action.add(); > continuumMock.verify(); > } > - > + > + public void testAddShellProjectWithValidValues() > + throws Exception > + { > + List projects = createProjectList(); > + continuumMock.expects( once() ).method( "getProjects" ).will( > returnValue( projects ) ); > + continuumMock.expects( once() ).method( "addProject" ).will( > returnValue( 3 ) ); > + > + action.setProjectName( VALID_NAME_CHARACTER ); > + action.setProjectDescription( VALID_DESCRIPTION_CHARACTER ); > + action.setProjectVersion( VALID_VERSION_CHARACTER ); > + action.setProjectScmUrl( VALID_SCM_URL_CHARACTER ); > + action.setProjectScmTag( VALID_SCM_TAG_CHARACTER ); > + action.setProjectType( "shell" ); > + action.setSelectedProjectGroup( 1 ); > + action.setBuildDefintionTemplateId( 1 ); > + > + // validate > + action.validate(); > + > + // verify > + assertFalse( action.hasActionErrors() ); > + assertEquals( 0, action.getActionErrors().size() ); > + > + // add > + action.add(); > + > + continuumMock.verify(); > + } > + > + public void testAddShellProjectWithInvalidValues() > + { > + action.setProjectName( INVALID_NAME_CHARACTER ); > + action.setProjectDescription( INVALID_DESCRIPTION_CHARACTER ); > + action.setProjectVersion( INVALID_VERSION_CHARACTER ); > + action.setProjectScmUrl( INVALID_SCM_URL_CHARACTER ); > + action.setProjectScmTag( INVALID_SCM_TAG_CHARACTER ); > + action.setProjectType( "shell" ); > + action.setSelectedProjectGroup( 1 ); > + action.setBuildDefintionTemplateId( 1 ); > + > + // validate > + action.validate(); > + > + // verify > + assertTrue( action.hasActionErrors() ); > + assertEquals( 5, action.getActionErrors().size() ); > + } > + > private List createProjectList() > { > List projects = new ArrayList(); > > >