EFRS-1316: Added a regex pattern to DTOs to prevent the possibility s…

…ave an app/model/subject with a name that contains special characters

java/admin/src/main/java/com/exadel/frs/dto/ui/AppCreateDto.java

@@ -16,7 +16,9 @@
 
 package com.exadel.frs.dto.ui;
 
+import static com.exadel.frs.commonservice.system.global.RegExConstants.DOES_NOT_CONTAIN_SPECIAL_CHARACTERS;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -31,5 +33,6 @@ public class AppCreateDto {
 
     @NotBlank(message = "Application name cannot be empty")
     @Size(min = 1, max = 50, message = "Application name size must be between 1 and 50")
+    @Pattern(regexp = DOES_NOT_CONTAIN_SPECIAL_CHARACTERS, message = "Only the following special characters are allowed: [].-_")
     private String name;
 }

java/admin/src/main/java/com/exadel/frs/dto/ui/AppUpdateDto.java

@@ -16,7 +16,9 @@
 
 package com.exadel.frs.dto.ui;
 
+import static com.exadel.frs.commonservice.system.global.RegExConstants.DOES_NOT_CONTAIN_SPECIAL_CHARACTERS;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -31,5 +33,6 @@ public class AppUpdateDto {
 
     @NotBlank(message = "Application name cannot be empty")
     @Size(min = 1, max = 50, message = "Application name size must be between 1 and 50")
+    @Pattern(regexp = DOES_NOT_CONTAIN_SPECIAL_CHARACTERS, message = "Only the following special characters are allowed: [].-_")
     private String name;
 }

java/admin/src/main/java/com/exadel/frs/dto/ui/ModelCloneDto.java

@@ -16,7 +16,9 @@
 
 package com.exadel.frs.dto.ui;
 
+import static com.exadel.frs.commonservice.system.global.RegExConstants.DOES_NOT_CONTAIN_SPECIAL_CHARACTERS;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -31,5 +33,6 @@ public class ModelCloneDto {
 
     @NotBlank(message = "Model name cannot be empty")
     @Size(min = 1, max = 50, message = "Model name size must be between 1 and 50")
+    @Pattern(regexp = DOES_NOT_CONTAIN_SPECIAL_CHARACTERS, message = "Only the following special characters are allowed: [].-_")
     private String name;
 }

java/admin/src/main/java/com/exadel/frs/dto/ui/ModelCreateDto.java

@@ -16,9 +16,11 @@
 
 package com.exadel.frs.dto.ui;
 
+import static com.exadel.frs.commonservice.system.global.RegExConstants.DOES_NOT_CONTAIN_SPECIAL_CHARACTERS;
 import com.exadel.frs.commonservice.enums.ModelType;
 import com.exadel.frs.validation.ValidEnum;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -33,6 +35,7 @@ public class ModelCreateDto {
 
     @NotBlank(message = "Model name cannot be empty")
     @Size(min = 1, max = 50, message = "Model name size must be between 1 and 50")
+    @Pattern(regexp = DOES_NOT_CONTAIN_SPECIAL_CHARACTERS, message = "Only the following special characters are allowed: [].-_")
     private String name;
 
     @NotBlank(message = "Model Type cannot be empty")

java/admin/src/main/java/com/exadel/frs/dto/ui/ModelUpdateDto.java

@@ -16,7 +16,9 @@
 
 package com.exadel.frs.dto.ui;
 
+import static com.exadel.frs.commonservice.system.global.RegExConstants.DOES_NOT_CONTAIN_SPECIAL_CHARACTERS;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -31,5 +33,6 @@ public class ModelUpdateDto {
 
     @NotBlank(message = "Model name cannot be empty")
     @Size(min = 1, max = 50, message = "Model name size must be between 1 and 50")
+    @Pattern(regexp = DOES_NOT_CONTAIN_SPECIAL_CHARACTERS, message = "Only the following special characters are allowed: [].-_")
     private String name;
 }

java/api/src/main/java/com/exadel/frs/core/trainservice/dto/SubjectDto.java

@@ -1,9 +1,11 @@
 package com.exadel.frs.core.trainservice.dto;
 
+import static com.exadel.frs.commonservice.system.global.RegExConstants.DOES_NOT_CONTAIN_SPECIAL_CHARACTERS;
 import static com.exadel.frs.core.trainservice.system.global.Constants.SUBJECT_DESC;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import io.swagger.annotations.ApiParam;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;
 import lombok.AllArgsConstructor;
 import lombok.Data;
@@ -18,5 +20,6 @@ public class SubjectDto {
     @JsonProperty("subject")
     @NotBlank(message = "Subject name cannot be empty")
     @Size(min = 1, max = 50, message = "Subject name size must be between 1 and 50")
+    @Pattern(regexp = DOES_NOT_CONTAIN_SPECIAL_CHARACTERS, message = "Only the following special characters are allowed: [].-_")
     private String subjectName;
 }

java/common/src/main/java/com/exadel/frs/commonservice/exception/PatternMatchException.java

@@ -0,0 +1,10 @@
+package com.exadel.frs.commonservice.exception;
+
+import static com.exadel.frs.commonservice.handler.CommonExceptionCode.INCORRECT_ARGUMENT;
+
+public class PatternMatchException extends BasicException {
+
+    public PatternMatchException(final String message) {
+        super(INCORRECT_ARGUMENT, message);
+    }
+}

java/common/src/main/java/com/exadel/frs/commonservice/handler/ResponseExceptionHandler.java

@@ -30,6 +30,7 @@
 import com.exadel.frs.commonservice.exception.MissingPathVarException;
 import com.exadel.frs.commonservice.exception.MissingRequestParamException;
 import com.exadel.frs.commonservice.exception.MissingRequestPartException;
+import com.exadel.frs.commonservice.exception.PatternMatchException;
 import lombok.extern.slf4j.Slf4j;
 import lombok.val;
 import org.springframework.http.HttpHeaders;
@@ -198,6 +199,9 @@ private static BasicException getException(final FieldError fieldError) {
             case "NotEmpty":
                 basicException = new EmptyRequiredFieldException(fieldError.getField());
                 break;
+            case "Pattern":
+                basicException = new PatternMatchException(fieldError.getDefaultMessage());
+                break;
             default:
                 basicException = new BasicException(UNDEFINED, "");
         }

java/common/src/main/java/com/exadel/frs/commonservice/system/global/RegExConstants.java

@@ -0,0 +1,10 @@
+package com.exadel.frs.commonservice.system.global;
+
+import lombok.experimental.UtilityClass;
+
+@UtilityClass
+public class RegExConstants {
+
+    public static final String CONTAINS_SPECIAL_CHARACTERS = "[`~!@\"#№$%^:;&?<>(){|},/\\\\*+=]+";
+    public static final String DOES_NOT_CONTAIN_SPECIAL_CHARACTERS = "[^`~!@\"#№$%^:;&?<>(){|},/\\\\*+=]+";
+}

java/common/src/main/java/com/exadel/frs/commonservice/system/liquibase/customchange/RemoveSpecialCharactersCustomChange.java

@@ -1,5 +1,6 @@
 package com.exadel.frs.commonservice.system.liquibase.customchange;
 
+import static com.exadel.frs.commonservice.system.global.RegExConstants.CONTAINS_SPECIAL_CHARACTERS;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
@@ -31,7 +32,7 @@
 @Setter
 public class RemoveSpecialCharactersCustomChange implements CustomTaskChange {
 
-    private static final Pattern SPECIAL_CHARACTERS_PATTERN = Pattern.compile("[`~!@\"#№$%^:;&?<>(){|},/\\\\*+=]");
+    private static final Pattern SPECIAL_CHARACTERS_PATTERN = Pattern.compile(CONTAINS_SPECIAL_CHARACTERS);
 
     private static final String COUNT_SQL_TEMPLATE = "SELECT COUNT(*) FROM ${table}";
     private static final String SELECT_SQL_TEMPLATE = "SELECT ${primaryKey}, ${target} FROM ${table}";