View Javadoc
1   /*
2    * This file is part of Waarp Project (named also Waarp or GG).
3    *
4    *  Copyright (c) 2019, Waarp SAS, and individual contributors by the @author
5    *  tags. See the COPYRIGHT.txt in the distribution for a full listing of
6    * individual contributors.
7    *
8    *  All Waarp Project is free software: you can redistribute it and/or
9    * modify it under the terms of the GNU General Public License as published by
10   * the Free Software Foundation, either version 3 of the License, or (at your
11   * option) any later version.
12   *
13   * Waarp is distributed in the hope that it will be useful, but WITHOUT ANY
14   * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
15   * A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16   *
17   *  You should have received a copy of the GNU General Public License along with
18   * Waarp . If not, see <http://www.gnu.org/licenses/>.
19   */
20  
21  package org.waarp.common.utility;
22  
23  import com.google.common.base.Strings;
24  import org.waarp.common.exception.InvalidArgumentException;
25  
26  import java.util.ArrayList;
27  import java.util.List;
28  import java.util.regex.Pattern;
29  
30  /**
31   * Checker for Parameters <br>
32   * <br>
33   * Can be used for String (testing also emptiness) and for general Object.<br>
34   * For null String only, use the special method.
35   */
36  public final class ParametersChecker {
37    public static final String DEFAULT_ERROR =
38        "Parameter should not be null or empty";
39    // Default ASCII for Param check
40    public static final Pattern UNPRINTABLE_PATTERN =
41        Pattern.compile("[\\p{Cntrl}&&[^\r\n\t]]");
42    public static final List<String> RULES = new ArrayList<String>();
43    public static final String[] ZERO_ARRAY_STRING = new String[0];
44    // default parameters for XML check
45    static final String CDATA_TAG_UNESCAPED = "<![CDATA[";
46    static final String CDATA_TAG_ESCAPED = "&lt;![CDATA[";
47    static final String ENTITY_TAG_UNESCAPED = "<!ENTITY";
48    static final String ENTITY_TAG_ESCAPED = "&lt;!ENTITY";
49    // default parameters for Javascript check
50    static final String SCRIPT_TAG_UNESCAPED = "<script>";
51    static final String SCRIPT_TAG_ESCAPED = "&lt;script&gt;";
52    // default parameters for Json check
53    private static final String TAG_START =
54        "\\<\\w+((\\s+\\w+(\\s*\\=\\s*(?:\".*?\"|'.*?'|[^'\"\\>\\s]+))?)+\\s*|\\s*)\\>";
55    private static final String TAG_END = "\\</\\w+\\>";
56    private static final String TAG_SELF_CLOSING =
57        "\\<\\w+((\\s+\\w+(\\s*\\=\\s*(?:\".*?\"|'.*?'|[^'\"\\>\\s]+))?)+\\s*|\\s*)/\\>";
58    private static final String HTML_ENTITY = "&[a-zA-Z][a-zA-Z0-9]+;";
59    // Allowed
60    public static final Pattern HTML_PATTERN = Pattern.compile(
61        '(' + TAG_START + ".*" + TAG_END + ")|(" + TAG_SELF_CLOSING + ")|(" +
62        HTML_ENTITY + ')', Pattern.DOTALL);
63  
64    static {
65      RULES.add(CDATA_TAG_UNESCAPED);
66      RULES.add(CDATA_TAG_ESCAPED);
67      RULES.add(ENTITY_TAG_UNESCAPED);
68      RULES.add(ENTITY_TAG_ESCAPED);
69      RULES.add(SCRIPT_TAG_UNESCAPED);
70      RULES.add(SCRIPT_TAG_ESCAPED);
71    }
72  
73    private ParametersChecker() {
74      // empty
75    }
76  
77    private static final String MANDATORY_PARAMETER = " is mandatory parameter";
78  
79    /**
80     * Check if any parameter are null or empty and if so, throw an
81     * IllegalArgumentException
82     *
83     * @param errorMessage the error message
84     * @param parameters parameters to be checked
85     *
86     * @throws IllegalArgumentException if null or empty
87     */
88    public static void checkParameter(final String errorMessage,
89                                      final String... parameters) {
90      if (parameters == null) {
91        throw new IllegalArgumentException(errorMessage);
92      }
93      for (final String parameter : parameters) {
94        if (Strings.isNullOrEmpty(parameter) || parameter.trim().isEmpty()) {
95          throw new IllegalArgumentException(errorMessage);
96        }
97      }
98    }
99  
100   /**
101    * Check if any parameter are null or empty and if so, throw an
102    * IllegalArgumentException
103    *
104    * @param errorMessage the error message
105    * @param parameters set of parameters
106    *
107    * @throws IllegalArgumentException if null or empty
108    */
109   public static void checkParameterDefault(final String errorMessage,
110                                            final String... parameters) {
111     if (parameters == null) {
112       throw new IllegalArgumentException(errorMessage + MANDATORY_PARAMETER);
113     }
114     for (final String parameter : parameters) {
115       if (Strings.isNullOrEmpty(parameter) || parameter.trim().isEmpty()) {
116         throw new IllegalArgumentException(errorMessage + MANDATORY_PARAMETER);
117       }
118     }
119   }
120 
121   /**
122    * Check if any parameter are null or empty and if so, return false
123    *
124    * @param parameters set of parameters
125    *
126    * @return True if not null and not empty neither containing only spaces
127    */
128   public static boolean isNotEmpty(final String... parameters) {
129     if (parameters == null) {
130       return false;
131     }
132     for (final String parameter : parameters) {
133       if (Strings.isNullOrEmpty(parameter) || parameter.trim().isEmpty()) {
134         return false;
135       }
136     }
137     return true;
138   }
139 
140   /**
141    * Check if any parameter are null or empty and if so, return true
142    *
143    * @param parameters set of parameters
144    *
145    * @return True if any is null or empty or containing only spaces
146    */
147   public static boolean isEmpty(final String... parameters) {
148     if (parameters == null) {
149       return true;
150     }
151     for (final String parameter : parameters) {
152       if (Strings.isNullOrEmpty(parameter) || parameter.trim().isEmpty()) {
153         return true;
154       }
155     }
156     return false;
157   }
158 
159   /**
160    * Check if any parameter are null or empty and if so, throw an
161    * IllegalArgumentException
162    *
163    * @param errorMessage the error message
164    * @param parameters set of parameters
165    *
166    * @throws IllegalArgumentException if null or empty
167    */
168   public static void checkParameterDefault(final String errorMessage,
169                                            final Object... parameters) {
170     if (parameters == null) {
171       throw new IllegalArgumentException(errorMessage + MANDATORY_PARAMETER);
172     }
173     for (final Object parameter : parameters) {
174       if (parameter == null) {
175         throw new IllegalArgumentException(errorMessage + MANDATORY_PARAMETER);
176       }
177     }
178   }
179 
180   /**
181    * Check if any parameter are null and if so, throw an
182    * IllegalArgumentException
183    *
184    * @param errorMessage the error message
185    * @param parameters parameters to be checked
186    *
187    * @throws IllegalArgumentException if null
188    */
189   public static void checkParameterNullOnly(final String errorMessage,
190                                             final String... parameters) {
191     if (parameters == null) {
192       throw new IllegalArgumentException(errorMessage);
193     }
194     for (final String parameter : parameters) {
195       if (parameter == null) {
196         throw new IllegalArgumentException(errorMessage);
197       }
198     }
199   }
200 
201   /**
202    * Check if any parameter are null and if so, throw an
203    * IllegalArgumentException
204    *
205    * @param errorMessage set of parameters
206    * @param parameters set parameters to be checked
207    *
208    * @throws IllegalArgumentException if null
209    */
210   public static void checkParameter(final String errorMessage,
211                                     final Object... parameters) {
212     if (parameters == null) {
213       throw new IllegalArgumentException(errorMessage);
214     }
215     for (final Object parameter : parameters) {
216       if (parameter == null) {
217         throw new IllegalArgumentException(errorMessage);
218       }
219     }
220   }
221 
222   /**
223    * Check if an integer parameter is greater or equals to minValue
224    *
225    * @param name name of the variable
226    * @param variable the value of variable to check
227    * @param minValue the min value
228    */
229   public static void checkValue(final String name, final long variable,
230                                 final long minValue) {
231     if (variable < minValue) {
232       throw new IllegalArgumentException(
233           "Parameter " + name + " is less than " + minValue);
234     }
235   }
236 
237   /**
238    * Check external argument to avoid Path Traversal attack
239    *
240    * @param value to check
241    *
242    * @throws InvalidArgumentException
243    */
244   public static String checkSanityString(final String value)
245       throws InvalidArgumentException {
246     checkSanityString(new String[] { value });
247     return value;
248   }
249 
250   /**
251    * Check external argument (null is consider as correct)
252    *
253    * @param strings
254    *
255    * @throws InvalidArgumentException
256    */
257   public static void checkSanityString(final String... strings)
258       throws InvalidArgumentException {
259     for (final String field : strings) {
260       if (isEmpty(field)) {
261         continue;
262       }
263       if (UNPRINTABLE_PATTERN.matcher(field).find()) {
264         throw new InvalidArgumentException("Invalid input bytes");
265       }
266       for (final String rule : RULES) {
267         if (rule != null && field.contains(rule)) {
268           throw new InvalidArgumentException("Invalid tag sanity check");
269         }
270       }
271     }
272   }
273 }