diff -r a7e543ab0c5f -r e2aa673dd473 src/main/java/de/uapcore/lightpit/modules/ProjectsModule.java --- a/src/main/java/de/uapcore/lightpit/modules/ProjectsModule.java Thu Oct 22 12:00:34 2020 +0200 +++ b/src/main/java/de/uapcore/lightpit/modules/ProjectsModule.java Thu Oct 22 13:03:26 2020 +0200 @@ -74,42 +74,44 @@ return; // Select Project - final int pid = Functions.parseIntOrZero(pathParameters.get("project")); - if (pid > 0) { - final var project = projectDao.find(pid); - if (project != null) { - final var info = new ProjectInfo(project); - info.setVersions(versionDao.list(project)); - info.setComponents(componentDao.list(project)); - info.setIssueSummary(projectDao.getIssueSummary(project)); - viewModel.setProjectInfo(info); - } - } + final var project = projectDao.findByNode(pathParameters.get("project")); + if (project == null) + return; + + final var info = new ProjectInfo(project); + info.setVersions(versionDao.list(project)); + info.setComponents(componentDao.list(project)); + info.setIssueSummary(projectDao.getIssueSummary(project)); + viewModel.setProjectInfo(info); // Select Version - final var pathParamVersion = pathParameters.get("version"); - if ("no-version".equals(pathParamVersion)) { + final var versionNode = pathParameters.get("version"); + if ("no-version".equals(versionNode)) { viewModel.setVersionFilter(ProjectView.NO_VERSION); - } else if ("all-versions".equals(pathParamVersion)) { + } else if ("all-versions".equals(versionNode)) { viewModel.setVersionFilter(ProjectView.ALL_VERSIONS); } else { - final int vid = Functions.parseIntOrZero(pathParamVersion); - if (vid > 0) { - viewModel.setVersionFilter(versionDao.find(vid)); - } + viewModel.setVersionFilter(versionDao.findByNode(project, versionNode)); } // Select Component - final var pathParamComponent = pathParameters.get("component"); - if ("no-component".equals(pathParamComponent)) { + final var componentNode = pathParameters.get("component"); + if ("no-component".equals(componentNode)) { viewModel.setComponentFilter(ProjectView.NO_COMPONENT); - } else if ("all-components".equals(pathParamComponent)) { + } else if ("all-components".equals(componentNode)) { viewModel.setComponentFilter(ProjectView.ALL_COMPONENTS); } else { - final int cid = Functions.parseIntOrZero(pathParamComponent); - if (cid > 0) { - viewModel.setComponentFilter(componentDao.find(cid)); - } + viewModel.setComponentFilter(componentDao.findByNode(project, componentNode)); + } + } + + private static String sanitizeNode(String node, String defaultValue) { + String result = node == null || node.isBlank() ? defaultValue : node; + result = result.replace('/', '-'); + if (result.equals(".") || result.equals("..")) { + return "_"+result; + } else { + return result; } } @@ -170,6 +172,10 @@ try { final var project = new Project(getParameter(req, Integer.class, "pid").orElseThrow()); project.setName(getParameter(req, String.class, "name").orElseThrow()); + + final var node = getParameter(req, String.class, "node").orElse(null); + project.setNode(sanitizeNode(node, project.getName())); + getParameter(req, String.class, "description").ifPresent(project::setDescription); getParameter(req, String.class, "repoUrl").ifPresent(project::setRepoUrl); getParameter(req, Integer.class, "owner").map( @@ -301,14 +307,23 @@ public ResponseType commitVersion(HttpServletRequest req, HttpServletResponse resp, DataAccessObjects dao) throws IOException { try { - final var project = new Project(getParameter(req, Integer.class, "pid").orElseThrow()); + final var project = dao.getProjectDao().find(getParameter(req, Integer.class, "pid").orElseThrow()); + if (project == null) { + // TODO: improve error handling, because not found is not correct for this POST request + resp.sendError(HttpServletResponse.SC_NOT_FOUND); + return ResponseType.NONE; + } final var version = new Version(getParameter(req, Integer.class, "id").orElseThrow()); version.setName(getParameter(req, String.class, "name").orElseThrow()); + + final var node = getParameter(req, String.class, "node").orElse(null); + version.setNode(sanitizeNode(node, version.getName())); + getParameter(req, Integer.class, "ordinal").ifPresent(version::setOrdinal); version.setStatus(VersionStatus.valueOf(getParameter(req, String.class, "status").orElseThrow())); dao.getVersionDao().saveOrUpdate(version, project); - setRedirectLocation(req, "./projects/" + project.getId() + "/versions/"); + setRedirectLocation(req, "./projects/" + project.getNode() + "/versions/"); setContentPage(req, Constants.JSP_COMMIT_SUCCESSFUL); } catch (NoSuchElementException | IllegalArgumentException | SQLException ex) { resp.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED); @@ -373,9 +388,18 @@ public ResponseType commitComponent(HttpServletRequest req, HttpServletResponse resp, DataAccessObjects dao) throws IOException { try { - final var project = new Project(getParameter(req, Integer.class, "pid").orElseThrow()); + final var project = dao.getProjectDao().find(getParameter(req, Integer.class, "pid").orElseThrow()); + if (project == null) { + // TODO: improve error handling, because not found is not correct for this POST request + resp.sendError(HttpServletResponse.SC_NOT_FOUND); + return ResponseType.NONE; + } final var component = new Component(getParameter(req, Integer.class, "id").orElseThrow()); component.setName(getParameter(req, String.class, "name").orElseThrow()); + + final var node = getParameter(req, String.class, "node").orElse(null); + component.setNode(sanitizeNode(node, component.getName())); + component.setColor(getParameter(req, WebColor.class, "color").orElseThrow()); getParameter(req, Integer.class, "ordinal").ifPresent(component::setOrdinal); getParameter(req, Integer.class, "lead").map( @@ -385,7 +409,7 @@ dao.getComponentDao().saveOrUpdate(component, project); - setRedirectLocation(req, "./projects/" + project.getId() + "/components/"); + setRedirectLocation(req, "./projects/" + project.getNode() + "/components/"); setContentPage(req, Constants.JSP_COMMIT_SUCCESSFUL); } catch (NoSuchElementException | IllegalArgumentException | SQLException ex) { resp.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED); @@ -461,7 +485,13 @@ } else { component = null; } - issue.setProject(new Project(getParameter(req, Integer.class, "pid").orElseThrow())); + final var project = dao.getProjectDao().find(getParameter(req, Integer.class, "pid").orElseThrow()); + if (project == null) { + // TODO: improve error handling, because not found is not correct for this POST request + resp.sendError(HttpServletResponse.SC_NOT_FOUND); + return ResponseType.NONE; + } + issue.setProject(project); getParameter(req, String.class, "category").map(IssueCategory::valueOf).ifPresent(issue::setCategory); getParameter(req, String.class, "status").map(IssueStatus::valueOf).ifPresent(issue::setStatus); issue.setSubject(getParameter(req, String.class, "subject").orElseThrow()); @@ -493,7 +523,7 @@ dao.getIssueDao().saveOrUpdate(issue, issue.getProject()); // TODO: fix issue #14 - setRedirectLocation(req, "./projects/" + issue.getProject().getId() + "/all-components/all-versions/issues/"); + setRedirectLocation(req, "./projects/" + issue.getProject().getNode() + "/all-components/all-versions/issues/"); setContentPage(req, Constants.JSP_COMMIT_SUCCESSFUL); return ResponseType.HTML; @@ -532,7 +562,7 @@ dao.getIssueDao().saveComment(issueComment); // TODO: fix redirect location (e.g. after fixing #24) - setRedirectLocation(req, "./projects/" + issue.getProject().getId()+"/issues/"+issue.getId()+"/edit"); + setRedirectLocation(req, "./projects/" + issue.getProject().getNode()+"/issues/"+issue.getId()+"/edit"); setContentPage(req, Constants.JSP_COMMIT_SUCCESSFUL); return ResponseType.HTML;