From 3a704c322a272e5800d216c3bde144e7640711af Mon Sep 17 00:00:00 2001
From: Peter Hormanns <peter.hormanns@jalin.de>
Date: Mon, 28 Dec 2015 20:07:00 +0100
Subject: [PATCH] extend validation of user and database names

---
 hsarback/src/de/hsadmin/mods/db/Database.java |  2 +-
 .../src/de/hsadmin/mods/db/DatabaseUser.java  |  4 ++--
 .../src/de/hsadmin/mods/email/EMailAlias.java |  2 +-
 .../src/de/hsadmin/mods/user/UnixUser.java    |  4 ++--
 .../test/de/hsadmin/validate/PacName.java     | 20 +++++++++++++++++++
 5 files changed, 26 insertions(+), 6 deletions(-)
 create mode 100644 hsarback/test/de/hsadmin/validate/PacName.java

diff --git a/hsarback/src/de/hsadmin/mods/db/Database.java b/hsarback/src/de/hsadmin/mods/db/Database.java
index 9ffb6c6..19d436c 100644
--- a/hsarback/src/de/hsadmin/mods/db/Database.java
+++ b/hsarback/src/de/hsadmin/mods/db/Database.java
@@ -48,7 +48,7 @@ public abstract class Database extends AbstractEntity implements Serializable {
 	@Column(name = "engine", columnDefinition = "character varying(12)", updatable=false)
 	private String instance;
 
-	@AnnFieldIO(validation="[a-z0-9\\_]*", rw=ReadWriteAccess.WRITEONCE)
+	@AnnFieldIO(validation="[a-z0-9]{5}_[a-z0-9_]{1,}", rw=ReadWriteAccess.WRITEONCE)
 	@Column(name = "name", columnDefinition = "character varying(24)", updatable=false)
 	private String name;
 
diff --git a/hsarback/src/de/hsadmin/mods/db/DatabaseUser.java b/hsarback/src/de/hsadmin/mods/db/DatabaseUser.java
index 7bd4895..b8a3d71 100644
--- a/hsarback/src/de/hsadmin/mods/db/DatabaseUser.java
+++ b/hsarback/src/de/hsadmin/mods/db/DatabaseUser.java
@@ -43,11 +43,11 @@ public abstract class DatabaseUser extends AbstractEntity implements Serializabl
 	@Column(name = "dbuser_id", columnDefinition = "integer", updatable=false, insertable=false)
 	private long id;
 
-	@AnnFieldIO(validation="[a-z0-9\\_]*", rw=ReadWriteAccess.WRITEONCE)
+	@AnnFieldIO(validation="[a-z0-9]{5}_[a-z0-9_]{1,}", rw=ReadWriteAccess.WRITEONCE)
 	@Column(name = "name", columnDefinition = "character varying(24)", updatable=false)
 	private String name;
 
-	@AnnFieldIO(validation="[^']*", rw=ReadWriteAccess.WRITEONLY)
+	@AnnFieldIO(validation="[^']{6,}", rw=ReadWriteAccess.WRITEONLY)
 	@Transient
 	private String password;
 
diff --git a/hsarback/src/de/hsadmin/mods/email/EMailAlias.java b/hsarback/src/de/hsadmin/mods/email/EMailAlias.java
index 1390d6f..62affc7 100644
--- a/hsarback/src/de/hsadmin/mods/email/EMailAlias.java
+++ b/hsarback/src/de/hsadmin/mods/email/EMailAlias.java
@@ -48,7 +48,7 @@ public class EMailAlias extends AbstractEntity implements Serializable {
 	@AnnFieldIO(validation="[a-z0-9]*", rw=ReadWriteAccess.READONLY)
 	private Pac pac;
 
-	@AnnFieldIO(validation="[a-z0-9\\_\\-\\.\\+]*", rw=ReadWriteAccess.WRITEONCE)
+	@AnnFieldIO(validation="[a-z0-9]{5}-[a-z0-9\\.\\_\\+]{1,}", rw=ReadWriteAccess.WRITEONCE)
 	@Column(updatable=false)
 	private String name;
 
diff --git a/hsarback/src/de/hsadmin/mods/user/UnixUser.java b/hsarback/src/de/hsadmin/mods/user/UnixUser.java
index f89b809..a848c8e 100644
--- a/hsarback/src/de/hsadmin/mods/user/UnixUser.java
+++ b/hsarback/src/de/hsadmin/mods/user/UnixUser.java
@@ -40,11 +40,11 @@ public class UnixUser extends AbstractEntity implements Serializable {
 	@Column(name="userid", columnDefinition="integer", nullable=false, updatable=false)
 	private long userId;
 
-	@AnnFieldIO(validation="[a-z0-9\\_\\-\\.]*", rw=ReadWriteAccess.WRITEONCE)
+	@AnnFieldIO(validation="[a-z0-9]{5}-[a-z0-9\\.\\_]{1,}", rw=ReadWriteAccess.WRITEONCE)
 	@Column(name="name", columnDefinition = "character varying(24)", unique=true, updatable=false)
 	private String name;
 
-	@AnnFieldIO(validation="[^:]*", rw=ReadWriteAccess.WRITEONLY)
+	@AnnFieldIO(validation="[^:]{6,}", rw=ReadWriteAccess.WRITEONLY)
 	@Transient
 	private String password;
 
diff --git a/hsarback/test/de/hsadmin/validate/PacName.java b/hsarback/test/de/hsadmin/validate/PacName.java
new file mode 100644
index 0000000..d77a213
--- /dev/null
+++ b/hsarback/test/de/hsadmin/validate/PacName.java
@@ -0,0 +1,20 @@
+package de.hsadmin.validate;
+
+import java.util.regex.Pattern;
+
+
+public class PacName {
+
+	public static void main(String[] args) {
+		Pattern pattern = Pattern.compile("[a-z0-9]{5}-[a-z0-9\\.\\_]{1,}");
+		System.out.println("xyz00-a.b " + pattern.matcher("xyz00-a.b").matches());
+		System.out.println("xyz00-a-b " + pattern.matcher("xyz00-a-b").matches());
+		System.out.println("xyz00-a.B " + pattern.matcher("xyz00-a.B").matches());
+		System.out.println("xyz00- " + pattern.matcher("xyz00-").matches());
+		System.out.println("xyz00 " + pattern.matcher("xyz00").matches());
+		System.out.println("xyz0 " + pattern.matcher("xyz0").matches());
+		System.out.println("xyz00_a " + pattern.matcher("xyz00_a").matches());
+		System.out.println("xyz00-a.b:c " + pattern.matcher("xyz00-a.b:c").matches());
+	}
+
+}