Validate tenant creation request data

Fix tenant already exists exception not being thrown

Author: alexivanov

gradlew

@@ -24,7 +24,7 @@ private SecurityException(final String msg) {
 		super(msg);
 	}
 
-	public static SecurityException tenantAlreadyExisits(final String tenant) {
+	public static SecurityException tenantAlreadyExists(final String tenant) {
 		return new SecurityException("Tenant Already existing with "+tenant+" identifier");
 	}
 }

src/main/java/org/fineract/messagegateway/exception/SecurityException.java

@@ -73,7 +73,7 @@ public String generateApiKey(final SMSBridge smsBridge) {
     public String generateApiKey(final String tenantId) {
     	Tenant tenant = this.tenantRepository.findByTenantId(tenantId) ;
     	if(tenant != null) {
-    		org.fineract.messagegateway.exception.SecurityException.tenantAlreadyExisits(tenantId) ;
+    		throw org.fineract.messagegateway.exception.SecurityException.tenantAlreadyExists(tenantId) ;
     	}
 
         final String randomKey = UUID.randomUUID().toString();

src/main/java/org/fineract/messagegateway/service/SecurityService.java

@@ -18,11 +18,16 @@
  */
 package org.fineract.messagegateway.tenants.api;
 
-import org.fineract.messagegateway.tenants.domain.Tenant;
+import org.fineract.messagegateway.exception.PlatformApiDataValidationException;
+import org.fineract.messagegateway.exception.UnsupportedParameterException;
+import org.fineract.messagegateway.helpers.ApiGlobalErrorResponse;
+import org.fineract.messagegateway.helpers.PlatformApiDataValidationExceptionMapper;
+import org.fineract.messagegateway.helpers.UnsupportedParameterExceptionMapper;
 import org.fineract.messagegateway.tenants.service.TenantsService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -40,8 +45,18 @@ public TenantsApiResource(final TenantsService tenantService) {
 	}
 
 	@RequestMapping(method = RequestMethod.POST, consumes = {"application/json"}, produces = {"application/json"})
-    public ResponseEntity<String> createSMSBridgeConfig(@RequestBody final Tenant tenant) {
-    		 String appKey = this.tenantService.createTenant(tenant) ;
-    		 return new ResponseEntity<>(appKey, HttpStatus.CREATED);
+    public ResponseEntity<String> createSMSBridgeConfig(@RequestBody final String requestJson) {
+		String appKey = this.tenantService.createTenant(requestJson) ;
+		return new ResponseEntity<>(appKey, HttpStatus.CREATED);
     }
+
+	@ExceptionHandler({PlatformApiDataValidationException.class})
+	public ResponseEntity<ApiGlobalErrorResponse> handlePlatformApiDataValidationException(PlatformApiDataValidationException e) {
+		return PlatformApiDataValidationExceptionMapper.toResponse(e) ;
+	}
+
+	@ExceptionHandler({UnsupportedParameterException.class})
+	public ResponseEntity<ApiGlobalErrorResponse> handleUnsupportedParameterException(UnsupportedParameterException e) {
+		return UnsupportedParameterExceptionMapper.toResponse(e) ;
+	}
 }

src/main/java/org/fineract/messagegateway/tenants/api/TenantsApiResource.java

@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.fineract.messagegateway.tenants.constants;
+
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.fineract.messagegateway.constants.MessageGatewayConstants;
+
+public interface TenantConstants extends MessageGatewayConstants {
+
+	String TENANTS_RESOURCE_NAME = "tenants";
+
+	String TENANT_ID = "tenantId";
+	String TENANT_DESCRIPTION = "description";
+
+
+	// list of allowed parameters for tenant creation request
+	Set<String> CREATE_REQUEST_PARAMETERS = new HashSet<>(Arrays.asList(TENANT_ID, TENANT_DESCRIPTION));
+
+}

src/main/java/org/fineract/messagegateway/tenants/constants/TenantConstants.java

@@ -0,0 +1,78 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.fineract.messagegateway.tenants.serialization;
+
+import java.lang.reflect.Type;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import org.fineract.messagegateway.exception.PlatformApiDataValidationException;
+import org.fineract.messagegateway.helpers.ApiParameterError;
+import org.fineract.messagegateway.helpers.DataValidatorBuilder;
+import org.fineract.messagegateway.helpers.FromJsonHelper;
+import org.fineract.messagegateway.tenants.constants.TenantConstants;
+import org.fineract.messagegateway.tenants.domain.Tenant;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import com.google.gson.JsonElement;
+import com.google.gson.reflect.TypeToken;
+
+@Component
+public class TenantSerializer {
+
+	private final FromJsonHelper fromJsonHelper;
+
+	@Autowired
+	public TenantSerializer(FromJsonHelper fromJsonHelper) {
+		this.fromJsonHelper = fromJsonHelper;
+	}
+
+	public Tenant validateCreateRequest(final String json) {
+		final Type typeOfMap = new TypeToken<Map<String, Object>>() {}.getType();
+		this.fromJsonHelper.checkForUnsupportedParameters(typeOfMap, json,
+				TenantConstants.CREATE_REQUEST_PARAMETERS);
+
+		final List<ApiParameterError> dataValidationErrors = new ArrayList<>();
+		final DataValidatorBuilder baseDataValidator = new DataValidatorBuilder(dataValidationErrors)
+				.resource(TenantConstants.TENANTS_RESOURCE_NAME);
+		final JsonElement element = this.fromJsonHelper.parse(json);
+
+
+		final String tenantId = this.fromJsonHelper.extractStringNamed(TenantConstants.TENANT_ID, element);
+		baseDataValidator.reset().parameter(TenantConstants.TENANT_ID)
+				.value(tenantId).notBlank().notExceedingLengthOf(32);
+
+		String tenantDescription = null;
+		if(this.fromJsonHelper.parameterExists(TenantConstants.TENANT_DESCRIPTION, element)) {
+			tenantDescription = this.fromJsonHelper.extractStringNamed(TenantConstants.TENANT_DESCRIPTION,
+					element);
+			baseDataValidator.reset().parameter(TenantConstants.TENANT_DESCRIPTION).value(tenantDescription)
+					.notBlank().notExceedingLengthOf(500);
+		}
+
+		if (!dataValidationErrors.isEmpty()) {
+			throw new PlatformApiDataValidationException("validation.msg.validation.errors.exist",
+					"Validation errors exist.", dataValidationErrors);
+		}
+
+		return new Tenant(tenantId, null, tenantDescription);
+	}
+}

src/main/java/org/fineract/messagegateway/tenants/serialization/TenantSerializer.java

@@ -22,6 +22,7 @@
 import org.fineract.messagegateway.tenants.domain.Tenant;
 import org.fineract.messagegateway.tenants.exception.TenantNotFoundException;
 import org.fineract.messagegateway.tenants.repository.TenantRepository;
+import org.fineract.messagegateway.tenants.serialization.TenantSerializer;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -31,15 +32,19 @@ public class TenantsService {
 	private final TenantRepository tenantRepository ;
 
 	private final SecurityService securityService ;
-	
+
+	private final TenantSerializer tenantSerializer;
+
 	@Autowired
 	public TenantsService(final TenantRepository tenantRepository,
-			final SecurityService securityService) {
+				final SecurityService securityService, TenantSerializer tenantSerializer) {
 		this.tenantRepository = tenantRepository ;
 		this.securityService = securityService ;
+		this.tenantSerializer = tenantSerializer;
 	}
-	
-	public String createTenant(final Tenant tenant) {
+
+	public String createTenant(final String requestJson) {
+		Tenant tenant = tenantSerializer.validateCreateRequest(requestJson);
 		tenant.setTenantAppKey(this.securityService.generateApiKey(tenant.getTenantId()));
 		this.tenantRepository.save(tenant) ;
 		return tenant.getTenantAppKey() ;