From f02304e2f347798c28c67330cfe77e778ae643a3 Mon Sep 17 00:00:00 2001 From: Vladyslav_Prykhodko Date: Mon, 8 Nov 2021 16:43:23 +0200 Subject: [PATCH] Add max fields length validation --- .../java/org/thingsboard/server/common/data/ContactBased.java | 1 + .../java/org/thingsboard/server/common/data/DashboardInfo.java | 1 + .../java/org/thingsboard/server/common/data/DeviceProfile.java | 1 + .../server/common/data/widget/WidgetTypeDetails.java | 2 +- .../thingsboard/server/common/data/widget/WidgetsBundle.java | 1 + 5 files changed, 5 insertions(+), 1 deletion(-) diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/ContactBased.java b/common/data/src/main/java/org/thingsboard/server/common/data/ContactBased.java index 4a57a84b1c..bcbce04898 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/ContactBased.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/ContactBased.java @@ -44,6 +44,7 @@ public abstract class ContactBased extends SearchTextBasedW @Length(fieldName = "phone") @NoXss protected String phone; + @Length(fieldName = "email") @NoXss protected String email; diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/DashboardInfo.java b/common/data/src/main/java/org/thingsboard/server/common/data/DashboardInfo.java index 4463ef9657..ddf7bbac36 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/DashboardInfo.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/DashboardInfo.java @@ -35,6 +35,7 @@ public class DashboardInfo extends SearchTextBased implements HasNa @NoXss @Length(fieldName = "title") private String title; + @Length(fieldName = "image", max = 1000000) private String image; @Valid private Set assignedCustomers; diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/DeviceProfile.java b/common/data/src/main/java/org/thingsboard/server/common/data/DeviceProfile.java index 4c5a2183cb..8a815547d6 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/DeviceProfile.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/DeviceProfile.java @@ -54,6 +54,7 @@ public class DeviceProfile extends SearchTextBased implements H @NoXss @ApiModelProperty(position = 11, value = "Device Profile description. ") private String description; + @Length(fieldName = "image", max = 1000000) @ApiModelProperty(position = 12, value = "Either URL or Base64 data of the icon. Used in the mobile application to visualize set of device profiles in the grid view. ") private String image; private boolean isDefault; diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/widget/WidgetTypeDetails.java b/common/data/src/main/java/org/thingsboard/server/common/data/widget/WidgetTypeDetails.java index 1af83de90d..8c3813d5c1 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/widget/WidgetTypeDetails.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/widget/WidgetTypeDetails.java @@ -26,7 +26,7 @@ import org.thingsboard.server.common.data.validation.NoXss; @JsonPropertyOrder({ "alias", "name", "image", "description", "descriptor" }) public class WidgetTypeDetails extends WidgetType { - @NoXss + @Length(fieldName = "image", max = 1000000) @ApiModelProperty(position = 8, value = "Base64 encoded thumbnail", readOnly = true) private String image; @NoXss diff --git a/common/data/src/main/java/org/thingsboard/server/common/data/widget/WidgetsBundle.java b/common/data/src/main/java/org/thingsboard/server/common/data/widget/WidgetsBundle.java index 2d04f3d4ef..d0df03702e 100644 --- a/common/data/src/main/java/org/thingsboard/server/common/data/widget/WidgetsBundle.java +++ b/common/data/src/main/java/org/thingsboard/server/common/data/widget/WidgetsBundle.java @@ -50,6 +50,7 @@ public class WidgetsBundle extends SearchTextBased implements H @ApiModelProperty(position = 5, value = "Title used in search and UI", readOnly = true) private String title; + @Length(fieldName = "image", max = 1000000) @Getter @Setter @ApiModelProperty(position = 6, value = "Base64 encoded thumbnail", readOnly = true)