From af4e20c9711c27abde066beb794d2b9c4ee1929d Mon Sep 17 00:00:00 2001 From: Anthony Stirling <77850077+Frooodle@users.noreply.github.com.> Date: Mon, 21 Jul 2025 16:17:49 +0100 Subject: [PATCH] add @Valid --- .../controller/api/AdminSettingsController.java | 15 +++++---------- .../api/admin/UpdateSettingValueRequest.java | 5 ++++- .../model/api/admin/UpdateSettingsRequest.java | 8 +++++++- 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/AdminSettingsController.java b/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/AdminSettingsController.java index 5fe1b9176..78910f8b8 100644 --- a/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/AdminSettingsController.java +++ b/app/proprietary/src/main/java/stirling/software/proprietary/security/controller/api/AdminSettingsController.java @@ -14,6 +14,8 @@ import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.util.HtmlUtils; +import jakarta.validation.Valid; + import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.responses.ApiResponses; @@ -76,12 +78,9 @@ public class AdminSettingsController { responseCode = "500", description = "Failed to save settings to configuration file") }) - public ResponseEntity updateSettings(@RequestBody UpdateSettingsRequest request) { + public ResponseEntity updateSettings(@Valid @RequestBody UpdateSettingsRequest request) { try { Map settings = request.getSettings(); - if (settings == null || settings.isEmpty()) { - return ResponseEntity.badRequest().body("No settings provided to update"); - } int updatedCount = 0; for (Map.Entry entry : settings.entrySet()) { @@ -160,7 +159,7 @@ public class AdminSettingsController { @ApiResponse(responseCode = "500", description = "Failed to save settings") }) public ResponseEntity updateSettingsSection( - @PathVariable String sectionName, @RequestBody Map sectionData) { + @PathVariable String sectionName, @Valid @RequestBody Map sectionData) { try { if (sectionData == null || sectionData.isEmpty()) { return ResponseEntity.badRequest().body("No section data provided to update"); @@ -246,12 +245,8 @@ public class AdminSettingsController { @ApiResponse(responseCode = "500", description = "Failed to save setting") }) public ResponseEntity updateSettingValue( - @PathVariable String key, @RequestBody UpdateSettingValueRequest request) { + @PathVariable String key, @Valid @RequestBody UpdateSettingValueRequest request) { try { - if (request.getValue() == null) { - return ResponseEntity.badRequest().body("Request body must contain 'value' field"); - } - Object value = request.getValue(); log.info("Admin updating single setting: {} = {}", key, value); GeneralUtils.saveKeyToSettings(key, value); diff --git a/proprietary/src/main/java/stirling/software/proprietary/security/model/api/admin/UpdateSettingValueRequest.java b/proprietary/src/main/java/stirling/software/proprietary/security/model/api/admin/UpdateSettingValueRequest.java index a49171989..c1e0506d4 100644 --- a/proprietary/src/main/java/stirling/software/proprietary/security/model/api/admin/UpdateSettingValueRequest.java +++ b/proprietary/src/main/java/stirling/software/proprietary/security/model/api/admin/UpdateSettingValueRequest.java @@ -1,5 +1,7 @@ package stirling.software.proprietary.security.model.api.admin; +import jakarta.validation.constraints.NotNull; + import io.swagger.v3.oas.annotations.media.Schema; import lombok.Data; @@ -8,6 +10,7 @@ import lombok.Data; @Schema(description = "Request object for updating a single setting value") public class UpdateSettingValueRequest { - @Schema(description = "The new value for the setting", example = "true") + @NotNull(message = "Setting value cannot be null") + @Schema(description = "The new value for the setting", example = "true", required = true) private Object value; } diff --git a/proprietary/src/main/java/stirling/software/proprietary/security/model/api/admin/UpdateSettingsRequest.java b/proprietary/src/main/java/stirling/software/proprietary/security/model/api/admin/UpdateSettingsRequest.java index 85616f0b3..15dc2b6e7 100644 --- a/proprietary/src/main/java/stirling/software/proprietary/security/model/api/admin/UpdateSettingsRequest.java +++ b/proprietary/src/main/java/stirling/software/proprietary/security/model/api/admin/UpdateSettingsRequest.java @@ -2,6 +2,9 @@ package stirling.software.proprietary.security.model.api.admin; import java.util.Map; +import jakarta.validation.constraints.NotEmpty; +import jakarta.validation.constraints.NotNull; + import io.swagger.v3.oas.annotations.media.Schema; import lombok.Data; @@ -12,6 +15,8 @@ import lombok.Data; "Request object for delta updates to application settings. Only include the settings you want to change. Uses dot notation for nested properties (e.g., 'system.enableAnalytics', 'ui.appName')") public class UpdateSettingsRequest { + @NotNull(message = "Settings map cannot be null") + @NotEmpty(message = "Settings map cannot be empty") @Schema( description = "Map of setting keys to their new values. Only include changed settings (delta updates). Keys use dot notation for nested properties.", @@ -20,6 +25,7 @@ public class UpdateSettingsRequest { + " \"system.enableAnalytics\": true,\n" + " \"ui.appName\": \"My Custom PDF Tool\",\n" + " \"security.enableLogin\": false\n" - + "}") + + "}", + required = true) private Map settings; }