X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-certman%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fcm%2Fvalidation%2FCertmanValidator.java;h=5835b31f6bfbf3941f5a6b34398e6779537f63aa;hb=4a5f63f7f149ecba9556ee67a4ca00fb51845bf0;hp=bb157a2ed2c8b2512ce6db4a8ce5014d75e5f586;hpb=9a83564f360cd25eea0b7016356fc41145f5d559;p=aaf%2Fauthz.git

diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
index bb157a2e..5835b31f 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
@@ -22,6 +22,7 @@
 package org.onap.aaf.auth.cm.validation;
 
 import java.util.List;
+import java.util.regex.Pattern;
 
 import org.onap.aaf.auth.dao.cass.ArtiDAO;
 import org.onap.aaf.auth.dao.cass.ArtiDAO.Data;
@@ -47,7 +48,13 @@ public class CertmanValidator extends Validator{
     private static final String MUST_HAVE_AT_LEAST = " must have at least ";
     private static final String IS_NULL = " is null.";
     private static final String ARTIFACTS_MUST_HAVE_AT_LEAST = "Artifacts must have at least ";
-
+	private static final Pattern ALPHA_NUM = Pattern.compile("[a-zA-Z0-9]*");
+	
+	private static boolean disallowTmp = true;
+	public static void allowTmp() {
+		disallowTmp=false;
+	}
+	
     public CertmanValidator nullBlankMin(String name, List<String> list, int min) {
         if (list==null) {
             msg(name + IS_NULL);
@@ -72,6 +79,9 @@ public class CertmanValidator extends Validator{
             } else {
                 for (ArtiDAO.Data a : list) {
                     allRequired(a);
+                    if(disallowTmp && a.dir!=null && a.dir.startsWith("/tmp")) {
+                    	msg("Certificates may not be deployed into /tmp directory (they will be removed at a random time by O/S)");
+                    }
                 }
             }
         }
@@ -96,7 +106,8 @@ public class CertmanValidator extends Validator{
             nullOrBlank(MACHINE, a.machine);
             nullOrBlank("ca",a.ca);
             nullOrBlank("dir",a.dir);
-            nullOrBlank("os_user",a.os_user);
+           	match("NS must be dot separated AlphaNumeric",a.ns,NAME_CHARS);
+            match("O/S User must be AlphaNumeric",a.os_user,ALPHA_NUM);
             // Note: AppName, Notify & Sponsor are currently not required
         }
         return this;