X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-certman%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fcm%2Fvalidation%2FCertmanValidator.java;h=cdd501cef958ea7fae57120886b948490a1d7386;hb=3d1706fcbe7f95830ff6fd23cf679ee55c6d0595;hp=bb157a2ed2c8b2512ce6db4a8ce5014d75e5f586;hpb=4369a1d6c0e12cd46676c32aedf755a95f659f14;p=aaf%2Fauthz.git

diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
index bb157a2e..cdd501ce 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
@@ -22,6 +22,7 @@
 package org.onap.aaf.auth.cm.validation;
 
 import java.util.List;
+import java.util.regex.Pattern;
 
 import org.onap.aaf.auth.dao.cass.ArtiDAO;
 import org.onap.aaf.auth.dao.cass.ArtiDAO.Data;
@@ -47,7 +48,13 @@ public class CertmanValidator extends Validator{
     private static final String MUST_HAVE_AT_LEAST = " must have at least ";
     private static final String IS_NULL = " is null.";
     private static final String ARTIFACTS_MUST_HAVE_AT_LEAST = "Artifacts must have at least ";
-
+    private static final Pattern ALPHA_NUM = Pattern.compile("[a-zA-Z0-9]*");
+    
+    private static boolean disallowTmp = true;
+    public static void allowTmp() {
+        disallowTmp=false;
+    }
+    
     public CertmanValidator nullBlankMin(String name, List<String> list, int min) {
         if (list==null) {
             msg(name + IS_NULL);
@@ -72,6 +79,9 @@ public class CertmanValidator extends Validator{
             } else {
                 for (ArtiDAO.Data a : list) {
                     allRequired(a);
+                    if(disallowTmp && a.dir!=null && a.dir.startsWith("/tmp")) {
+                        msg("Certificates may not be deployed into /tmp directory (they will be removed at a random time by O/S)");
+                    }
                 }
             }
         }
@@ -96,7 +106,8 @@ public class CertmanValidator extends Validator{
             nullOrBlank(MACHINE, a.machine);
             nullOrBlank("ca",a.ca);
             nullOrBlank("dir",a.dir);
-            nullOrBlank("os_user",a.os_user);
+               match("NS must be dot separated AlphaNumeric",a.ns,NAME_CHARS);
+            match("O/S User must be AlphaNumeric",a.os_user,ALPHA_NUM);
             // Note: AppName, Notify & Sponsor are currently not required
         }
         return this;