From 4bddfa0a4ead9834754615ead424207509887e2b Mon Sep 17 00:00:00 2001 From: Nidhi Date: Fri, 9 Apr 2021 14:03:53 +0530 Subject: [PATCH] Fixed curl import without valid tokens (#3933) --- .../server/services/CurlImporterService.java | 2 +- .../services/CurlImporterServiceTest.java | 25 +++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/app/server/appsmith-server/src/main/java/com/appsmith/server/services/CurlImporterService.java b/app/server/appsmith-server/src/main/java/com/appsmith/server/services/CurlImporterService.java index 0c1541a055..3401ecd31f 100644 --- a/app/server/appsmith-server/src/main/java/com/appsmith/server/services/CurlImporterService.java +++ b/app/server/appsmith-server/src/main/java/com/appsmith/server/services/CurlImporterService.java @@ -255,7 +255,7 @@ public class CurlImporterService extends BaseApiImporter { public ActionDTO parse(List tokens) throws AppsmithException { // Curl argument parsing as per . - if (!"curl".equals(tokens.get(0))) { + if (tokens.isEmpty() || !"curl".equals(tokens.get(0))) { // Doesn't look like a curl command. return null; } diff --git a/app/server/appsmith-server/src/test/java/com/appsmith/server/services/CurlImporterServiceTest.java b/app/server/appsmith-server/src/test/java/com/appsmith/server/services/CurlImporterServiceTest.java index cca24d3470..a072003c32 100644 --- a/app/server/appsmith-server/src/test/java/com/appsmith/server/services/CurlImporterServiceTest.java +++ b/app/server/appsmith-server/src/test/java/com/appsmith/server/services/CurlImporterServiceTest.java @@ -4,10 +4,12 @@ import com.appsmith.external.models.ActionConfiguration; import com.appsmith.external.models.Property; import com.appsmith.external.plugins.PluginExecutor; import com.appsmith.server.acl.AclPermission; +import com.appsmith.server.constants.FieldName; import com.appsmith.server.domains.Application; import com.appsmith.server.domains.User; import com.appsmith.server.dtos.ActionDTO; import com.appsmith.server.dtos.PageDTO; +import com.appsmith.server.exceptions.AppsmithError; import com.appsmith.server.exceptions.AppsmithException; import lombok.extern.slf4j.Slf4j; import org.junit.Before; @@ -102,6 +104,27 @@ public class CurlImporterServiceTest { .isEqualTo(List.of("curl", "some args with lots of space")); } + @Test + @WithUserDetails(value = "api_user") + public void testImportAction_EmptyLex() { + // Set up the application & page for which this import curl action would be added + Application app = new Application(); + app.setName("curlTest Incorrect Command"); + + Application application = applicationPageService.createApplication(app, orgId).block(); + assert application != null; + PageDTO page = newPageService.findPageById(application.getPages().get(0).getId(), AclPermission.MANAGE_PAGES, false).block(); + + assert page != null; + Mono action = curlImporterService.importAction("'", page.getId(), "actionName", orgId); + + StepVerifier + .create(action) + .expectErrorMatches(throwable -> throwable instanceof AppsmithException && + throwable.getMessage().equals(AppsmithError.INVALID_CURL_COMMAND.getMessage())) + .verify(); + } + @Test @WithUserDetails(value = "api_user") public void importValidCurlCommand() { @@ -110,9 +133,11 @@ public class CurlImporterServiceTest { app.setName("curlTest App"); Application application = applicationPageService.createApplication(app, orgId).block(); + assert application != null; PageDTO page = newPageService.findPageById(application.getPages().get(0).getId(), AclPermission.MANAGE_PAGES, false).block(); String command = "curl -X GET http://localhost:8080/api/v1/actions?name=something -H 'Accept: */*' -H 'Accept-Encoding: gzip, deflate' -H 'Authorization: Basic YXBpX3VzZXI6OHVBQDsmbUI6Y252Tn57Iw==' -H 'Cache-Control: no-cache' -H 'Connection: keep-alive' -H 'Content-Type: application/json' -H 'Cookie: SESSION=97c5def4-4f72-45aa-96fe-e8a9f5ade0b5,SESSION=97c5def4-4f72-45aa-96fe-e8a9f5ade0b5; SESSION=' -H 'Host: localhost:8080' -H 'Postman-Token: 16e4b6bc-2c7a-4ab1-a127-bca382dfc0f0,a6655daa-db07-4c5e-aca3-3fd505bd230d' -H 'User-Agent: PostmanRuntime/7.20.1' -H 'cache-control: no-cache' -d '{someJson}'"; + assert page != null; Mono action = curlImporterService.importAction(command, page.getId(), "actionName", orgId); StepVerifier .create(action)