Added more parameter checks and OAuth2Client web-service tests.
Change-Id: I310ec386cc12c527d1b051e104e5ea95777189f4
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index 64cafd6..51f8022 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -83,6 +83,7 @@
String registeredBy) throws KustvaktException {
try {
ParameterChecker.checkNameValue(clientJson.getName(), "client_name");
+ ParameterChecker.checkObjectValue(clientJson.getType(), "client_type");
}
catch (KustvaktException e) {
throw new KustvaktException(e.getStatusCode(), e.getMessage(),
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/QueryService.java b/full/src/main/java/de/ids_mannheim/korap/service/QueryService.java
index 3bda7f3..750dba4 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/QueryService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/QueryService.java
@@ -627,6 +627,8 @@
String createdBy, QueryType queryType, String fieldName)
throws KustvaktException {
+ ParameterChecker.checkStringValue(fieldName, "fieldName");
+
if (!adminDao.isAdmin(username)) {
throw new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
"Unauthorized operation for user: " + username, username);