Merged changelog to Changes & updated status codes.
Change-Id: I8a9a7c80b8785b17d17d5307e28783399274eb82
diff --git a/core/Changes b/core/Changes
index 1d33f8d..7434a31 100644
--- a/core/Changes
+++ b/core/Changes
@@ -1,15 +1,21 @@
-0.59.10 2018-02-01
+version 0.59.10
+07/02/2018
- updated hibernate and reflection versions (margaretha)
- added Changes file (margaretha)
- merged BeanConfigBaseTest to BeanConfigTest in /full (margaretha)
- added status code for already deleted entry (margaretha)
- updated library versions and java environment (margaretha)
- added status codes (margaretha)
-0.59.9 2017-11-08
+ - moved validation.properties (margaretha)
+
+version 0.59.9
+08/11/2017
- fixed missing exception in JsonUtils (margaretha)
- fixed and restructured KustvaktResponseHandler (margaretha)
- updated status code in ParameterChecker (margaretha)
-0.59.8 2017-10-24
+
+version 0.59.8
+24/10/2017
- restructured Kustvakt and created core project (margaretha)
- marked loader classes as deprecated (margaretha)
- updated Spring version (margaretha)
diff --git a/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java b/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
index 12a28c9..941b5af 100644
--- a/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
+++ b/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
@@ -85,7 +85,9 @@
// User group and member
public static final int GROUP_MEMBER_EXISTS = 601;
public static final int GROUP_MEMBER_DELETED = 602;
- public static final int INVITATION_EXPIRED = 602;
+ public static final int GROUP_MEMBER_NOT_FOUND = 603;
+ public static final int INVITATION_EXPIRED = 604;
+ public static final int GROUP_NOT_FOUND = 605;
// public static final int ARGUMENT_VALIDATION_FAILURE = 700;
diff --git a/core/src/main/resources/validation.properties b/core/src/main/resources/validation.properties
new file mode 100644
index 0000000..0a8f4f0
--- /dev/null
+++ b/core/src/main/resources/validation.properties
@@ -0,0 +1,38 @@
+# The ESAPI validator does many security checks on input, such as canonicalization
+# and whitelist validation. Note that all of these validation rules are applied *after*
+# canonicalization. Double-encoded characters (even with different encodings involved,
+# are never allowed.
+#
+# To use:
+#
+# First set up a pattern below. You can choose any name you want, prefixed by the word
+# "Validation." For example:
+# Validation.Email=^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\\.[a-zA-Z]{2,4}$
+#
+# Then you can validate in your code against the pattern like this:
+# ESAPI.validator().isValidInput("User Email", input, "Email", maxLength, allowNull);
+# Where maxLength and allowNull are set for you needs, respectively.
+#
+# But note, when you use boolean variants of validation functions, you lose critical
+# canonicalization. It is preferable to use the "get" methods (which throw exceptions) and
+# and use the returned user input which is in canonical form. Consider the following:
+#
+# try {
+# someObject.setEmail(ESAPI.validator().getValidInput("User Email", input, "Email", maxLength, allowNull));
+#
+# Validator.SafeString=^[.;:\\-\\p{Alnum}\\p{Space}]{0,1024}$
+# Validator.password_cap=((?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).{8,20})
+Validator.SafeString=^[.;:,=\\*\/\/_()\\-0-9\\p{L}\\p{Space}]{0,1024}$
+Validator.email=^[A-Za-z0-9._%'-]+@[A-Za-z0-9.-]+\\.[a-zA-Z]{2,4}$
+Validator.ipddress=^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
+Validator.url=^(ht|f)tp(s?)\\:\\/\\/[0-9a-zA-Z]([-.\\w]*[0-9a-zA-Z])*(:(0-9)*)*(\\/?)([a-zA-Z0-9\\-\\.\\?\\,\\:\\'\\/\\\\\\+=&%\\$#_]*)?$
+# Validator.CreditCard=^(\\d{4}[- ]?){3}\\d{4}$
+# Validator.SSN=^(?!000)([0-6]\\d{2}|7([0-6]\\d|7[012]))([ -]?)(?!00)\\d\\d\\3(?!0000)\\d{4}$
+
+# as used by apache commons validator for strings
+# Validator.string=^[\\.;:,\\=&\\*\\/\\/_()\\[\\]@\\|\\-0-9\\p{L}\\p{Space}]{0,1024}$
+
+#Validator.username=^[A-Za-z_.\\d]{6,15}$ by Hanl
+# 21.04.17/FB
+Validator.username=^[A-Za-z_.\\d]{3,20}$
+Validator.password=^((?=.*\\d)(?=.*[A-Za-z])(?!.*[\\(\\)-]).{8,20})$
\ No newline at end of file