Skip to content

Commit 259b58d

Browse files
diana-derosediana-derose
committed
whitelist classes
1 parent a3cc33c commit 259b58d

38 files changed

+312
-1278
lines changed

ipp-v3-java-devkit/src/main/java/com/intuit/ipp/interceptors/PrepareRequestInterceptor.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -308,7 +308,7 @@ private <T extends IEntity> String prepareQBOUri(String entityName, Context cont
308308

309309
if(context.getMinorVersion() == null)
310310
{
311-
context.setMinorVersion("40");
311+
context.setMinorVersion("41");
312312
}
313313

314314
uri.append("minorversion").append("=").append(context.getMinorVersion()).append("&");

ipp-v3-java-devkit/src/main/java/com/intuit/ipp/query/expr/EnumPath.java

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,11 +15,13 @@
1515
*******************************************************************************/
1616
package com.intuit.ipp.query.expr;
1717

18-
import com.intuit.ipp.query.Operation;
19-
import com.intuit.ipp.query.Path;
20-
2118
import java.lang.reflect.InvocationTargetException;
2219
import java.lang.reflect.Method;
20+
import java.util.List;
21+
22+
import com.intuit.ipp.query.Operation;
23+
import com.intuit.ipp.query.Path;
24+
import com.intuit.ipp.util.MessageUtils;
2325

2426
/**
2527
* Class to generate the query string for enum value
@@ -131,13 +133,24 @@ public Expression<Enum<?>> in(Enum<?>[] value) {
131133
*/
132134
private static String getValue(Enum<?> value){
133135
try{
134-
Method m = value.getClass().getDeclaredMethod("value");
136+
String methodName = validateClass(value) ? "value":"name";
137+
Method m = value.getClass().getDeclaredMethod(methodName);
135138
return (String) m.invoke(value);
136139
} catch (NoSuchMethodException ex){
137140
} catch (IllegalAccessException ex){
138141
} catch (InvocationTargetException ex){
139142
}
140143
return value.toString();
141144
}
145+
146+
/**
147+
* Validates if the Enum class is in the Intuit whitelisted list
148+
* @param value
149+
* @return
150+
*/
151+
private static boolean validateClass(Enum<?> value) {
152+
List<Object> enumList = MessageUtils.getWhitelistedEnums();
153+
return enumList.contains(value.getClass());
154+
}
142155

143156
}

ipp-v3-java-devkit/src/main/java/com/intuit/ipp/services/DataService.java

Lines changed: 48 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,6 @@
3333
import com.intuit.ipp.core.IEntity;
3434
import com.intuit.ipp.data.AttachableResponse;
3535
import com.intuit.ipp.data.BatchItemResponse;
36-
import com.intuit.ipp.data.Bill;
3736
import com.intuit.ipp.data.CDCResponse;
3837
import com.intuit.ipp.data.CreditMemo;
3938
import com.intuit.ipp.data.EntitlementsResponse;
@@ -60,6 +59,7 @@
6059
import com.intuit.ipp.net.OperationType;
6160
import com.intuit.ipp.net.UploadEntry;
6261
import com.intuit.ipp.util.Logger;
62+
import com.intuit.ipp.util.MessageUtils;
6363
import com.intuit.ipp.util.StringUtils;
6464

6565
/**
@@ -116,7 +116,7 @@ public DataService(final Context context) {
116116
*/
117117
@SuppressWarnings("unchecked")
118118
public <T extends IEntity> List<T> findAll(T entity) throws FMSException {
119-
119+
verifyEntity(entity);
120120
String intuitQuery = "SELECT * FROM " + entity.getClass().getSimpleName();
121121
QueryResult result = executeQuery(intuitQuery);
122122
return (List<T>) result.getEntities();
@@ -141,7 +141,7 @@ public QueryResult findAllTaxClassification() throws FMSException {
141141
*/
142142
@SuppressWarnings("unchecked")
143143
public <T extends IEntity> T add(T entity) throws FMSException {
144-
144+
verifyEntity(entity);
145145
IntuitMessage intuitMessage = prepareAdd(entity);
146146

147147
//execute interceptors
@@ -186,7 +186,7 @@ protected void executeAsyncInterceptors(IntuitMessage intuitMessage) {
186186
*/
187187
@SuppressWarnings("unchecked")
188188
public <T extends IEntity> T delete(T entity) throws FMSException {
189-
189+
verifyEntity(entity);
190190
IntuitMessage intuitMessage = prepareDelete(entity);
191191

192192
//execute interceptors
@@ -205,7 +205,7 @@ public <T extends IEntity> T delete(T entity) throws FMSException {
205205
*/
206206
@SuppressWarnings("unchecked")
207207
public <T extends IEntity> T update(T entity) throws FMSException {
208-
208+
verifyEntity(entity);
209209
IntuitMessage intuitMessage = prepareUpdate(entity);
210210

211211
//execute interceptors
@@ -218,7 +218,7 @@ public <T extends IEntity> T update(T entity) throws FMSException {
218218

219219
@SuppressWarnings("unchecked")
220220
public <T extends IEntity> T updateAccountOnTxns(T entity) throws FMSException {
221-
221+
verifyEntity(entity);
222222
IntuitMessage intuitMessage = prepareupdateAccountOnTxns(entity);
223223

224224
//execute interceptors
@@ -230,7 +230,7 @@ public <T extends IEntity> T updateAccountOnTxns(T entity) throws FMSException {
230230
//donotUpdateAccountOnTxns used for France Locale with Minor Version >= 5.
231231
@SuppressWarnings("unchecked")
232232
public <T extends IEntity> T donotUpdateAccountOnTxns(T entity) throws FMSException {
233-
233+
verifyEntity(entity);
234234
IntuitMessage intuitMessage = preparedonotUpdateAccountOnTxns(entity);
235235

236236
//execute interceptors
@@ -266,7 +266,7 @@ private <T extends IEntity> T retrieveEntity(IntuitMessage intuitMessage) {
266266
*/
267267
@SuppressWarnings("unchecked")
268268
public <T extends IEntity> T findById(T entity) throws FMSException {
269-
269+
verifyEntity(entity);
270270
IntuitMessage intuitMessage = prepareFindById(entity);
271271

272272
//execute interceptors
@@ -302,7 +302,7 @@ public <T extends IEntity> T findById(T entity) throws FMSException {
302302
*/
303303
@SuppressWarnings("unchecked")
304304
public QueryResult findTaxClassificationByParentId(IEntity entity) throws FMSException {
305-
305+
verifyEntity(entity);
306306
IntuitMessage intuitMessage = prepareFindByParentId(entity);
307307

308308
//execute interceptors
@@ -330,7 +330,7 @@ public QueryResult findTaxClassificationByParentId(IEntity entity) throws FMSExc
330330
*/
331331
@SuppressWarnings("unchecked")
332332
public QueryResult findTaxClassificationByLevel(IEntity entity) throws FMSException {
333-
333+
verifyEntity(entity);
334334
IntuitMessage intuitMessage = prepareFindByLevel(entity);
335335

336336
//execute interceptors
@@ -360,7 +360,7 @@ public QueryResult findTaxClassificationByLevel(IEntity entity) throws FMSExcept
360360
*/
361361
@SuppressWarnings("unchecked")
362362
public <T extends IEntity> T voidRequest(T entity) throws FMSException {
363-
363+
verifyEntity(entity);
364364
IntuitMessage intuitMessage = prepareVoidRequest(entity);
365365

366366
//execute interceptors
@@ -378,7 +378,7 @@ public <T extends IEntity> T voidRequest(T entity) throws FMSException {
378378
*/
379379
@SuppressWarnings("unchecked")
380380
public <T extends IEntity> T upload(T entity, InputStream docContent) throws FMSException {
381-
381+
verifyEntity(entity);
382382
IntuitMessage intuitMessage = prepareUpload(entity, docContent);
383383

384384
//execute interceptors
@@ -511,7 +511,7 @@ private boolean isContainResponse(IntuitMessage intuitMessage, int idx)
511511
* @throws FMSException
512512
*/
513513
public <T extends IEntity> InputStream download(T entity) throws FMSException {
514-
514+
verifyEntity(entity);
515515
IntuitMessage intuitMessage = prepareDownload(entity);
516516

517517
//execute interceptors
@@ -531,6 +531,7 @@ public <T extends IEntity> InputStream download(T entity) throws FMSException {
531531
}
532532

533533
public <T extends IEntity> InputStream downloadPDF(T entity) throws FMSException {
534+
verifyEntity(entity);
534535
if(!isAvailableAsPDF(entity)) {
535536
throw new FMSException("Following entity: " + entity.getClass().getSimpleName() + " cannot be exported as PDF " );
536537
}
@@ -551,6 +552,7 @@ public <T extends IEntity> InputStream downloadPDF(T entity) throws FMSException
551552
* @throws FMSException
552553
*/
553554
public <T extends IEntity> T sendEmail(T entity) throws FMSException {
555+
verifyEntity(entity);
554556
return sendEmail(entity, null);
555557
}
556558

@@ -564,6 +566,7 @@ public <T extends IEntity> T sendEmail(T entity) throws FMSException {
564566
*/
565567
@SuppressWarnings("unchecked")
566568
public <T extends IEntity> T sendEmail(T entity, String email) throws FMSException {
569+
verifyEntity(entity);
567570
if(!isAvailableToEmail(entity)) {
568571
throw new FMSException("Following entity: " + entity.getClass().getSimpleName() + " cannot be send as email" );
569572
}
@@ -747,7 +750,7 @@ public void executeBatch(BatchOperation batchOperation) throws FMSException {
747750
* throws FMSException
748751
*/
749752
public <T extends IEntity> void findAllAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
750-
753+
verifyEntity(entity);
751754
//findall is to be called as query
752755
String query = "SELECT * FROM " + entity.getClass().getSimpleName();
753756
executeQueryAsync(query, callbackHandler);
@@ -764,7 +767,7 @@ public <T extends IEntity> void findAllAsync(T entity, CallbackHandler callbackH
764767
* throws FMSException
765768
*/
766769
public <T extends IEntity> void addAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
767-
770+
verifyEntity(entity);
768771
IntuitMessage intuitMessage = prepareAdd(entity);
769772

770773
//set callback handler
@@ -786,7 +789,7 @@ public <T extends IEntity> void addAsync(T entity, CallbackHandler callbackHandl
786789
* @throws FMSException
787790
*/
788791
public <T extends IEntity> void deleteAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
789-
792+
verifyEntity(entity);
790793
IntuitMessage intuitMessage = prepareDelete(entity);
791794

792795
//set callback handler
@@ -806,7 +809,7 @@ public <T extends IEntity> void deleteAsync(T entity, CallbackHandler callbackHa
806809
* @throws FMSException
807810
*/
808811
public <T extends IEntity> void updateAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
809-
812+
verifyEntity(entity);
810813
IntuitMessage intuitMessage = prepareUpdate(entity);
811814

812815
//set callback handler
@@ -826,7 +829,7 @@ public <T extends IEntity> void updateAsync(T entity, CallbackHandler callbackHa
826829
* @throws FMSException
827830
*/
828831
public <T extends IEntity> void findByIdAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
829-
832+
verifyEntity(entity);
830833
IntuitMessage intuitMessage = prepareFindById(entity);
831834

832835
//set callback handler
@@ -846,7 +849,7 @@ public <T extends IEntity> void findByIdAsync(T entity, CallbackHandler callback
846849
* @throws FMSException
847850
*/
848851
public <T extends IEntity> void voidRequestAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
849-
852+
verifyEntity(entity);
850853
IntuitMessage intuitMessage = prepareVoidRequest(entity);
851854

852855
//set callback handler
@@ -869,7 +872,7 @@ public <T extends IEntity> void voidRequestAsync(T entity, CallbackHandler callb
869872
* throws FMSException
870873
*/
871874
public <T extends IEntity> void uploadAsync(T entity, InputStream docContent, CallbackHandler callbackHandler) throws FMSException {
872-
875+
verifyEntity(entity);
873876
IntuitMessage intuitMessage = prepareUpload(entity, docContent);
874877

875878
//set callback handler
@@ -890,7 +893,7 @@ public <T extends IEntity> void uploadAsync(T entity, InputStream docContent, Ca
890893
* throws FMSException
891894
*/
892895
public <T extends IEntity> void downloadAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
893-
896+
verifyEntity(entity);
894897
IntuitMessage intuitMessage = prepareDownload(entity);
895898

896899
//set callback handler
@@ -912,7 +915,8 @@ public <T extends IEntity> void downloadAsync(T entity, CallbackHandler callback
912915
* throws FMSException
913916
*/
914917
public <T extends IEntity> void downloadPDFAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
915-
if(!isAvailableAsPDF(entity)) {
918+
verifyEntity(entity);
919+
if(!isAvailableAsPDF(entity)) {
916920
throw new FMSException("Following entity: " + entity.getClass().getSimpleName() + " cannot be exported as PDF (Async) " );
917921
}
918922
IntuitMessage intuitMessage = prepareDownloadPDF(entity);
@@ -933,7 +937,8 @@ public <T extends IEntity> void downloadPDFAsync(T entity, CallbackHandler callb
933937
* @throws FMSException
934938
*/
935939
public <T extends IEntity> void sendEmailAsync(T entity, CallbackHandler callbackHandler) throws FMSException {
936-
sendEmailAsync(entity,null,callbackHandler);
940+
verifyEntity(entity);
941+
sendEmailAsync(entity,null,callbackHandler);
937942
}
938943

939944
/**
@@ -949,7 +954,8 @@ public <T extends IEntity> void sendEmailAsync(T entity, CallbackHandler callbac
949954
* throws FMSException
950955
*/
951956
public <T extends IEntity> void sendEmailAsync(T entity, String email, CallbackHandler callbackHandler) throws FMSException {
952-
if(!isAvailableToEmail(entity)) {
957+
verifyEntity(entity);
958+
if(!isAvailableToEmail(entity)) {
953959
throw new FMSException("Following entity: " + entity.getClass().getSimpleName() + " cannot send as email (Async) " );
954960
}
955961
IntuitMessage intuitMessage = prepareEmail(entity, email);
@@ -1408,6 +1414,24 @@ private <T extends IEntity> Object verifyEntityId(T entity) throws FMSException
14081414
}
14091415
return rid;
14101416
}
1417+
1418+
/**
1419+
* Verifies that entity is valid
1420+
* @param <T>
1421+
* @param entity
1422+
* @return
1423+
* @throws FMSException
1424+
*/
1425+
private <T extends IEntity> boolean verifyEntity(T entity) throws FMSException {
1426+
List<Object> entityList = MessageUtils.getWhitelistedEntities();
1427+
1428+
if (entityList.contains(entity.getClass())) {
1429+
return true;
1430+
} else {
1431+
throw new FMSException("Invalid Entity");
1432+
}
1433+
1434+
}
14111435

14121436

14131437
private <T extends IEntity> IntuitMessage prepareEmail(T entity, String email) throws FMSException {

0 commit comments

Comments
 (0)