Commit 829a188e authored by Mathieu Féry (Mathius)'s avatar Mathieu Féry (Mathius)
Browse files

Modify modifiers of fields in api.* for prevent wild injection

parent 84f8b423
......@@ -33,7 +33,7 @@ public class DnDSheetTest {
}
public static void testSheet(DnDSheet sheet, DnDSystem system, DnDClass dnDClass) {
assertNotNull(sheet);
GIFObjectTest.testGIF(sheet.gif);
GIFObjectTest.testGIF(sheet.getGIF());
if (system != null)
assertEquals(sheet.system, system);
if (dnDClass != null)
......
......@@ -42,9 +42,9 @@ public class DnDSheetDBTest {
assertFalse(db.removeDnDSheet(sheet));
assertTrue(db.insertDnDSheet(sheet));
assertEquals(db.getDnDSheet(sheet.hashCode()), sheet);
sheet.gif = GIFObject.getGIFObject(ctx, "Hi'");
sheet.changeGIF(ctx, GIFObject.getGIFObject(ctx, "Hi'"));
assertTrue(db.updateGIF(sheet));
assertEquals(db.getDnDSheet(sheet.hashCode()).gif, sheet.gif);
assertEquals(db.getDnDSheet(sheet.hashCode()).getGIF(), sheet.getGIF());
assertTrue(db.removeDnDSheet(sheet));
dropDBs();
}
......@@ -76,7 +76,7 @@ public class DnDSheetDBTest {
assertTrue(sheet.removeFav(ctx, dbVersion));
assertFalse(sheet.removeFav(ctx, dbVersion));
assertFalse(sheet.updateFav(ctx, dbVersion));
sheet.gif = gif;
sheet.changeGIF(ctx, gif);
assertTrue(sheet.addFav(ctx, dbVersion));
assertTrue(sheet.updateFav(ctx, dbVersion));
assertTrue(sheet.removeFav(ctx, dbVersion));
......
......@@ -70,20 +70,20 @@ public class DisplayGIFActivity extends AppCompatActivity {
m_adapter = new ListGifAdapter(m_listGif, this);
rclr_displayGif_relatedGif.setAdapter(m_adapter);
rclr_displayGif_relatedGif.setLayoutManager(new GridLayoutManager(this, 2));
lbl_displayGif_name.setText(m_sheet.gif.toString());
lbl_displayGif_name.setText(m_sheet.getGIF().toString());
String v_tags = "";
if(m_sheet.gif.tags.size() > 0) {
v_tags = m_sheet.gif.tags.get(0);
if(m_sheet.getGIF().tags.size() > 0) {
v_tags = m_sheet.getGIF().tags.get(0);
}
for (int compt = 1; compt < m_sheet.gif.tags.size(); compt++) {
v_tags += String.format(", %s", m_sheet.gif.tags.get(compt));
for (int compt = 1; compt < m_sheet.getGIF().tags.size(); compt++) {
v_tags += String.format(", %s", m_sheet.getGIF().tags.get(compt));
}
lbl_displayGif_tag.setText(v_tags);
if (v_tags.isEmpty()){
lbl_displayGif_tag.setText("No tags attached on this GIF");
}
String v_urlGif = Objects.requireNonNull(m_sheet.gif.media.get(GIFFormat.GIF)).url;
String v_urlGif = Objects.requireNonNull(m_sheet.getGIF().media.get(GIFFormat.GIF)).url;
Glide.with(this)
.load(v_urlGif)
......@@ -171,12 +171,13 @@ public class DisplayGIFActivity extends AppCompatActivity {
m_listGif = (List<GIFObject>) savedInstanceState.getSerializable(GIF_LIST);
return;
}
m_listGif = GIFObject.getGIFObjects(this, m_sheet.gif.searchQuery, nbResult, m_sheet.gif);
m_listGif = GIFObject.getGIFObjects(this, m_sheet.getGIF().searchQuery, nbResult,
m_sheet.getGIF());
}
private void doSearch() {
int v_nbResult = checkNbResult();
String v_recherche = m_sheet.gif.searchQuery;
String v_recherche = m_sheet.getGIF().searchQuery;
TenorArgs v_tenorArgs = TenorArgs.GIF_SAFE;
if(!txt_displayGif_recherche.getText().toString().isEmpty()) {
v_recherche = txt_displayGif_recherche.getText().toString();
......@@ -186,7 +187,7 @@ public class DisplayGIFActivity extends AppCompatActivity {
}
if (v_nbResult > 0) {
List<GIFObject> v_newGifs = GIFObject.getGIFObjects(m_context,
v_recherche, v_tenorArgs.fork(v_nbResult, m_sheet.gif));
v_recherche, v_tenorArgs.fork(v_nbResult, m_sheet.getGIF()));
m_listGif.clear();
m_listGif.addAll(v_newGifs);
m_adapter.notifyDataSetChanged();
......
......@@ -97,14 +97,15 @@ public class DisplayResultActivity extends AppCompatActivity {
protected void onActivityResult(int requestCode, int resultCode, @Nullable Intent data) {
super.onActivityResult(requestCode, resultCode, data);
if(resultCode == requestCode) {
GIFObject v_gif = (GIFObject) Objects.requireNonNull(data).getExtras().getSerializable(ListGifAdapter.GIF_OBJECT);
GIFObject v_gif = (GIFObject) Objects.requireNonNull(data).getExtras()
.getSerializable(ListGifAdapter.GIF_OBJECT);
m_sheet.changeGIF(DisplayResultActivity.this, v_gif);
loadGif();
}
}
private void loadGif() {
String imgUrl = Objects.requireNonNull(m_sheet.gif.media.get(GIFFormat.GIF)).url;
String imgUrl = Objects.requireNonNull(m_sheet.getGIF().media.get(GIFFormat.GIF)).url;
Glide.with(this)
.load(imgUrl)
.into(img_displayResult_gif);
......
......@@ -128,7 +128,8 @@ public class ListResultsAdapter extends RecyclerView.Adapter<ListResultsAdapter.
holder.getM_lbl_description().setText(m_data.get(position).appearance);
holder.getM_lbl_system().setText(m_data.get(position).system.longName);
String tmp = Objects.requireNonNull(Objects.requireNonNull(m_data.get(position).gif.media.get(GIFFormat.GIF)).preview);
String tmp = Objects.requireNonNull(Objects.requireNonNull(m_data.get(position).getGIF()
.media.get(GIFFormat.GIF)).preview);
Glide.with(holder.itemView)
.load(tmp)
.into(holder.getM_imgGif());
......
......@@ -10,8 +10,8 @@ import java.io.Serializable;
*/
public class DnDAttr implements Serializable {
public String nameAttr, valueUserReadable;
public Integer value;
public final String nameAttr, valueUserReadable;
public final Integer value;
/**
* Basic Constructor for create attribute if beautiful value is missing.
......
......@@ -11,7 +11,7 @@ import java.util.List;
*/
public class DnDAttrs implements Serializable {
public List<DnDAttr> attrs;
public final List<DnDAttr> attrs;
/**
* Basic Constructor for create attributes if all arguments are provided.
......
......@@ -14,8 +14,8 @@ import java.util.Random;
*/
public class DnDClass implements Serializable, Comparable<DnDClass> {
public String queryArg;
public String name;
public final String queryArg;
public final String name;
/**
* Basic Constructor for create class if queryArg is missing
......
......@@ -11,7 +11,7 @@ import java.io.Serializable;
*/
public class DnDSaves implements Serializable {
public Integer wands, breath, stone, magic, poison;
public final Integer wands, breath, stone, magic, poison;
public static final String NO_SAVES ="No saves provided.";
/**
......
......@@ -32,31 +32,31 @@ import fr.iutnantes.miar.dndgenerator.api.tenor.models.GIFArtifactDB;
*/
public class DnDSheet implements Serializable {
public static String apiProvider = "http://character.totalpartykill.ca/";
private static final String TAG = "DnDSheet";
public static int DEFAULT_SIZE_LIST_SHEET = 10;
public static int MAX_TRY = 10;
public static Comparator<DnDSheet> COMPARATOR_BY_SYSTEM = (o1, o2) ->
public final static String apiProvider = "http://character.totalpartykill.ca/";
protected static final String TAG = "DnDSheet";
public final static int DEFAULT_SIZE_LIST_SHEET = 10;
public final static int MAX_TRY = 10;
public final static Comparator<DnDSheet> COMPARATOR_BY_SYSTEM = (o1, o2) ->
o1.system.compareTo(o2.system);
public static Comparator<DnDSheet> COMPARATOR_BY_CLASS = (o1, o2) ->
public final static Comparator<DnDSheet> COMPARATOR_BY_CLASS = (o1, o2) ->
o1.caracterClass.compareTo(o2.caracterClass);
public DnDAttrs attr;
public DnDSaves saves;
public Integer hp;
public Integer thac9;
public Integer ac;
public String appearance;
public DnDClass caracterClass;
public String personality;
public DnDSystem system;
public List<String> languages;
public List<String> equipment;
public List<String> notes;
public DnDSkills skills;
public GIFObject gif;
public String searchGIF;
public TenorArgs tenorArgs;
public final DnDAttrs attr;
public final DnDSaves saves;
public final Integer hp;
public final Integer thac9;
public final Integer ac;
public final String appearance;
public final DnDClass caracterClass;
public final String personality;
public final DnDSystem system;
public final List<String> languages;
public final List<String> equipment;
public final List<String> notes;
public final DnDSkills skills;
protected GIFObject gif;
public final String searchGIF;
public final TenorArgs tenorArgs;
/**
* Basic Constructor for create sheet if all arguments are provided.
* @param hp : Integer represent hp of this character
......@@ -116,7 +116,7 @@ public class DnDSheet implements Serializable {
* @param ctx : Context for search media related to this character
* @param tenorArgs : TenorArgs for search media related to this character
*/
private DnDSheet(@Nullable Integer hp, @Nullable Integer thac9, @Nullable Integer ac,
protected DnDSheet(@Nullable Integer hp, @Nullable Integer thac9, @Nullable Integer ac,
@Nullable String appearance, @NonNull DnDClass caracterClass,
@Nullable String personality, @NonNull DnDSystem system,
@NonNull List<String> languages, @NonNull List<String> equipment,
......@@ -128,6 +128,14 @@ public class DnDSheet implements Serializable {
caracterClass, appearance, system), tenorArgs));
}
/**
* Accessor for gif property
* @return gif
*/
public GIFObject getGIF() {
return gif;
}
/**
* For change GIF and update Fav is necessary
* @param ctx : Context for access database
......@@ -1005,7 +1013,7 @@ public class DnDSheet implements Serializable {
* @return sheets
*/
@NonNull
private static List<DnDSheet> getRandomsCaracterSheetProcess(@NonNull Context ctx, int nb,
protected static List<DnDSheet> getRandomsCaracterSheetProcess(@NonNull Context ctx, int nb,
@Nullable DnDSystem system,
@Nullable DnDClass dnDClass,
@Nullable TenorArgs tenorArgs) {
......@@ -1249,7 +1257,7 @@ public class DnDSheet implements Serializable {
* @param system : DnDSystem represent from which system will be drawn the card
* @param future : SimpleFuture represents the object in which the result will be stored
*/
private static void getRandomFutureCaracterSheet(@NonNull Context ctx,
protected static void getRandomFutureCaracterSheet(@NonNull Context ctx,
@NonNull DnDSystem system,
@NonNull SimpleFuture<DnDSheet> future) {
DnDSheet.getRandomFutureCaracterSheet(ctx, system, future, (DnDClass) null);
......@@ -1263,7 +1271,7 @@ public class DnDSheet implements Serializable {
* @param future : SimpleFuture represents the object in which the result will be stored
* @param dnDClass : DnDClass represent with which class will be drawn the card
*/
private static void getRandomFutureCaracterSheet(@NonNull Context ctx,
protected static void getRandomFutureCaracterSheet(@NonNull Context ctx,
@NonNull DnDSystem system,
@NonNull SimpleFuture<DnDSheet> future,
@Nullable DnDClass dnDClass) {
......@@ -1278,7 +1286,7 @@ public class DnDSheet implements Serializable {
* @param future : SimpleFuture represents the object in which the result will be stored
* @param tenorArgs : TenorArgs represent with which arguments, the media related to card is get
*/
private static void getRandomFutureCaracterSheet(@NonNull Context ctx,
protected static void getRandomFutureCaracterSheet(@NonNull Context ctx,
@NonNull DnDSystem system,
@NonNull SimpleFuture<DnDSheet> future,
@NonNull TenorArgs tenorArgs) {
......@@ -1294,7 +1302,7 @@ public class DnDSheet implements Serializable {
* @param dnDClass : DnDClass represent with which class will be drawn the card
* @param tenorArgs : TenorArgs represent with which arguments, the media related to card is get
*/
private static void getRandomFutureCaracterSheet(@NonNull Context ctx,
protected static void getRandomFutureCaracterSheet(@NonNull Context ctx,
@NonNull DnDSystem system,
@NonNull SimpleFuture<DnDSheet> future,
@Nullable DnDClass dnDClass,
......
......@@ -11,8 +11,8 @@ import java.io.Serializable;
*/
public class DnDSkill implements Serializable {
public String skillName;
public Integer value;
public final String skillName;
public final Integer value;
/**
* Basic Constructor for create skill if all arguments are provided.
......
......@@ -14,7 +14,7 @@ public class DnDSkills implements Serializable {
public static final String NO_SKILLS =
"No skills provided (The system probably doesn’t manage the skills).";
public List<DnDSkill> skills;
public final List<DnDSkill> skills;
/**
* Basic Constructor for create skills if all arguments are provided.
......
......@@ -43,18 +43,18 @@ public class DnDSavesDB extends BaseDB {
public DnDSavesDB(@NonNull Context context) {
this(context, DATABASE_VERSION);
}
private static String PRIMARY_KEY;
private static String TABLE_NAME;
private static int DATABASE_VERSION;
private static String DATABASE_NAME;
private static List<String> intAttrs = new ArrayList<>();
private static List<String> stringAttrs = new ArrayList<>();
private static List<String> allStringAttrs = new ArrayList<>();
private static List<String> listStringAttrs = new ArrayList<>();
public final static String PRIMARY_KEY;
public final static String TABLE_NAME;
public final static int DATABASE_VERSION;
public final static String DATABASE_NAME;
public final static List<String> intAttrs;
public final static List<String> stringAttrs = new ArrayList<>();
public final static List<String> allStringAttrs;
public final static List<String> listStringAttrs = new ArrayList<>();
/**
* Class represent fields in current model
*/
public static class Vars implements BaseColumns {
protected static class Vars implements BaseColumns {
public static final String TABLE_NAME = "DnDSaves";
public static final String WANDS = "wands";
public static final String BREATH = "breath";
......@@ -67,13 +67,17 @@ public class DnDSavesDB extends BaseDB {
TABLE_NAME = Vars.TABLE_NAME;
DATABASE_VERSION = 1;
DATABASE_NAME = TABLE_NAME;
intAttrs.add(Vars.WANDS);
intAttrs.add(Vars.BREATH);
intAttrs.add(Vars.STONE);
intAttrs.add(Vars.MAGIC);
intAttrs.add(Vars.POISON);
allStringAttrs.addAll(stringAttrs);
allStringAttrs.addAll(listStringAttrs);
List<String> tempInt = new ArrayList<>();
tempInt.add(Vars.WANDS);
tempInt.add(Vars.BREATH);
tempInt.add(Vars.STONE);
tempInt.add(Vars.MAGIC);
tempInt.add(Vars.POISON);
intAttrs = tempInt;
List<String> tempAllString = new ArrayList<>();
tempAllString.addAll(stringAttrs);
tempAllString.addAll(listStringAttrs);
allStringAttrs = tempAllString;
}
/**
* Method for get saves
......
......@@ -51,19 +51,19 @@ public class DnDSheetDB extends BaseDB {
public DnDSheetDB(@NonNull Context context) {
this(context, DATABASE_VERSION);
}
private static String PRIMARY_KEY;
private static String TABLE_NAME;
public static int DATABASE_VERSION;
private static String DATABASE_NAME;
private static List<String> intAttrs = new ArrayList<>();
private static List<String> stringAttrs = new ArrayList<>();
private static List<String> allStringAttrs = new ArrayList<>();
private static List<String> listStringAttrs = new ArrayList<>();
public final static String PRIMARY_KEY;
public final static String TABLE_NAME;
public final static int DATABASE_VERSION;
public final static String DATABASE_NAME;
public final static List<String> intAttrs;
public final static List<String> stringAttrs;
public final static List<String> allStringAttrs;
public final static List<String> listStringAttrs;
/**
* Class represent fields in current model
*/
public static class Vars implements BaseColumns {
protected static class Vars implements BaseColumns {
public static final String TABLE_NAME = "DnDSheet";
public static final String HP = "hp";
public static final String THAC9 = "thac9";
......@@ -86,23 +86,31 @@ public class DnDSheetDB extends BaseDB {
TABLE_NAME = Vars.TABLE_NAME;
DATABASE_VERSION = 1;
DATABASE_NAME = TABLE_NAME;
intAttrs.add(Vars.HP);
intAttrs.add(Vars.THAC9);
intAttrs.add(Vars.AC);
intAttrs.add(Vars.GIF_ARTEFACT_ID);
intAttrs.add(Vars.SAVES_ID);
intAttrs.add(Vars.SYSTEM_ID);
listStringAttrs.add(Vars.LANGUAGES);
listStringAttrs.add(Vars.EQUIPMENT);
listStringAttrs.add(Vars.NOTES);
listStringAttrs.add(Vars.SKILLS);
listStringAttrs.add(Vars.ATTRS);
stringAttrs.add(Vars.APPEARANCE);
stringAttrs.add(Vars.PERSONALITY);
stringAttrs.add(Vars.GIF_ID);
stringAttrs.add(Vars.CLASS);
allStringAttrs.addAll(stringAttrs);
allStringAttrs.addAll(listStringAttrs);
List<String> tempInt = new ArrayList<>();
tempInt.add(Vars.HP);
tempInt.add(Vars.THAC9);
tempInt.add(Vars.AC);
tempInt.add(Vars.GIF_ARTEFACT_ID);
tempInt.add(Vars.SAVES_ID);
tempInt.add(Vars.SYSTEM_ID);
intAttrs = tempInt;
List<String> tempListString = new ArrayList<>();
tempListString.add(Vars.LANGUAGES);
tempListString.add(Vars.EQUIPMENT);
tempListString.add(Vars.NOTES);
tempListString.add(Vars.SKILLS);
tempListString.add(Vars.ATTRS);
listStringAttrs = tempListString;
List<String> tempString = new ArrayList<>();
tempString.add(Vars.APPEARANCE);
tempString.add(Vars.PERSONALITY);
tempString.add(Vars.GIF_ID);
tempString.add(Vars.CLASS);
stringAttrs = tempString;
List<String> tempAllString = new ArrayList<>();
tempAllString.addAll(stringAttrs);
tempAllString.addAll(listStringAttrs);
allStringAttrs = tempAllString;
}
/**
......@@ -129,9 +137,9 @@ public class DnDSheetDB extends BaseDB {
return false;
SQLiteDatabase db = this.getWritableDatabase();
ContentValues values = new ContentValues();
values.put(Vars.GIF_ID, sheet.gif.id);
values.put(Vars.GIF_ARTEFACT_ID, sheet.gif.artifact.hashCode());
new GIFArtifactDB(ctx).insertGIFArtifact(sheet.gif.artifact);
values.put(Vars.GIF_ID, sheet.getGIF().id);
values.put(Vars.GIF_ARTEFACT_ID, sheet.getGIF().artifact.hashCode());
new GIFArtifactDB(ctx).insertGIFArtifact(sheet.getGIF().artifact);
db.update(tableName(), values, String.format("%s = ?", Vars._ID), new String[]{
String.valueOf(sheet.hashCode())});
return true;
......@@ -158,7 +166,7 @@ public class DnDSheetDB extends BaseDB {
* @return sheet
*/
@NonNull
private DnDSheet transformRecordToDnDSheet(Cursor cursor) {
protected DnDSheet transformRecordToDnDSheet(Cursor cursor) {
GIFObject gif = GIFObject.getGIFObjectById(ctx, cursor.getString(
cursor.getColumnIndex(Vars.GIF_ID)), new GIFArtifactDB(ctx, currentVersion)
.getGIFArtifact(cursor.getInt(cursor.getColumnIndex(Vars.GIF_ARTEFACT_ID))));
......@@ -262,9 +270,9 @@ public class DnDSheetDB extends BaseDB {
values.put(Vars.APPEARANCE, sheet.appearance);
values.put(Vars.PERSONALITY, sheet.personality);
values.put(Vars.CLASS, sheet.caracterClass.name);
values.put(Vars.GIF_ID, sheet.gif.id);
values.put(Vars.GIF_ARTEFACT_ID, sheet.gif.artifact.hashCode());
new GIFArtifactDB(ctx, currentVersion).insertGIFArtifact(sheet.gif.artifact);
values.put(Vars.GIF_ID, sheet.getGIF().id);
values.put(Vars.GIF_ARTEFACT_ID, sheet.getGIF().artifact.hashCode());
new GIFArtifactDB(ctx, currentVersion).insertGIFArtifact(sheet.getGIF().artifact);
values.put(Vars.SAVES_ID, sheet.saves.hashCode());
new DnDSavesDB(ctx, currentVersion).insertDnDSaves(sheet.saves);
values.put(Vars._ID, sheet.hashCode());
......
......@@ -10,8 +10,8 @@ import java.util.List;
*/
public class Dimension implements Serializable {
public Integer width;
public Integer height;
public final Integer width;
public final Integer height;
/**
* Basic Constructor for create Dimension from List.
......
......@@ -12,7 +12,7 @@ import java.util.Random;
*/
public class FilterContent implements Serializable {
public String name;
public final String name;
/**
* Basic Constructor for create attribute if all arguments are provided.
......@@ -67,7 +67,7 @@ public class FilterContent implements Serializable {
filts.add(HIGH);
filters = filts;
}
public static FilterContent DEFAULT = OFF;
public static final FilterContent DEFAULT = OFF;
/**
* For get random content filter from the API.
......
......@@ -9,9 +9,9 @@ import java.io.Serializable;
*/
public class GIFArtifact implements Serializable {
public String query;
public MediaFilter mediaFilter;
public FilterContent filterContent;
public final String query;
public final MediaFilter mediaFilter;
public final FilterContent filterContent;
/**
* Default Constructor
......
......@@ -13,8 +13,8 @@ import java.util.Random;
*/
public class GIFFormat implements Serializable {
public String name;
public List<MediaFilter> mediaFiltersSupported;
public final String name;
public final List<MediaFilter> mediaFiltersSupported;
/**
* Default constructor with name of format
......@@ -31,10 +31,11 @@ public class GIFFormat implements Serializable {
*/
public GIFFormat(@NonNull String name, @NonNull MediaFilter... mediaFiltersSupported) {
this.name = name;
this.mediaFiltersSupported = new ArrayList<>();
List<MediaFilter> temp = new ArrayList<>();
for (MediaFilter mediaFilterSupported : mediaFiltersSupported)
if (mediaFilterSupported != null)
this.mediaFiltersSupported.add(mediaFilterSupported);
temp.add(mediaFilterSupported);
this.mediaFiltersSupported = temp;
}
/**
......
......@@ -28,27 +28,27 @@ import fr.iutnantes.miar.dndgenerator.BuildConfig;
*/
public class GIFObject implements Serializable {
public static String apiProvider = "https://api.tenor.com/v1/";
public static String TAG = "GIFObject";
public static Integer DEFAULT_SIZE = 8;
public static String NOT_FOUND = "not-found";
public static Integer MAX_SIZE = 50;
public static String UNNAMED = "Unnamed";
public Float created;
public Boolean hasAudio;
public String id;
public Map<GIFFormat, MediaObject> media;
public List<String> tags;
public String title;
public String itemUrl;
public Boolean hasCaption;
public String url;
public FilterContent filterContent;