#707 | Add validations on name and username for User Upload

avni-server-api/src/main/java/org/avni/server/domain/User.java

@@ -1,18 +1,17 @@
 package org.avni.server.domain;
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
-import com.google.i18n.phonenumbers.PhoneNumberUtil;
-import com.google.i18n.phonenumbers.Phonenumber;
 import com.fasterxml.jackson.core.type.TypeReference;
 import org.apache.commons.validator.routines.EmailValidator;
 import org.avni.server.util.ObjectMapperSingleton;
+import org.avni.server.util.ValidationUtil;
 import org.avni.server.web.request.syncAttribute.UserSyncSettings;
+import org.avni.server.web.validation.ValidationException;
 import org.hibernate.annotations.BatchSize;
 import org.hibernate.annotations.CacheConcurrencyStrategy;
 import org.hibernate.annotations.Type;
 import org.hibernate.proxy.HibernateProxyHelper;
 import org.joda.time.DateTime;
-import org.avni.server.web.validation.ValidationException;
 
 import javax.persistence.*;
 import javax.validation.constraints.NotNull;
@@ -380,14 +379,26 @@ public static void validateEmail(String email) {
      * where yyy is {@link Organisation#getUsernameSuffix()} and xxx represents user
      */
     public static void validateUsername(String username, String userSuffix) {
-        if (username == null || !username.contains("@") || username.length() < 7) {
+        if (username == null || !username.contains("@") || username.trim().length() < 7) {
             throw new ValidationException(String.format("Invalid username '%s'. It must be at least 7 characters.", username));
         }
-        if (username.indexOf("@") < 4) {
+        if (username.trim().indexOf("@") < 4) {
             throw new ValidationException(String.format("Invalid username '%s'. Name part should be at least 4 characters", username));
         }
-        if (!username.endsWith(userSuffix)) {
+        if (!username.trim().endsWith(userSuffix)) {
             throw new ValidationException(String.format("Invalid username '%s'. Include correct userSuffix %s at the end", username, userSuffix));
         }
+        if (ValidationUtil.checkNullOrEmptyOrContainsDisallowedCharacters(username.trim(), ValidationUtil.COMMON_INVALID_CHARS_PATTERN)) {
+            throw new ValidationException(String.format("Invalid username '%s', contains atleast one disallowed character %s", username, ValidationUtil.COMMON_INVALID_CHARS_PATTERN));
+        }
+    }
+
+    /**
+     * name must not be empty and not have invalid characters
+     */
+    public static void validateName(String name) {
+        if (ValidationUtil.checkNullOrEmptyOrContainsDisallowedCharacters(name, ValidationUtil.NAME_INVALID_CHARS_PATTERN)) {
+            throw new ValidationException(String.format("Invalid name '%s', contains atleast one disallowed character %s", name, ValidationUtil.NAME_INVALID_CHARS_PATTERN));
+        }
     }
 }

avni-server-api/src/main/java/org/avni/server/importer/batch/csv/writer/UserAndCatchmentWriter.java

@@ -87,19 +87,20 @@ private void write(Row row) throws Exception {
         Organisation organisation = UserContextHolder.getUserContext().getOrganisation();
         String userSuffix = "@".concat(organisation.getEffectiveUsernameSuffix());
         User.validateUsername(username, userSuffix);
-        User user = userRepository.findByUsername(username);
+        User user = userRepository.findByUsername(username.trim());
         User currentUser = userService.getCurrentUser();
         boolean isNewUser = false;
         if (user == null) {
             user = new User();
             user.assignUUIDIfRequired();
-            user.setUsername(username);
+            user.setUsername(username.trim());
             isNewUser = true;
         }
         User.validateEmail(email);
         user.setEmail(email);
         userService.setPhoneNumber(phoneNumber, user, RegionUtil.getCurrentUserRegion());
-        user.setName(nameOfUser);
+        User.validateName(nameOfUser);
+        user.setName(nameOfUser.trim());
         if (!isNewUser) resetSyncService.recordSyncAttributeValueChangeForUser(user, catchment.getId(), syncSettings);
         user.setCatchment(catchment);
         user.setOperatingIndividualScope(ByCatchment);

avni-server-api/src/main/java/org/avni/server/util/ValidationUtil.java

@@ -5,6 +5,7 @@
 
 public class ValidationUtil {
     public static final Pattern COMMON_INVALID_CHARS_PATTERN = Pattern.compile("^.*[<>=\"'].*$");
+    public static final Pattern NAME_INVALID_CHARS_PATTERN = Pattern.compile("^.*[<>=\"].*$");
 
     public static boolean checkNull(Object checkObject) {
         return checkObject == null;

avni-server-api/src/main/java/org/avni/server/web/UserController.java

@@ -58,8 +58,6 @@ public class UserController {
     private final SubjectTypeRepository subjectTypeRepository;
     private final AccessControlService accessControlService;
 
-    private final Pattern NAME_INVALID_CHARS_PATTERN = Pattern.compile("^.*[<>=\"].*$");
-
     @Autowired
     public UserController(CatchmentRepository catchmentRepository,
                           UserRepository userRepository,
@@ -183,7 +181,7 @@ private Boolean isUserNameInvalid(String userName) {
     }
 
     private Boolean isNameInvalid(String name) {
-        return ValidationUtil.checkNullOrEmptyOrContainsDisallowedCharacters(name, NAME_INVALID_CHARS_PATTERN);
+        return ValidationUtil.checkNullOrEmptyOrContainsDisallowedCharacters(name, ValidationUtil.NAME_INVALID_CHARS_PATTERN);
     }
 
     private User setUserAttributes(User user, UserContract userContract, String userRegion) {