Enforce max bulk operation count

wso2 · Feb 14, 2024 · fb2dadc · fb2dadc
1 parent 50b8497
commit fb2dadc
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/ResponseCodeConstants.java b/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/ResponseCodeConstants.java
@@ -74,6 +74,8 @@ public class ResponseCodeConstants {
 
  public static final int CODE_PAYLOAD_TOO_LARGE = 413;
  public static final String DESC_PAYLOAD_TOO_LARGE = "{\"maxOperations\": 1000,\"maxPayloadSize\": 1048576}";
+ public static final String ERROR_DESC_MAX_OPERATIONS_EXCEEDED = "Bulk operation count exceeds the maximum " +
+ "allowed limit.";
 
  public static final int CODE_INTERNAL_ERROR = 500;
  public static final String DESC_INTERNAL_ERROR = "An internal error.";

diff --git a/...aron-core/src/main/java/org/wso2/charon3/core/protocol/endpoints/BulkResourceManager.java b/...aron-core/src/main/java/org/wso2/charon3/core/protocol/endpoints/BulkResourceManager.java
@@ -17,11 +17,14 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.wso2.charon3.core.config.CharonConfiguration;
+import org.wso2.charon3.core.config.SCIMConfigConstants;
 import org.wso2.charon3.core.encoder.JSONDecoder;
 import org.wso2.charon3.core.encoder.JSONEncoder;
 import org.wso2.charon3.core.exceptions.BadRequestException;
 import org.wso2.charon3.core.exceptions.CharonException;
 import org.wso2.charon3.core.exceptions.InternalErrorException;
+import org.wso2.charon3.core.exceptions.PayloadTooLargeException;
 import org.wso2.charon3.core.extensions.RoleManager;
 import org.wso2.charon3.core.extensions.RoleV2Manager;
 import org.wso2.charon3.core.extensions.UserManager;
@@ -80,6 +83,19 @@ public SCIMResponse processBulkData(String data, UserManager userManager) {
  bulkRequestProcessor.setFailOnError(bulkRequestDataObject.getFailOnErrors());
  bulkRequestProcessor.setUserManager(userManager);
 
+ int maxOperationCount =
+ (Integer) CharonConfiguration.getInstance().getConfig().get(SCIMConfigConstants.MAX_OPERATIONS);
+ int totalOperationCount = bulkRequestDataObject.getUserOperationRequests().size() +
+ bulkRequestDataObject.getGroupOperationRequests().size() +
+ bulkRequestDataObject.getRoleOperationRequests().size() +
+ bulkRequestDataObject.getRoleV2OperationRequests().size();
+ if (totalOperationCount > maxOperationCount) {
+ throw new PayloadTooLargeException(String.format("%s Actual: %d, Max allowed: %d.",
+ ResponseCodeConstants.ERROR_DESC_MAX_OPERATIONS_EXCEEDED,
+ totalOperationCount,
+ maxOperationCount));
+ }
+
  // Get bulk response data.
  bulkResponseData = bulkRequestProcessor.processBulkRequests(bulkRequestDataObject);
  //encode the BulkResponseData object
@@ -93,7 +109,7 @@ public SCIMResponse processBulkData(String data, UserManager userManager) {
  // Create the final response.
  return new SCIMResponse(ResponseCodeConstants.CODE_OK, finalEncodedResponse, responseHeaders);
 
- } catch (CharonException | BadRequestException | InternalErrorException e) {
+ } catch (CharonException | BadRequestException | InternalErrorException | PayloadTooLargeException e) {
  return AbstractResourceManager.encodeSCIMException(e);
  }
  }