From fb2dadc7165e9895e4c8d5f2c3e3dd1e0df719c1 Mon Sep 17 00:00:00 2001 From: Pasindu Yeshan Date: Wed, 14 Feb 2024 22:37:58 +0530 Subject: [PATCH] Enforce max bulk operation count --- .../core/protocol/ResponseCodeConstants.java | 2 ++ .../endpoints/BulkResourceManager.java | 18 +++++++++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/ResponseCodeConstants.java b/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/ResponseCodeConstants.java index f3a7744f1..642489fd8 100644 --- a/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/ResponseCodeConstants.java +++ b/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/ResponseCodeConstants.java @@ -74,6 +74,8 @@ public class ResponseCodeConstants { public static final int CODE_PAYLOAD_TOO_LARGE = 413; public static final String DESC_PAYLOAD_TOO_LARGE = "{\"maxOperations\": 1000,\"maxPayloadSize\": 1048576}"; + public static final String ERROR_DESC_MAX_OPERATIONS_EXCEEDED = "Bulk operation count exceeds the maximum " + + "allowed limit."; public static final int CODE_INTERNAL_ERROR = 500; public static final String DESC_INTERNAL_ERROR = "An internal error."; diff --git a/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/endpoints/BulkResourceManager.java b/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/endpoints/BulkResourceManager.java index df6852515..d5d73c347 100644 --- a/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/endpoints/BulkResourceManager.java +++ b/modules/charon-core/src/main/java/org/wso2/charon3/core/protocol/endpoints/BulkResourceManager.java @@ -17,11 +17,14 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.wso2.charon3.core.config.CharonConfiguration; +import org.wso2.charon3.core.config.SCIMConfigConstants; import org.wso2.charon3.core.encoder.JSONDecoder; import org.wso2.charon3.core.encoder.JSONEncoder; import org.wso2.charon3.core.exceptions.BadRequestException; import org.wso2.charon3.core.exceptions.CharonException; import org.wso2.charon3.core.exceptions.InternalErrorException; +import org.wso2.charon3.core.exceptions.PayloadTooLargeException; import org.wso2.charon3.core.extensions.RoleManager; import org.wso2.charon3.core.extensions.RoleV2Manager; import org.wso2.charon3.core.extensions.UserManager; @@ -80,6 +83,19 @@ public SCIMResponse processBulkData(String data, UserManager userManager) { bulkRequestProcessor.setFailOnError(bulkRequestDataObject.getFailOnErrors()); bulkRequestProcessor.setUserManager(userManager); + int maxOperationCount = + (Integer) CharonConfiguration.getInstance().getConfig().get(SCIMConfigConstants.MAX_OPERATIONS); + int totalOperationCount = bulkRequestDataObject.getUserOperationRequests().size() + + bulkRequestDataObject.getGroupOperationRequests().size() + + bulkRequestDataObject.getRoleOperationRequests().size() + + bulkRequestDataObject.getRoleV2OperationRequests().size(); + if (totalOperationCount > maxOperationCount) { + throw new PayloadTooLargeException(String.format("%s Actual: %d, Max allowed: %d.", + ResponseCodeConstants.ERROR_DESC_MAX_OPERATIONS_EXCEEDED, + totalOperationCount, + maxOperationCount)); + } + // Get bulk response data. bulkResponseData = bulkRequestProcessor.processBulkRequests(bulkRequestDataObject); //encode the BulkResponseData object @@ -93,7 +109,7 @@ public SCIMResponse processBulkData(String data, UserManager userManager) { // Create the final response. return new SCIMResponse(ResponseCodeConstants.CODE_OK, finalEncodedResponse, responseHeaders); - } catch (CharonException | BadRequestException | InternalErrorException e) { + } catch (CharonException | BadRequestException | InternalErrorException | PayloadTooLargeException e) { return AbstractResourceManager.encodeSCIMException(e); } }