From cd4afe085ef56d33cbb510ceb0914fe917f39577 Mon Sep 17 00:00:00 2001
From: wxg0103 <727495428@qq.com>
Date: Tue, 31 May 2022 15:21:56 +0800
Subject: [PATCH] =?UTF-8?q?fix(=E7=B3=BB=E7=BB=9F=E8=AE=BE=E7=BD=AE):=20?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=9B=B4=E6=96=B0=E7=8E=AF=E5=A2=83=E5=89=8D?=
 =?UTF-8?q?=E5=90=8E=E7=AB=AF=E6=9C=AA=E6=A0=A1=E9=AA=8C=E5=93=8D=E5=BA=94?=
 =?UTF-8?q?=E6=97=B6=E9=97=B4=E7=9A=84=E7=BC=BA=E9=99=B7?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

--bug=1013644 --user=王孝刚 [接口测试]github#14112更新或修改配置环境时“链接超时”前后端都没有进行校验。
https://www.tapd.cn/55049933/s/1170028
---
 .../ApiTestEnvironmentController.java         | 34 +++++++++++++++++++
 .../environment/EnvironmentCommonConfig.vue   |  8 +++--
 .../request/database/DatabaseFrom.vue         | 10 ++++--
 .../test/components/request/tcp/TcpConfig.vue |  8 +++--
 4 files changed, 54 insertions(+), 6 deletions(-)

diff --git a/backend/src/main/java/io/metersphere/api/controller/ApiTestEnvironmentController.java b/backend/src/main/java/io/metersphere/api/controller/ApiTestEnvironmentController.java
index 23ffaa1a8c..887c2149c9 100644
--- a/backend/src/main/java/io/metersphere/api/controller/ApiTestEnvironmentController.java
+++ b/backend/src/main/java/io/metersphere/api/controller/ApiTestEnvironmentController.java
@@ -1,5 +1,7 @@
 package io.metersphere.api.controller;
 
+import com.alibaba.fastjson.JSONArray;
+import com.alibaba.fastjson.JSONObject;
 import com.github.pagehelper.Page;
 import com.github.pagehelper.PageHelper;
 import io.metersphere.api.dto.ApiTestEnvironmentDTO;
@@ -9,9 +11,12 @@ import io.metersphere.api.service.CommandService;
 import io.metersphere.base.domain.ApiTestEnvironmentWithBLOBs;
 import io.metersphere.commons.constants.OperLogConstants;
 import io.metersphere.commons.constants.OperLogModule;
+import io.metersphere.commons.exception.MSException;
+import io.metersphere.commons.utils.LogUtil;
 import io.metersphere.commons.utils.PageUtils;
 import io.metersphere.commons.utils.Pager;
 import io.metersphere.controller.request.EnvironmentRequest;
+import io.metersphere.i18n.Translator;
 import io.metersphere.log.annotation.MsAuditLog;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
@@ -61,15 +66,44 @@ public class ApiTestEnvironmentController {
     @PostMapping("/add")
     @MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.CREATE, content = "#msClass.getLogDetails(#apiTestEnvironmentWithBLOBs.id)", msClass = ApiTestEnvironmentService.class)
     public String create(@RequestPart("request") ApiTestEnvironmentDTO apiTestEnvironmentWithBLOBs, @RequestPart(value = "files", required = false) List<MultipartFile> sslFiles) {
+        checkParams(apiTestEnvironmentWithBLOBs);
         return apiTestEnvironmentService.add(apiTestEnvironmentWithBLOBs, sslFiles);
     }
 
     @PostMapping(value = "/update")
     @MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.UPDATE, beforeEvent = "#msClass.getLogDetails(#apiTestEnvironment.id)", content = "#msClass.getLogDetails(#apiTestEnvironment.id)", msClass = ApiTestEnvironmentService.class)
     public void update(@RequestPart("request") ApiTestEnvironmentDTO apiTestEnvironment, @RequestPart(value = "files", required = false) List<MultipartFile> sslFiles) {
+        checkParams(apiTestEnvironment);
         apiTestEnvironmentService.update(apiTestEnvironment, sslFiles);
     }
 
+    private void checkParams(ApiTestEnvironmentDTO apiTestEnvironment) {
+        try {
+            JSONObject json = JSONObject.parseObject(apiTestEnvironment.getConfig());
+            JSONObject commonConfig = json.getJSONObject("commonConfig");
+            JSONArray databaseConfigs = json.getJSONArray("databaseConfigs");
+
+            Object requestTimeout = commonConfig.get("requestTimeout");
+            Object responseTimeout = commonConfig.get("responseTimeout");
+            if (commonConfig != null && (requestTimeout != null || responseTimeout != null) && ((int) requestTimeout < 1 ||
+                    (int) responseTimeout < 1)) {
+                MSException.throwException(Translator.get("invalid_parameter"));
+            }
+            if (databaseConfigs.size() > 0) {
+                for (Object databaseConfig : databaseConfigs) {
+                    JSONObject database = (JSONObject) databaseConfig;
+                    Object poolMax = database.get("poolMax");
+                    Object timeout = database.get("timeout");
+                    if (database != null && (poolMax != null || timeout != null) && (int) database.get("poolMax") < 1 || (int) database.get("timeout") < 1) {
+                        MSException.throwException(Translator.get("invalid_parameter"));
+                    }
+                }
+            }
+        } catch (Exception e) {
+            LogUtil.error(e);
+        }
+    }
+
     @GetMapping("/delete/{id}")
     @MsAuditLog(module = OperLogModule.PROJECT_ENVIRONMENT_SETTING, type = OperLogConstants.DELETE, beforeEvent = "#msClass.getLogDetails(#id)", msClass = ApiTestEnvironmentService.class)
     public void delete(@PathVariable String id) {
diff --git a/frontend/src/business/components/api/test/components/environment/EnvironmentCommonConfig.vue b/frontend/src/business/components/api/test/components/environment/EnvironmentCommonConfig.vue
index fa3d852155..4dbff648b8 100644
--- a/frontend/src/business/components/api/test/components/environment/EnvironmentCommonConfig.vue
+++ b/frontend/src/business/components/api/test/components/environment/EnvironmentCommonConfig.vue
@@ -8,12 +8,16 @@
       <el-form-item>
         <span>{{ $t('api_test.environment.request_timeout') }}:</span>
         <el-input-number style="margin-left: 20px" controls-position="right" size="small"
-                         v-model="commonConfig.requestTimeout">
+                         v-model="commonConfig.requestTimeout"
+                         onKeypress="return (/[\d]/.test(String.fromCharCode(event.keyCode)))"
+                         :precision="0">
           {{ $t('api_test.environment.globalVariable') }}
         </el-input-number>
         <span style="margin-left: 30px">{{ $t('api_test.environment.response_timeout') }}:</span>
         <el-input-number style="margin-left: 20px" controls-position="right" size="small"
-                         v-model="commonConfig.responseTimeout">
+                         v-model="commonConfig.responseTimeout"
+                         onKeypress="return (/[\d]/.test(String.fromCharCode(event.keyCode)))"
+                         :precision="0">
           {{ $t('api_test.environment.globalVariable') }}
         </el-input-number>
       </el-form-item>
diff --git a/frontend/src/business/components/api/test/components/request/database/DatabaseFrom.vue b/frontend/src/business/components/api/test/components/request/database/DatabaseFrom.vue
index eabdfac4e3..85fdf9c0cd 100644
--- a/frontend/src/business/components/api/test/components/request/database/DatabaseFrom.vue
+++ b/frontend/src/business/components/api/test/components/request/database/DatabaseFrom.vue
@@ -32,12 +32,18 @@
       </el-form-item>
 
       <el-form-item :label="$t('api_test.request.sql.pool_max')" prop="poolMax">
-        <el-input-number size="small" :disabled="isReadOnly" v-model="currentConfig.poolMax" :placeholder="$t('commons.please_select')" :max="100" :min="0"/>
+        <el-input-number size="small" :disabled="isReadOnly" v-model="currentConfig.poolMax"
+                         :placeholder="$t('commons.please_select')" :max="100" :min="0"
+                         onKeypress="return (/[\d]/.test(String.fromCharCode(event.keyCode)))"
+                         :precision="0"/>
       </el-form-item>
 
 
       <el-form-item :label="$t('api_test.request.sql.timeout')" prop="timeout">
-        <el-input-number size="small" :disabled="isReadOnly" v-model="currentConfig.timeout" :placeholder="$t('commons.millisecond')" :max="1000*10000000" :min="0"/>
+        <el-input-number size="small" :disabled="isReadOnly" v-model="currentConfig.timeout"
+                         :placeholder="$t('commons.millisecond')" :max="1000*10000000" :min="0"
+                         onKeypress="return (/[\d]/.test(String.fromCharCode(event.keyCode)))"
+                         :precision="0"/>
       </el-form-item>
 
       <el-form-item>
diff --git a/frontend/src/business/components/api/test/components/request/tcp/TcpConfig.vue b/frontend/src/business/components/api/test/components/request/tcp/TcpConfig.vue
index 64175f2816..a468fc1d43 100644
--- a/frontend/src/business/components/api/test/components/request/tcp/TcpConfig.vue
+++ b/frontend/src/business/components/api/test/components/request/tcp/TcpConfig.vue
@@ -24,12 +24,16 @@
     <el-row :gutter="10">
       <el-col :span="12">
         <el-form-item :label="$t('api_test.request.tcp.connect')" prop="ctimeout">
-          <el-input-number v-model="config.ctimeout" controls-position="right" :min="0" :step="1000" :controls="false"/>
+          <el-input-number v-model="config.ctimeout" controls-position="right" :min="0" :step="1000" :controls="false"
+                           onKeypress="return (/[\d]/.test(String.fromCharCode(event.keyCode)))"
+                           :precision="0"/>
         </el-form-item>
       </el-col>
       <el-col :span="12">
         <el-form-item :label="$t('api_test.request.tcp.response')" prop="timeout" label-width="120px">
-          <el-input-number v-model="config.timeout" controls-position="right" :min="0" :step="1000" :controls="false"/>
+          <el-input-number v-model="config.timeout" controls-position="right" :min="0" :step="1000" :controls="false"
+                           onKeypress="return (/[\d]/.test(String.fromCharCode(event.keyCode)))"
+                           :precision="0"/>
         </el-form-item>
       </el-col>
     </el-row>