diff --git a/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java b/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java index f956d0407..8c11ac932 100644 --- a/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java +++ b/config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java @@ -135,6 +135,8 @@ public class ConfigController { throws NacosException { final String srcIp = RequestUtil.getRemoteIp(request); String requestIpApp = RequestUtil.getAppName(request); + // check tenant + ParamUtils.checkTenant(tenant); ParamUtils.checkParam(dataId, group, "datumId", content); ParamUtils.checkParam(tag); @@ -213,7 +215,9 @@ public class ConfigController { @RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant, @RequestParam(value = "tag", required = false) String tag) throws IOException, ServletException, NacosException { - tenant = processTenant(tenant); + // check tenant + ParamUtils.checkTenant(tenant); + tenant = processTenant(tenant); // check params ParamUtils.checkParam(dataId, group, "datumId", "content"); ParamUtils.checkParam(tag); @@ -234,7 +238,9 @@ public class ConfigController { @RequestParam("group") String group, @RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant) throws NacosException { - // check params + // check tenant + ParamUtils.checkTenant(tenant); + // check params ParamUtils.checkParam(dataId, group, "datumId", "content"); return persistService.findConfigAllInfo(dataId, group, tenant); } @@ -253,7 +259,9 @@ public class ConfigController { @RequestParam(value = "tenant", required = false, defaultValue = StringUtils.EMPTY) String tenant, @RequestParam(value = "tag", required = false) String tag) throws NacosException { - ParamUtils.checkParam(dataId, group, "datumId", "rm"); + // check tenant + ParamUtils.checkTenant(tenant); + ParamUtils.checkParam(dataId, group, "datumId", "rm"); ParamUtils.checkParam(tag); String clientIp = RequestUtil.getRemoteIp(request); if (StringUtils.isBlank(tag)) { diff --git a/config/src/main/java/com/alibaba/nacos/config/server/utils/ParamUtils.java b/config/src/main/java/com/alibaba/nacos/config/server/utils/ParamUtils.java index 5fd03be78..e65b835f9 100644 --- a/config/src/main/java/com/alibaba/nacos/config/server/utils/ParamUtils.java +++ b/config/src/main/java/com/alibaba/nacos/config/server/utils/ParamUtils.java @@ -16,9 +16,7 @@ package com.alibaba.nacos.config.server.utils; import java.util.Map; - import com.alibaba.nacos.api.exception.NacosException; - import org.apache.commons.lang3.StringUtils; /** @@ -64,11 +62,11 @@ public class ParamUtils { } public static void checkParam(String dataId, String group, String datumId, String content) throws NacosException { - if (StringUtils.isBlank(dataId) || !ParamUtils.isValid(dataId.trim())) { + if (StringUtils.isBlank(dataId) || !isValid(dataId.trim())) { throw new NacosException(NacosException.INVALID_PARAM, "invalid dataId : " + dataId); - } else if (StringUtils.isBlank(group) || !ParamUtils.isValid(group)) { + } else if (StringUtils.isBlank(group) || !isValid(group)) { throw new NacosException(NacosException.INVALID_PARAM, "invalid group : " + group); - } else if (StringUtils.isBlank(datumId) || !ParamUtils.isValid(datumId)) { + } else if (StringUtils.isBlank(datumId) || !isValid(datumId)) { throw new NacosException(NacosException.INVALID_PARAM, "invalid datumId : " + datumId); } else if (StringUtils.isBlank(content)) { throw new NacosException(NacosException.INVALID_PARAM, "content is blank : " + content); @@ -80,7 +78,7 @@ public class ParamUtils { public static void checkParam(String tag) { if (StringUtils.isNotBlank(tag)) { - if (!ParamUtils.isValid(tag.trim())) { + if (!isValid(tag.trim())) { throw new IllegalArgumentException("invalid tag : " + tag); } if (tag.length() > TAG_MAX_LEN) { @@ -91,7 +89,7 @@ public class ParamUtils { public static void checkTenant(String tenant) { if (StringUtils.isNotBlank(tenant)) { - if (!ParamUtils.isValid(tenant.trim())) { + if (!isValid(tenant.trim())) { throw new IllegalArgumentException("invalid tenant"); } if (tenant.length() > TANANT_MAX_LEN) {