fix: validate uuid loaded from disk (#68)

Signed-off-by: Andre Dietisheim <[email protected]>
Co-authored-by: Stephane Bouchet <[email protected]>
Co-authored-by: Fred Bricon <[email protected]>

Author: 3 people

src/main/java/com/redhat/devtools/intellij/telemetry/core/service/UserId.java

@@ -16,10 +16,10 @@
 import com.redhat.devtools.intellij.telemetry.core.util.Lazy;
 
 import java.io.IOException;
-import java.io.Writer;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.util.UUID;
+import java.util.regex.Pattern;
 import java.util.stream.Stream;
 
 public class UserId {
@@ -28,26 +28,37 @@ public class UserId {
 
     public static final UserId INSTANCE = new UserId();
     private static final Path UUID_FILE = Directories.RED_HAT.resolve("anonymousId");
-
+    private static final Pattern UUID_REGEX =
+            Pattern.compile("^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$");
     private final Lazy<String> uuid = new Lazy<>(() -> loadOrCreate(UUID_FILE));
 
-    private UserId() {}
+    /** for testing purposes */
+    protected UserId() {}
 
     public String get() {
         return uuid.get();
     }
 
     private String loadOrCreate(Path file) {
-        if (Files.exists(file)) {
-            return load(file);
-        } else {
-            String uuid = UUID.randomUUID().toString();
-            write(uuid, file);
-            return uuid;
+        String uuid = null;
+        if (exists(file)) {
+            uuid = load(file);
+            if (isValid(uuid)) {
+                return uuid;
+            }
         }
+        uuid = create();
+        write(uuid, file);
+        return uuid;
+    }
+
+    /** for testing purposes */
+    protected boolean exists(Path file) {
+        return Files.exists(file);
     }
 
-    private String load(Path uuidFile) {
+    /** for testing purposes */
+    protected String load(Path uuidFile) {
         String uuid = null;
         try(Stream<String> lines = Files.lines(uuidFile)) {
             uuid = lines
@@ -60,7 +71,19 @@ private String load(Path uuidFile) {
         return uuid;
     }
 
-    private void write(String uuid, Path uuidFile) {
+    private boolean isValid(String uuid) {
+        if (uuid == null) {
+            return false;
+        }
+        return UUID_REGEX.matcher(uuid).matches();
+    }
+
+    private String create() {
+        return UUID.randomUUID().toString();
+    }
+
+    /** for testing purposes */
+    protected void write(String uuid, Path uuidFile) {
         try {
             FileUtils.createFileAndParent(uuidFile);
             FileUtils.write(uuid, uuidFile);

src/test/java/com/redhat/devtools/intellij/telemetry/core/service/UserIdTest.java

@@ -0,0 +1,94 @@
+/*******************************************************************************
+ * Copyright (c) 2023 Red Hat, Inc.
+ * Distributed under license by Red Hat, Inc. All rights reserved.
+ * This program is made available under the terms of the
+ * Eclipse Public License v2.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v20.html
+ *
+ * Contributors:
+ * Red Hat, Inc. - initial API and implementation
+ ******************************************************************************/
+package com.redhat.devtools.intellij.telemetry.core.service;
+
+import org.junit.jupiter.api.Test;
+
+import java.nio.file.Path;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class UserIdTest {
+
+    private static final String UUID = "123e4567-e89b-12d3-a456-426614174000";
+    private static final String INVALID_UUID = "bogus";
+
+    @Test
+    void get_should_load_and_not_write_if_file_exists_and_has_valid_UUID() {
+        // given
+        TestableUserId user = new TestableUserId(true, UUID);
+        // when
+        user.get();
+        // then
+        assertThat(user.loaded).isTrue();
+        assertThat(user.written).isFalse();
+    }
+
+    @Test
+    void get_should_not_load_if_file_doesnt_exist() {
+        // given
+        TestableUserId user = new TestableUserId(false, UUID);
+        // when
+        user.get();
+        // then
+        assertThat(user.loaded).isFalse();
+    }
+
+    @Test
+    void get_should_write_if_file_doesnt_exist() {
+        // given
+        TestableUserId user = new TestableUserId(false, null);
+        // when
+        user.get();
+        // then
+        assertThat(user.written).isTrue();
+    }
+
+    @Test
+    void get_should_write_if_file_exists_but_is_invalid() {
+        // given
+        TestableUserId user = new TestableUserId(true, INVALID_UUID);
+        // when
+        user.get();
+        // then
+        assertThat(user.written).isTrue();
+    }
+
+    private static class TestableUserId extends UserId {
+
+        private final boolean exists;
+        private final String loadedUUID;
+        boolean loaded = false;
+        boolean written = false;
+
+        public TestableUserId(boolean exists, String loadedUUID) {
+            this.exists = exists;
+            this.loadedUUID = loadedUUID;
+        }
+
+        @Override
+        public boolean exists(Path file) {
+            return exists;
+        }
+
+        @Override
+        public String load(Path file) {
+            this.loaded = true;
+            return loadedUUID;
+        }
+
+        @Override
+        protected void write(String uuid, Path uuidFile) {
+            this.written = true;
+        }
+    }
+
+}