add validation for pageNr and pageSize #EA-3872

set-common/src/main/resources/set.common.properties

@@ -22,6 +22,8 @@ set.data.endpoint.baseUrl=http://localhost:8080/set/
 user.data.endpoint.baseUrl=http://data.europeana.eu/user/
 item.data.endpoint.baseUrl=http://data.europeana.eu/item/
 
+#max size of Gallery sets
+set.gallery.size.max=100
 
 #max search results per page
 #set.search.dereference.items.max=10
@@ -30,7 +32,8 @@ item.data.endpoint.baseUrl=http://data.europeana.eu/item/
 
 set.search.dereference.items.meta.max=10
 set.retrieve.dereference.items.meta.max=100
-set.retrieve.maxpagesize.items=100
+set.retrieve.maxpagesize.items=1000
+set.retrieve.maxpagesize.items.meta=100
 
 # mongoDB settings
 ### annotation database ###
@@ -69,6 +72,3 @@ europeana.search.itemdescription.profile=minimal
 
 #the name for annotation api resources in keyckloak tokens
 authorization.api.name=usersets
-
-#max size of Gallery sets
-set.gallery.size.max=100

set-definitions/src/main/java/eu/europeana/set/definitions/config/UserSetConfigurationImpl.java

@@ -11,7 +11,7 @@ public class UserSetConfigurationImpl implements UserSetConfiguration {
   public static final String KEY_RETRIEVE_DEREFERENCE_ITEMS = "set.retrieve.dereference.items.max";
 
   public static final int DEFAULT_ITEMS_PER_PAGE = 10;
-  public static final int MIN_ITEMS_PER_PAGE = 1;
+  public static final int MIN_ITEMS_PER_PAGE = 0;
   public static final int DEFAULT_MAX_GALLERY_SIZE = 100;
   public static final int DEFAULT_MAX_ITEMS_TO_PRESENT = 1000;
   public static final int DEFAULT_MAX_ITEMS_TO_DEREF = 100;

set-web/src/main/java/eu/europeana/set/web/service/controller/BaseRest.java

@@ -370,5 +370,6 @@ protected String createAllowHeader(HttpServletRequest request) {
     protected SetProfileHelper getProfileHelper() {
       return profileHelper;
     }
+
 
 }

set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/SearchUserSetRest.java

@@ -61,9 +61,9 @@ public ResponseEntity<String> searchUserSet(
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_QF, required = false) String[] qf,
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_SORT, required = false) String sort,
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_PAGE, required = false,
-          defaultValue = "" + WebUserSetFields.DEFAULT_PAGE) int page,
+          defaultValue = "" + WebUserSetFields.DEFAULT_PAGE) String page,
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_PAGE_SIZE, required = false,
-          defaultValue = "" + CommonApiConstants.DEFAULT_PAGE_SIZE) int pageSize,
+          defaultValue = "" + CommonApiConstants.DEFAULT_PAGE_SIZE) String pageSize,
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_FACET, required = false) String facet,
       @RequestParam(value = "facet.limit", required = false, defaultValue = "50") int facetLimit,
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_PROFILE, required = false,
@@ -79,20 +79,30 @@ public ResponseEntity<String> searchUserSet(
       List<SetPageProfile> profiles = getProfilesFromRequest(profileStr, request);
       validateMultipleProfiles(profiles, profileStr);
    // get profile for pagination urls and item Page
-      SetPageProfile profile = getUserSetService().getProfileForPagination(profiles);
-      if(profile == null) {
+      SetPageProfile serializationProfile = getUserSetService().getProfileForPagination(profiles);
+      if(serializationProfile == null) {
         //if only technical profiles included in request, append the default profile
-        profiles.add(SetPageProfile.ITEMS_META);
+        serializationProfile = SetPageProfile.ITEMS_META;
+        profiles.add(serializationProfile);
       }
 
       // create facet query and validate facet - if profile is facets
       UserSetFacetQuery facetQuery = null;
       if (profiles.contains(SetPageProfile.FACETS)) {
         facetQuery = getQueryBuilder().buildUserSetFacetQuery(facet, facetLimit);
       }
+
+      Integer pageNr = WeUserSetRequestUtils.parsePageNumber(page, -1);
+
+      int maxPageSize =
+          getConfiguration().getMaxPageSize(serializationProfile.getProfileParamValue());
+
+      Integer pageItems = WeUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize,  UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE);
+
+
       //validate the search params and build the search query
       UserSetQuery searchQuery =
-          getQueryBuilder().buildUserSetQuery(query, qf, sort, page, pageSize, getConfiguration());
+          getQueryBuilder().buildUserSetQuery(query, qf, sort, pageNr, pageItems, getConfiguration());
       ResultSet<? extends UserSet> results =
           getUserSetService().search(searchQuery, facetQuery, profiles, authentication);
       String requestURL = request.getRequestURL().toString();
@@ -140,9 +150,9 @@ public ResponseEntity<String> searchItemsInSet(
           defaultValue = UserSetQueryBuilder.SEARCH_ALL) String query,
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_QF, required = false) String[] qf,
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_PAGE, required = false,
-          defaultValue = "" + WebUserSetFields.DEFAULT_PAGE) int page,
+          defaultValue = "" + WebUserSetFields.DEFAULT_PAGE) String page,
       @RequestParam(value = CommonApiConstants.QUERY_PARAM_PAGE_SIZE, required = false,
-          defaultValue = "" + UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE) int pageSize,
+          defaultValue = "" + UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE) String pageSize,
        @RequestParam(value = CommonApiConstants.QUERY_PARAM_PROFILE, required = false,
        defaultValue = ProfileConstants.VALUE_PARAM_ITEMS) String profileStr,
       HttpServletRequest request) throws HttpException {
@@ -165,7 +175,8 @@ public ResponseEntity<String> searchItemsInSet(
       SetPageProfile profile = getUserSetService().getProfileForPagination(profiles);
       if(profile == null) {
         //if only technical profiles included in request, append the default profile
-        profiles.add(SetPageProfile.ITEMS);
+        profile = SetPageProfile.ITEMS;
+        profiles.add(profile);
       }
 
       // parses and validates qf
@@ -193,8 +204,15 @@ public ResponseEntity<String> searchItemsInSet(
         filtered = Collections.emptyList();
       }
 
+      Integer pageNr = WeUserSetRequestUtils.parsePageNumber(page, -1);
+
+      int maxPageSize =
+          getConfiguration().getMaxPageSize(profile.getProfileParamValue());
+
+      Integer pageItems = WeUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize,  UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE);
+
       BaseUserSetResultPage<String> resultPage = getUserSetService().buildRecodsResultsPage(identifier,
-          filtered, page, pageSize, profile, request);
+          filtered, pageNr, pageItems, profile, request);
 
       UserSetLdSerializer serializer = new UserSetLdSerializer();
       String jsonLd = serializer.serialize(resultPage);

set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WeUserSetRequestUtils.java

@@ -1,10 +1,54 @@
 package eu.europeana.set.web.service.controller.jsonld;
 
+import eu.europeana.api.commons.definitions.config.i18n.I18nConstants;
+import eu.europeana.api.commons.definitions.vocabulary.CommonApiConstants;
+import eu.europeana.api.commons.web.exception.ParamValidationException;
+import eu.europeana.set.definitions.config.UserSetConfigurationImpl;
+import eu.europeana.set.definitions.model.vocabulary.WebUserSetFields;
 import eu.europeana.set.definitions.model.vocabulary.WebUserSetModelFields;
 
 public class WeUserSetRequestUtils {
 
   public static boolean isPinnRequest(String position) {
     return WebUserSetModelFields.PINNED_POSITION.equals(position);
   }
+
+  public static Integer parseIntegerParam(String paramName, String paramValue, int maxValue, int minValue)
+      throws ParamValidationException {
+    if (paramValue != null) {
+      try {
+        Integer value = Integer.valueOf(paramValue);
+        if ((maxValue > 0 && value > maxValue) || value < minValue) {
+          throw new ParamValidationException(I18nConstants.INVALID_PARAM_VALUE,
+              I18nConstants.INVALID_PARAM_VALUE, new String[] {paramName, paramValue});
+        }
+        return value;
+      } catch (NumberFormatException e) {
+        throw new ParamValidationException(I18nConstants.INVALID_PARAM_VALUE,
+            I18nConstants.INVALID_PARAM_VALUE, new String[] {paramName, paramValue}, e);
+      }
+    }
+    return null;
+  }
+
+  public static Integer parsePageNumber(String page, int maxPageNumber) throws ParamValidationException {
+    Integer pageNr;
+    //
+    pageNr = parseIntegerParam(CommonApiConstants.QUERY_PARAM_PAGE, page, maxPageNumber,
+        WebUserSetFields.DEFAULT_PAGE);
+    pageNr = (pageNr == null) ? Integer.valueOf(WebUserSetFields.DEFAULT_PAGE) : pageNr;
+    return pageNr;
+  }
+
+  public static Integer getPageSizeOrDefault(String pageSize, int maxPageSize,
+      final int defaultItemsPerPage) throws ParamValidationException {
+    Integer pageItems;
+
+    pageItems = parseIntegerParam(CommonApiConstants.QUERY_PARAM_PAGE_SIZE, pageSize, maxPageSize,
+        UserSetConfigurationImpl.MIN_ITEMS_PER_PAGE);
+    pageItems =
+        (pageItems == null) ? Integer.valueOf(defaultItemsPerPage)
+            : pageItems;
+    return pageItems;
+  }
 }

set-web/src/main/java/eu/europeana/set/web/service/controller/jsonld/WebUserSetRest.java

@@ -186,24 +186,18 @@ private ResponseEntity<String> processRetrieveSetPageRequest(String identifier,
     validateMultipleProfiles(profiles, profile);
     SetPageProfile searializationProfile = getUserSetService().getProfileForPagination(profiles);
 
-    pageNr = parseIntegerParam(CommonApiConstants.QUERY_PARAM_PAGE, page, -1,
-        WebUserSetFields.DEFAULT_PAGE);
-    pageNr = (pageNr == null) ? Integer.valueOf(WebUserSetFields.DEFAULT_PAGE) : pageNr;
+    pageNr = WeUserSetRequestUtils.parsePageNumber(page, -1);
+
     int maxPageSize =
         getConfiguration().getMaxPageSize(searializationProfile.getProfileParamValue());
-
-    pageItems = parseIntegerParam(CommonApiConstants.QUERY_PARAM_PAGE_SIZE, pageSize, maxPageSize,
-        UserSetConfigurationImpl.MIN_ITEMS_PER_PAGE);
-    pageItems =
-        (pageItems == null) ? Integer.valueOf(UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE)
-            : pageItems;
-    // add default profile
-
+
+    pageItems = WeUserSetRequestUtils.getPageSizeOrDefault(pageSize, maxPageSize,  UserSetConfigurationImpl.DEFAULT_ITEMS_PER_PAGE);
 
     return getUserSetPage(profiles, identifier, sortField, sortOrderField, pageNr, pageItems,
         authentication, request);
   }
 
+
   private ResponseEntity<String> processRetrieveSetRequest(String identifier,
       Authentication authentication, HttpServletRequest request) throws HttpException {
     // validate params - profile
@@ -229,24 +223,6 @@ private UserSet getSetAndVerifyAccess(String identifier, Authentication authenti
     return userSet;
   }
 
-  private Integer parseIntegerParam(String paramName, String paramValue, int maxValue, int minValue)
-      throws ParamValidationException {
-    if (paramValue != null) {
-      try {
-        Integer value = Integer.valueOf(paramValue);
-        if ((maxValue > 0 && value > maxValue) || value < minValue) {
-          throw new ParamValidationException(I18nConstants.INVALID_PARAM_VALUE,
-              I18nConstants.INVALID_PARAM_VALUE, new String[] {paramName, paramValue});
-        }
-        return value;
-      } catch (NumberFormatException e) {
-        throw new ParamValidationException(I18nConstants.INVALID_PARAM_VALUE,
-            I18nConstants.INVALID_PARAM_VALUE, new String[] {paramName, paramValue}, e);
-      }
-    }
-    return null;
-  }
-
   /**
    * This method retrieves an existing user set identified by given identifier, which is a number in
    * string format.

set-web/src/test/java/eu/europeana/set/web/service/controller/BaseRestTest.java

@@ -16,7 +16,6 @@
 import org.mockito.Mock;
 import org.mockito.Mockito;
 import org.mockito.junit.jupiter.MockitoExtension;
-import eu.europeana.api.commons.definitions.config.i18n.I18nConstants;
 import eu.europeana.api.commons.web.exception.HttpException;
 import eu.europeana.set.definitions.model.UserSet;
 import eu.europeana.set.definitions.model.vocabulary.ProfileConstants;

set-web/src/test/java/eu/europeana/set/web/service/impl/UserSetServiceImplTest.java

@@ -16,7 +16,6 @@
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 import eu.europeana.api.commons.definitions.search.ResultSet;
-import eu.europeana.api.commons.definitions.vocabulary.CommonApiConstants;
 import eu.europeana.set.definitions.model.UserSet;
 import eu.europeana.set.definitions.model.search.UserSetQuery;
 import eu.europeana.set.definitions.model.search.UserSetQueryImpl;