From 58c478551bb9480fdfa7d02edc6e1d941239f810 Mon Sep 17 00:00:00 2001
From: rsanchez <rsanchez@curisit.net>
Date: Wed, 02 Sep 2015 14:01:10 +0000
Subject: [PATCH] #2734 fix - Added control to prevent lic preactivation on wrong request data

---
 securis/pom.xml                                                     |    2 +-
 securis/src/main/java/net/curisit/securis/services/ApiResource.java |   14 ++++++++++----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/securis/pom.xml b/securis/pom.xml
index 9251aff..74efe79 100644
--- a/securis/pom.xml
+++ b/securis/pom.xml
@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>net.curisit</groupId>
 	<artifactId>securis-server</artifactId>
-	<version>1.0.1</version>
+	<version>1.0.2</version>
 	<name>SeCuris</name>
 	<description>CurisTEC Server Licenses</description>
 	<dependencies>
diff --git a/securis/src/main/java/net/curisit/securis/services/ApiResource.java b/securis/src/main/java/net/curisit/securis/services/ApiResource.java
index 1c30c6c..743be97 100644
--- a/securis/src/main/java/net/curisit/securis/services/ApiResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/ApiResource.java
@@ -239,6 +239,7 @@
 
     /**
      * Returns a new License file in JSON format based in a previous license
+     * There is 2 /renew services with json input and with upload file
      * 
      * @param mpfdi
      * @param bsc
@@ -301,9 +302,7 @@
             if (lic.getStatus() != LicenseStatus.ACTIVE && lic.getStatus() != LicenseStatus.PRE_ACTIVE) {
                 throw new SeCurisServiceException(ErrorCodes.INVALID_DATA, "The current license has been cancelled");
             }
-        }
-
-        if (!renew) {
+        } else {
             try {
                 lic = License.findValidLicenseByRequestData(JsonUtils.toJSON(req), em);
             } catch (SeCurisException e1) {
@@ -334,6 +333,14 @@
         }
         if (!renew && lic.getStatus() == LicenseStatus.REQUESTED && !pack.isLicensePreactivation()) {
             throw new SeCurisServiceException(ErrorCodes.NO_AVAILABLE_LICENSES, "Current pack doesn't allow license preactivation");
+        }
+
+        if (!req.getCustomerCode().equals(pack.getOrganization().getCode())) {
+            throw new SeCurisServiceException(ErrorCodes.INVALID_LICENSE_REQUEST_DATA, "Customer code is not valid: " + req.getCustomerCode());
+        }
+
+        if (!req.getLicenseTypeCode().equals(pack.getLicenseTypeCode())) {
+            throw new SeCurisServiceException(ErrorCodes.INVALID_LICENSE_REQUEST_DATA, "License type code is not valid: " + req.getLicenseTypeCode());
         }
 
         SignedLicenseBean signedLicense;
@@ -399,5 +406,4 @@
 
         return signedLicense;
     }
-
 }

--
Gitblit v1.3.2