Request body:
{ "function_name": "ADD_TDC", "proj_id": "SER00001", "extraction_date" : "2015-11-16", "test_data_characteristic_id" : "MYC09", "test_case_id" : "TC6", "test_data": ["100261023","123"," "], "number_of_test_accounts" : 10, "test_data": "100261023", "test_workarea" : "SRVCIT01", "test_region" : "VT" }
Error message:
{"fault":"{\"detail\":{\"errorcode\":\"steps.regexprotection.ExecutionFailed\"},\"faultstring\":\"Failed to execute the RegularExpressionProtection StepDefinition TstDatamgmt_RegExpProtection_JSONPayload. Reason: Unexpected duplicate key:test_data at position 225.\"}"}
XML Policy :
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <RegularExpressionProtection async="false" continueOnError="false" enabled="true" name="TstDatamgmt_RegExpProtection_JSONPayload"> <DisplayName>TstDatamgmt_RegExpProtection_JSONPayload</DisplayName> <FaultRules/> <Properties/> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <JSONPayload> <JSONPath> <Expression>$.</Expression> <Pattern ignoreCase="true">\b(ALTER( +TABLE){1,1}|CREATE( +TABLE| +INDEX| +DB| +DATABASE| +VIEW){1,1}|(DELETE[*\s+]+FROM)|DROP( +TABLE| +INDEX| +DB| +DATABASE){1,1}|TRUNCATE( +TABLE){1,1}|EXEC(UTE){0,1}|INSERT( +INTO){1,1}|MERGE|((SELECT)(\s+[\S,\s]+\s+))(FROM)|(UPDATE)(\s+[\S,\s]+\s)(SET)|UNION\s*( +ALL){0,1})\b</Pattern> <Pattern ignoreCase="true">\b(include|exec|echo|config|printenv)\b</Pattern> <Pattern ignoreCase="true"><\s*script\b[^>]*>[^<]+<\s*/\s*script\s*></Pattern> </JSONPath> </JSONPayload> </RegularExpressionProtection>
Hi @krishnakumar ,you cannot use the same name.
The following entity properties are used as primary keys,
For more info on entity types, kindly visit the below link...
http://docs.apigee.com/app-services/content/default-data-entities
@Barahalikar Siddharth , Above question talks about Regular expression protection policy, Your answer is about Apigee BaaS.
@krishnakumar , Can you please post the regular expression protection policy xml ?
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <RegularExpressionProtection async="false" continueOnError="false" enabled="true" name="TstDatamgmt_RegExpProtection_JSONPayload"> <DisplayName>TstDatamgmt_RegExpProtection_JSONPayload</DisplayName> <FaultRules/> <Properties/> <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables> <JSONPayload> <JSONPath> <Expression>$.</Expression> <!-- Sample Patterns --> <!-- SQL Inject --> <Pattern ignoreCase="true">\b(ALTER( +TABLE){1,1}|CREATE( +TABLE| +INDEX| +DB| +DATABASE| +VIEW){1,1}|(DELETE[*\s+]+FROM)|DROP( +TABLE| +INDEX| +DB| +DATABASE){1,1}|TRUNCATE( +TABLE){1,1}|EXEC(UTE){0,1}|INSERT( +INTO){1,1}|MERGE|((SELECT)(\s+[\S,\s]+\s+))(FROM)|(UPDATE)(\s+[\S,\s]+\s)(SET)|UNION\s*( +ALL){0,1})\b</Pattern> <!-- Server side include --> <Pattern ignoreCase="true">\b(include|exec|echo|config|printenv)\b</Pattern> <!-- Java script --> <Pattern ignoreCase="true"><\s*script\b[^>]*>[^<]+<\s*/\s*script\s*></Pattern> </JSONPath> </JSONPayload> </RegularExpressionProtection>
Hi @krishnakumar,
I had a look at your request body, I found that it is not valid itself as you have two key fields named test_data in it viz. "test_data": ["100261023", "123", " "], and "test_data": "100261023" which is not acceptable. Hence the policy failed
Cheers,
Neeraj