Index: management/univention-management-console-module-ucr/umc/js/ucr.js =================================================================== --- management/univention-management-console-module-ucr/umc/js/ucr.js (Revision 73141) +++ management/univention-management-console-module-ucr/umc/js/ucr.js (Arbeitskopie) @@ -77,7 +77,11 @@ type: TextBox, name: 'key', description: _( 'Name of UCR variable' ), - label: _( 'UCR variable' ) + label: _( 'UCR variable' ), + invalidMessage: _( 'A valid key must contain at least one character and can only contain letters, numerals, and "/", ".", "_", "-".' ), + validator: function (value, constraints) { + return !!value && !/[^a-zA-Z0-9/._-]/.test(value); + } }, { type: TextBox, name: 'value', @@ -105,8 +109,10 @@ label: _( 'Save' ), style: 'float: right', callback: lang.hitch(this, function() { - this._form.save(); - this.hide(); + if (this._form.getWidget('key').isValid()) { + this._form.save(); + this.hide(); + } }) }, { //FIXME: Should be much simpler. The key name should be enough Index: management/univention-management-console-module-ucr/umc/python/ucr/__init__.py =================================================================== --- management/univention-management-console-module-ucr/umc/python/ucr/__init__.py (Revision 73141) +++ management/univention-management-console-module-ucr/umc/python/ucr/__init__.py (Arbeitskopie) @@ -31,6 +31,8 @@ # /usr/share/common-licenses/AGPL-3; if not, see # . +import re + from univention.lib.i18n import Translation from univention.management.console.modules import Base from univention.management.console.protocol.definitions import * @@ -86,7 +88,24 @@ return False def add( self, request ): - # does the same as put + if isinstance( request.options, ( list, tuple ) ): + for _var in request.options: + try: + var = _var['object'] + key = var['key'] + ucrinfo = ConfigRegistryInfo(registered_only=False) + if ucrinfo.get_variable(key) is not None: + request.status = BAD_REQUEST_INVALID_ARGS + self.finished(request.id, False, message = _('The key %s is already in use for an existing UCR variable.') % key) + except KeyError: + # handle the case that no key is given for an UCR variable entry + request.status = BAD_REQUEST_INVALID_OPTS + self.finished(request.id, False, message = _('Invalid UCR variable entry, the properties "key" and "value" need to be specified.')) + return + else: + request.status = BAD_REQUEST_INVALID_OPTS + self.finished(request.id, False) + self.put( request ) def put( self, request ): @@ -99,6 +118,11 @@ var = _var['object'] value = var['value'] or '' key = var['key'] + if not re.match('^[a-zA-Z0-9/._-]+$', key): + success = False + request.status = BAD_REQUEST_INVALID_ARGS + message = _( 'A valid key must contain at least one character and can only contain letters, numerals, and "/", ".", "_", "-".' ) + break if self.is_readonly( key ): success = False message = _( 'The UCR variable %s is read-only and can not be changed!' ) % key