SkillCert · SudiptaPaul-31 · Sep 11, 2025 · Sep 28, 2025
diff --git a/contracts/user_management/src/functions/admin_management.rs b/contracts/user_management/src/functions/admin_management.rs
@@ -1,6 +1,7 @@
 // SPDX-License-Identifier: MIT
 // Copyright (c) 2025 SkillCert
 
+use crate::schema::{AdminConfig, DataKey};
 use soroban_sdk::{Address, Env, Vec, Symbol, symbol_short};
 
 use crate::error::{handle_error, Error};
@@ -13,6 +14,7 @@ const INIT_SYSTEM_EVENT: Symbol = symbol_short!("initSys");
 const ADD_ADMIN_EVENT: Symbol = symbol_short!("addAdmin");
 const REMOVE_ADMIN_EVENT: Symbol = symbol_short!("rmvAdmin");
 
+
 /// Initialize the admin system - can only be called once
 pub fn initialize_system(
     env: Env,

diff --git a/contracts/user_management/src/functions/create_user_profile.rs b/contracts/user_management/src/functions/create_user_profile.rs
@@ -3,6 +3,7 @@
 
 use crate::error::{handle_error, Error};
 use crate::schema::{DataKey, LightProfile, UserProfile, UserRole, UserStatus};
+use crate::error::{Error, handle_error};
 use core::iter::Iterator;
 use soroban_sdk::{symbol_short, Address, Env, String, Symbol, Vec};
 

diff --git a/contracts/user_management/src/functions/delete_user.rs b/contracts/user_management/src/functions/delete_user.rs
@@ -3,6 +3,7 @@
 
 use crate::error::{handle_error, Error};
 use crate::schema::{AdminConfig, DataKey, LightProfile, UserProfile, UserStatus};
+use crate::error::{Error, handle_error};
 use core::iter::Iterator;
 use soroban_sdk::{symbol_short, Address, Env, Symbol};
 

diff --git a/contracts/user_management/src/functions/get_user_by_id.rs b/contracts/user_management/src/functions/get_user_by_id.rs
@@ -5,6 +5,8 @@ use soroban_sdk::{Address, Env};
 
 use crate::error::{handle_error, Error};
 use crate::schema::{DataKey, UserProfile};
+use crate::error::{Error, handle_error};
+use soroban_sdk::{symbol_short, Address, Env, Symbol};
 use core::iter::Iterator;
 
 /// Get User by ID

diff --git a/contracts/user_management/src/functions/list_all_registered_users.rs b/contracts/user_management/src/functions/list_all_registered_users.rs
@@ -1,6 +1,8 @@
 // SPDX-License-Identifier: MIT
 // Copyright (c) 2025 SkillCert
 
+
+use crate::schema::{AdminConfig, DataKey, LightProfile, UserRole, UserStatus};
 use soroban_sdk::{Address, Env, String, Vec};
 
 use crate::error::{handle_error, Error};

diff --git a/contracts/user_management/src/functions/save_profile.rs b/contracts/user_management/src/functions/save_profile.rs
@@ -1,6 +1,31 @@
 // SPDX-License-Identifier: MIT
 // Copyright (c) 2025 SkillCert
 
+use crate::schema::{DataKey, LightProfile, UserProfile, UserRole, UserStatus};
+use crate::error::{Error, handle_error};
+use soroban_sdk::{Address, Env, String, Vec};
+
+/// Security constants for profile validation
+const MAX_NAME_LENGTH: usize = 100;
+const MAX_EMAIL_LENGTH: usize = 320; // RFC 5321 standard
+const MAX_SPECIALIZATION_LENGTH: usize = 100;
+const MAX_LANGUAGE_LENGTH: usize = 50;
+const MAX_CATEGORY_LENGTH: usize = 100;
+const MAX_PASSWORD_LENGTH: usize = 128;
+const MIN_PASSWORD_LENGTH: usize = 8;
+
+/// Validates string content for security
+fn validate_string_content(_env: &Env, s: &String, max_len: usize) -> bool {
+    if s.len() > max_len as u32 {
+        return false;
+    }
+
+    // For no_std environment, we'll do basic length validation
+    // More sophisticated pattern matching can be added if needed
+    true
+}
+
+pub fn user_management_save_profile(
 use crate::error::{handle_error, Error};
 use crate::schema::{
     UserProfile,