search

eclipse / kapua

Eclipse Public License 2.0
222 stars 160 forks source link

:fix: ScopeId bypass fix #4060

Closed dseurotech closed 2 months ago

dseurotech commented 2 months ago

A scopeId can contain dashes. On some rest endpoints, to maintain the legacy (deprecated) representation that accepted (and then ignored) the scopeId as the first part of the url, the regex \w+ has been used - however that covers MOST of the characters that can appear in a ScopeId, except the dash. This pr fixes that.

codecov[bot] commented 2 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 16.81%. Comparing base (9ab98f4) to head (8b57465).

Additional details and impacted files [![Impacted file tree graph](https://app.codecov.io/gh/eclipse/kapua/pull/4060/graphs/tree.svg?width=650&height=150&src=pr&token=1P4N4CApH8&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse)](https://app.codecov.io/gh/eclipse/kapua/pull/4060?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse) ```diff @@ Coverage Diff @@ ## develop #4060 +/- ## ========================================== Coverage 16.81% 16.81% Complexity 22 22 ========================================== Files 2008 2008 Lines 52113 52113 Branches 4387 4387 ========================================== Hits 8763 8763 Misses 42957 42957 Partials 393 393 ``` | [Files](https://app.codecov.io/gh/eclipse/kapua/pull/4060?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse) | Coverage Δ | | |---|---|---| | [.../kapua/app/api/resources/v1/resources/Account.java](https://app.codecov.io/gh/eclipse/kapua/pull/4060?src=pr&el=tree&filepath=rest-api%2Fresources%2Fsrc%2Fmain%2Fjava%2Forg%2Feclipse%2Fkapua%2Fapp%2Fapi%2Fresources%2Fv1%2Fresources%2FAccount.java&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse#diff-cmVzdC1hcGkvcmVzb3VyY2VzL3NyYy9tYWluL2phdmEvb3JnL2VjbGlwc2Uva2FwdWEvYXBwL2FwaS9yZXNvdXJjZXMvdjEvcmVzb3VyY2VzL0FjY291bnQuamF2YQ==) | `0.00% <ø> (ø)` | | | [...pp/api/resources/v1/resources/UserCredentials.java](https://app.codecov.io/gh/eclipse/kapua/pull/4060?src=pr&el=tree&filepath=rest-api%2Fresources%2Fsrc%2Fmain%2Fjava%2Forg%2Feclipse%2Fkapua%2Fapp%2Fapi%2Fresources%2Fv1%2Fresources%2FUserCredentials.java&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse#diff-cmVzdC1hcGkvcmVzb3VyY2VzL3NyYy9tYWluL2phdmEvb3JnL2VjbGlwc2Uva2FwdWEvYXBwL2FwaS9yZXNvdXJjZXMvdjEvcmVzb3VyY2VzL1VzZXJDcmVkZW50aWFscy5qYXZh) | `0.00% <ø> (ø)` | | | [...a/app/api/resources/v1/resources/UserProfiles.java](https://app.codecov.io/gh/eclipse/kapua/pull/4060?src=pr&el=tree&filepath=rest-api%2Fresources%2Fsrc%2Fmain%2Fjava%2Forg%2Feclipse%2Fkapua%2Fapp%2Fapi%2Fresources%2Fv1%2Fresources%2FUserProfiles.java&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse#diff-cmVzdC1hcGkvcmVzb3VyY2VzL3NyYy9tYWluL2phdmEvb3JnL2VjbGlwc2Uva2FwdWEvYXBwL2FwaS9yZXNvdXJjZXMvdjEvcmVzb3VyY2VzL1VzZXJQcm9maWxlcy5qYXZh) | `0.00% <ø> (ø)` | |