X Tutup
Skip to content

Sanitize data that gets sent to server on user create via webUI#39306

Merged
micbar merged 2 commits intomasterfrom
issues/32619
Oct 6, 2021
Merged

Sanitize data that gets sent to server on user create via webUI#39306
micbar merged 2 commits intomasterfrom
issues/32619

Conversation

@AlexAndBear
Copy link

@AlexAndBear AlexAndBear commented Sep 29, 2021
edited
Loading

Description

Bugfix: Sanitize data send to the server while creating users via webUI

Before this change toggle between 'Set password for new users' option,
may preserve and send unwanted password or email information.
This has been fixed, the webUI will not send email data to the server
if the option 'Set password for new users' is active,
vice versa password won't be sent if the option is disabled.

Related Issue

Motivation and Context

How Has This Been Tested?

  • test environment:
  • test case 1:
  • test case 2:
  • ...

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:
  • Changelog item, see TEMPLATE

@AlexAndBear AlexAndBear marked this pull request as ready for review September 29, 2021 11:17
@owncloud owncloud deleted a comment from update-docs bot Sep 29, 2021
@AlexAndBear AlexAndBear force-pushed the issues/32619 branch 3 times, most recently from ccb4b72 to 9f366a6 Compare September 29, 2021 11:48
phil-davis
phil-davis approved these changes Sep 29, 2021
View reviewed changes
Copy link
Contributor

@phil-davis phil-davis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test by:

  • uncheck "Set password for new users"
  • enter username "t123" and email "test" (thinking it is the password field)
  • click Create
  • see the message about "invalid email address"
  • realize your error, now check "Set password for new users"
  • enter "test" in the password field
  • click Create

On master I get the message again about "invalid email address"

On this branch the user is created and has the initial password "test".

Works

@phil-davis phil-davis changed the title Sanitize data gets send to server on user create via webUI Sanitize data gets sent to server on user create via webUI Sep 29, 2021
@phil-davis phil-davis changed the title Sanitize data gets sent to server on user create via webUI Sanitize data that gets sent to server on user create via webUI Sep 29, 2021
@phil-davis
Copy link
Contributor

phil-davis commented Sep 29, 2021

IMO this is a bit of an edge case. No need to add an automated test scenario for this sequence. (If we have a scenario for every different possible order of clicking settings on/off and entering data in different orders, then the test matrix will explode and we will be the cause of global warming)

@phil-davis phil-davis mentioned this pull request Sep 29, 2021
Closed
jvillafanez
jvillafanez reviewed Sep 29, 2021
View reviewed changes
Copy link
Member

@jvillafanez jvillafanez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a couple of minor things, but overall looks good

@AlexAndBear
Copy link
Author

AlexAndBear commented Sep 29, 2021

Note, added a slightly UI improvement, + add group has now cursor:pointer

@sonarqubecloud
Copy link

sonarqubecloud bot commented Sep 29, 2021

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

0.0% 0.0% Coverage
0.0% 0.0% Duplication

@AlexAndBear
Copy link
Author

AlexAndBear commented Sep 29, 2021

Before the recent commit we had 0 coverage Sonar Cloud passed, now he have 0 again and it fails?

@AlexAndBear
Copy link
Author

AlexAndBear commented Oct 1, 2021

@micbar can you merge please ?

@phil-davis
Copy link
Contributor

phil-davis commented Oct 6, 2021

@micbar ping - this is ready for merge. It just needs override of the coverage.

@micbar micbar merged commit 2800ecb into master Oct 6, 2021
@delete-merged-branch delete-merged-branch bot deleted the issues/32619 branch October 6, 2021 19:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jvillafanez jvillafanez jvillafanez approved these changes

@phil-davis phil-davis phil-davis approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Switch between email and password in user creation form issue

4 participants

@AlexAndBear @phil-davis @jvillafanez @micbar
X Tutup