[GitHub] [directory-scimple] erant10 commented on a diff in pull request #213: Draft: Applying Patches to resources
erant10 commented on code in PR #213:
URL: https://github.com/apache/directory-scimple/pull/213#discussion_r1084724464
##
scim-spec/scim-spec-schema/src/main/java/org/apache/directory/scim/spec/filter/InMemoryScimFilterMatcher.java:
##
@@ -158,8 +159,11 @@ public boolean test(R actual) {
// now walk the attribute path again to get the accessor and value
Schema.Attribute schemaAttribute =
attributeContainer.getAttribute(attributeReference.getAttributeName());
- actual = schemaAttribute.getAccessor().get(actual);
-
+ if (actual instanceof ScimResource) {
+// actual is the top level scim resource - need to extract the top
attribute.
+// otherwise we can move on directly to the sub-attribute
+actual = schemaAttribute.getAccessor().get(actual);
+ }
Review Comment:
actually this is a bug I just fixed in my latest commit. My original thought
was that we should only "drill down" into the object if actual is a
ScimResource (i.e. User/Group) but not if its an Attribute (e.g. Email). But I
was wrong, and thats what was breaking the test lol. Anyway I added a method to
the Schema interface which will check if a field is accessible. I think this
fixes it, let me know if it makes more sense now
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-scimple] bdemers commented on a diff in pull request #213: Draft: Applying Patches to resources
bdemers commented on code in PR #213:
URL: https://github.com/apache/directory-scimple/pull/213#discussion_r1084722794
##
scim-spec/scim-spec-schema/src/main/java/org/apache/directory/scim/spec/filter/InMemoryScimFilterMatcher.java:
##
@@ -158,8 +159,11 @@ public boolean test(R actual) {
// now walk the attribute path again to get the accessor and value
Schema.Attribute schemaAttribute =
attributeContainer.getAttribute(attributeReference.getAttributeName());
- actual = schemaAttribute.getAccessor().get(actual);
-
+ if (actual instanceof ScimResource) {
+// actual is the top level scim resource - need to extract the top
attribute.
+// otherwise we can move on directly to the sub-attribute
+actual = schemaAttribute.getAccessor().get(actual);
+ }
Review Comment:
@erant10
樂 This bit has me confused.
Locally, I reverted this back the previous try/catch/todo, and all the tests
pass.
But I haven't been able to figure out what condition causes this error. Any
ideas?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-scimple] bdemers merged pull request #238: Remove KeyedResource
bdemers merged PR #238: URL: https://github.com/apache/directory-scimple/pull/238 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-scimple] bdemers merged pull request #237: Add missing attribute description
bdemers merged PR #237: URL: https://github.com/apache/directory-scimple/pull/237 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-scimple] bdemers opened a new pull request, #239: Fix fluent method return types
bdemers opened a new pull request, #239: URL: https://github.com/apache/directory-scimple/pull/239 - Bump version.spring-boot from 3.0.1 to 3.0.2 - Fixing return type of fluent setters extending BaseResource -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-scimple] bdemers opened a new pull request, #238: Remove KeyedResource
bdemers opened a new pull request, #238: URL: https://github.com/apache/directory-scimple/pull/238 The "key" attribute is not part of the SCIM spec -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-scimple] bdemers merged pull request #234: Bump version.spring-boot from 3.0.1 to 3.0.2
bdemers merged PR #234: URL: https://github.com/apache/directory-scimple/pull/234 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-scimple] bdemers merged pull request #235: Bump dependency-check-maven from 8.0.0 to 8.0.1
bdemers merged PR #235: URL: https://github.com/apache/directory-scimple/pull/235 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-scimple] bdemers merged pull request #236: Bump assertj-core from 3.24.1 to 3.24.2
bdemers merged PR #236: URL: https://github.com/apache/directory-scimple/pull/236 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-kerby] github-code-scanning[bot] commented on a diff in pull request #131: Make sure the keytab file is being written out to the correct directory
github-code-scanning[bot] commented on code in PR #131:
URL: https://github.com/apache/directory-kerby/pull/131#discussion_r1083913993
##
has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/KadminApi.java:
##
@@ -116,11 +117,18 @@
.replace('?', '-')
+ ".keytab");
try {
+// Check we are not writing out of the desired
target directory
+if
(!keytabFile.getCanonicalPath().startsWith(path.getCanonicalPath())) {
Review Comment:
## Partial path traversal vulnerability from remote
Partial Path Traversal Vulnerability due to insufficient guard against path
traversal from [user-supplied data](1).
[Show more
details](https://github.com/apache/directory-kerby/security/code-scanning/25)
##
has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/KadminApi.java:
##
@@ -134,14 +142,21 @@
~} else {
~File path = new File("/tmp/" + System.currentTimeMillis());
if (path.mkdirs()) {
File keytabFile = new File(path,
principal.replace('/', '-') + ".keytab");
try {
+// Check we are not writing out of the desired
target directory
+if
(!keytabFile.getCanonicalPath().startsWith(path.getCanonicalPath())) {
Review Comment:
## Partial path traversal vulnerability from remote
Partial Path Traversal Vulnerability due to insufficient guard against path
traversal from [user-supplied data](1).
[Show more
details](https://github.com/apache/directory-kerby/security/code-scanning/26)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
-
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-kerby] coheigea merged pull request #135: Bump dependency-check-maven from 7.4.1 to 8.0.1
coheigea merged PR #135: URL: https://github.com/apache/directory-kerby/pull/135 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-kerby] coheigea merged pull request #134: Bump modernizer-maven-plugin from 2.3.0 to 2.5.0
coheigea merged PR #134: URL: https://github.com/apache/directory-kerby/pull/134 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-kerby] coheigea merged pull request #133: Bump jmh.version from 1.31 to 1.36
coheigea merged PR #133: URL: https://github.com/apache/directory-kerby/pull/133 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-kerby] coheigea merged pull request #132: Bump apache from 23 to 29
coheigea merged PR #132: URL: https://github.com/apache/directory-kerby/pull/132 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-kerby] coheigea merged pull request #131: Make sure the keytab file is being written out to the correct directory
coheigea merged PR #131: URL: https://github.com/apache/directory-kerby/pull/131 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
[GitHub] [directory-kerby] coheigea commented on pull request #130: Bump mockito-core from 4.5.1 to 5.0.0
coheigea commented on PR #130: URL: https://github.com/apache/directory-kerby/pull/130#issuecomment-1400130622 @dependabot ignore this major version -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org - To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org
