Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(jans-cli-tui): populate config-api widgets when page entered #9436

Merged
merged 2 commits into from
Sep 10, 2024
Merged

fix(jans-cli-tui): populate config-api widgets when page entered #9436

merged 2 commits into from
Sep 10, 2024

Conversation

devrimyatar
Copy link
Contributor

closes #9414

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@devrimyatar
fix(jans-cli-tui): populate config-api widgets when page entered
ff2b60f 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar devrimyatar added kind-bug Issue or PR is a bug in existing functionality comp-jans-cli-tui Component affected by issue or PR labels Sep 10, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Sep 10, 2024
edited
Loading

DryRun Security Summary

The pull request focuses on improving the functionality of the Jans CLI TUI application, including changes to the retrieval and handling of attributes from the Jans server and the configuration API plugin, without introducing any obvious security concerns, but requiring proper validation and sanitization of input parameters and configuration data.

Expand for full summary

Summary:

The code changes in this pull request are focused on improving the functionality of the Jans CLI TUI application, specifically related to the retrieval and handling of attributes from the Jans server and the configuration API plugin.

The changes in the background_tasks.py file are related to the retrieval of attributes from the Jans server. The changes involve storing the retrieved attributes in a separate list before updating the common_data.jans_attributes list. This change does not introduce any obvious security concerns, but it's important to ensure that the input parameters used in the API requests are properly validated and sanitized to prevent potential injection attacks.

The changes in the main.py file of the Config API plugin involve updating the initialization and handling of the configuration data. The changes include moving the attribute widget feeding to the on_page_enter method, creating a background task to fetch the configuration, and updating the schema retrieval and UI rendering. These changes also do not appear to introduce any immediate security vulnerabilities, but it's crucial to ensure that the configuration data is properly validated and sanitized to prevent potential security issues.

Files Changed:

  1. jans-cli-tui/cli_tui/utils/background_tasks.py:

    • The get_attributes_coroutine function has been modified to store the retrieved attributes in a separate jans_attributes list before updating the common_data.jans_attributes list.
    • The changes do not introduce any obvious security concerns, but it's important to ensure that the input parameters used in the API requests are properly validated and sanitized.

  2. jans-cli-tui/cli_tui/plugins/140_config_api/main.py:

    • The __init__ method no longer appends the feed_attribute_widgets function to the common_data.background_tasks_feeds['attributes'] list, and instead, it is called in the on_page_enter method.
    • The init_plugin method now creates a background task to fetch the configuration using the get_configuration method.
    • The create_widgets method has been updated to use the get_schema_from_reference method to retrieve the schema for the ApiAppConfiguration component.
    • The get_configuration method has been updated to handle errors when fetching the configuration and to call the create_widgets method to update the UI.
    • The changes do not appear to introduce any obvious security concerns, but it's important to ensure that the configuration data is properly validated and sanitized.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-cli'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-core'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@yuriyz yuriyz enabled auto-merge (squash) September 10, 2024 09:39
@yuriyz yuriyz merged commit 19e770a into main Sep 10, 2024
14 checks passed
@yuriyz yuriyz deleted the jans-cli-tui-background-task-9414 branch September 10, 2024 09:40
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@devrimyatar
fix(jans-cli-tui): populate config-api widgets when page entered (#9436)
1f8f60d 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Former-commit-id: 19e770a
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyz yuriyz yuriyz approved these changes

@yuriyzz yuriyzz yuriyzz approved these changes

@pujavs pujavs Awaiting requested review from pujavs

Assignees
No one assigned
Labels
comp-jans-cli-tui Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Fix (jans-config-api ): TUI is failed to open.
3 participants
@devrimyatar @yuriyz @yuriyzz