Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(jans-cli-tui): scim patch operation #9474

Merged
merged 3 commits into from
Sep 12, 2024
Merged

fix(jans-cli-tui): scim patch operation #9474

merged 3 commits into from
Sep 12, 2024

Conversation

devrimyatar
Copy link
Contributor

@devrimyatar devrimyatar commented Sep 12, 2024
edited
Loading

closes #9472

  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

@devrimyatar
fix(jans-cli-tui): scim patch operation
07b05bc 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar devrimyatar marked this pull request as draft September 12, 2024 09:14
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Sep 12, 2024
edited
Loading

DryRun Security Summary

The pull request focuses on improving the validation and handling of PATCH requests in the Jans Config API CLI application, as well as enhancing the user management functionality of the Janssen Server, including the introduction of a new patch-user-by-id operation.

Expand for full summary

Summary:

The code changes in this pull request focus on improving the validation and handling of PATCH requests in the Jans Config API CLI application, as well as enhancing the user management functionality of the Janssen Server.

The changes to the cli_tui/cli/config_cli.py file ensure that the op and path fields in the PATCH request data are properly formatted and validated before processing the request. This helps to prevent potential errors or unexpected behavior during the PATCH operation, which is a positive security enhancement.

The changes to the docs/admin/config-guide/scim-config/user-config.md file introduce new user management features, such as the ability to perform partial updates on user profiles using the patch-user-by-id operation. While these features can improve the flexibility and usability of the Janssen Server's user management functionality, it is essential to ensure that appropriate security controls and best practices are in place, such as robust input validation, access control, and comprehensive logging and auditing.

Files Changed:

  1. jans-cli-tui/cli_tui/cli/config_cli.py:

    • The process_command_patch function now checks the op field in the PATCH request data to ensure it is a valid operation, and it also ensures that the path field starts with a forward slash.
    • These changes improve the validation of the PATCH request data, reducing the risk of potential security vulnerabilities.

  2. docs/admin/config-guide/scim-config/user-config.md:

    • The changes introduce the patch-user-by-id operation, which allows partially updating a user's properties.
    • The code provides a sample JSON payload for the patch-user-by-id operation and examples of how to use the Janssen CLI and REST API for user management.
    • From a security perspective, it is important to ensure that appropriate input validation, access control, and logging/auditing mechanisms are in place for these user management features.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added comp-jans-cli-tui Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality labels Sep 12, 2024
@devrimyatar
docs(jans-cli-tui): scim user patch
e51eb2f 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar
fix(jans-cli-tui): sample PatchRequest for scim
fb429d4 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar devrimyatar marked this pull request as ready for review September 12, 2024 09:45
@mo-auto mo-auto added the area-documentation Documentation needs to change as part of issue or PR label Sep 12, 2024
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-cli'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@yuriyz yuriyz merged commit 5584e9f into main Sep 12, 2024
12 checks passed
@yuriyz yuriyz deleted the jans-cli-tui-scim-patch-9472 branch September 12, 2024 10:02
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@devrimyatar
fix(jans-cli-tui): scim patch operation (#9474)
b65ec75 
* fix(jans-cli-tui): scim patch operation

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* docs(jans-cli-tui): scim user patch

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-cli-tui): sample PatchRequest for scim

Signed-off-by: Mustafa Baser <mbaser@mail.com>

---------

Signed-off-by: Mustafa Baser <mbaser@mail.com>
Former-commit-id: 5584e9f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ossdhaval ossdhaval ossdhaval approved these changes

@yuriyz yuriyz yuriyz approved these changes

@imShakil imShakil Awaiting requested review from imShakil

Assignees
No one assigned
Labels
area-documentation Documentation needs to change as part of issue or PR comp-jans-cli-tui Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(jans-cli-tui): scim patch operation
4 participants
@devrimyatar @ossdhaval @yuriyz @mo-auto