Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hel 537/page admin #410

Closed
wants to merge 69 commits into from
Closed

Hel 537/page admin #410

wants to merge 69 commits into from

Conversation

schlaifa
Copy link
Contributor

@schlaifa schlaifa commented Jan 4, 2024

Vérifier avant de merger

  • As-tu correctement relu ton code ?
  • As-tu besoin de revoir ton ticket avec la PO ou UX ?
  • Faut-il rajouter une nouvelle date de mise à jour sur la production ?
  • Faut-il rajouter des données dans data_set ?
  • Faut-il ajouter des variables d'environnement sur la production ?
  • Faut-il mettre à jour middleware.ts et lighthouserc.js dû à la création/suppression d'une page ?
  • Faut-il modifier Content-Security-Policy dans next.config.js ?

schlaifa and others added 30 commits November 13, 2023 15:52
@schlaifa
(hel-537) make admin page reachable for role 1 and role 2
b96cac8
@schlaifa
(hel-537) settings routes
8d19f9a
@Adolato
(hel-537) hel-537/[Profil]- Création console pour les administrateurs
7a63a62
@Adolato
(hel-537) hel-537/[Profil]- Création console pour les administrateurs
d008aac
@Adolato
(hel-537) hel-537/page-admin
722db11
@Adolato
(hel-537) hel-537/page-admin
a534830
@Adolato
(hel-537) hel-537/page-admin
439d1e5
@Adolato
(hel-537) hel-537/page-admin
b2a530a
@Adolato
(hel-537) hel-537/page-admin
e78d0a1
@Adolato
(hel-537) hel-537/page-admin
db0b7e6
@Adolato
(hel-537) hel-537/page-admin
132f54e
@Adolato
(hel-537) hel-537/page-admin
b17b6ea
@Adolato
(hel-537) hel-537/page-admin
1187f74
@Adolato
(hel-537) hel-537/page-admin
621d864
@Adolato
(hel-537) hel-537/page-admin
92af3e1
@Adolato
(hel-537) hel-537/page-admin
5f7f0a8
@Adolato
(hel-537) hel-537/page-admin
90952fe
@Adolato
(hel-537) hel-537/page-admin
99a7a6e
@Adolato
(hel-537) hel-537/page-admin
5b17967
@Adolato
(hel-537) hel-537/page-admin
461cf8d
@Adolato
(hel-537) hel-537/page-admin
f296dd8
@Adolato
(hel-537) hel-537/page-admin
03dd8ef
@Adolato
(hel-537) hel-537/page-admin
4972450
@Adolato
(hel-537) hel-537/page-admin
458ce49
@Adolato
(hel-537) hel-537/page-admin
fd24649
@Adolato
(hel-537) hel-537/page-admin
a17a97c
@Adolato
(hel-537) hel-537/page-admin
af46df8
@Adolato
(hel-537) hel-537/page-admin
636dec4
@Adolato
(hel-537) hel-537/page-admin
c088d45
@Adolato
(hel-537) hel-537/page-admin
e06098d
Adolato and others added 27 commits December 18, 2023 15:46
@Adolato
(hel-537) hel-537/page-admin acl
719a66f
@Adolato
(hel-537) hel-537/page-admin acl
f8ca238
@Adolato
(hel-537) hel-537/page-admin acl
1582a88
@Adolato
(hel-537) hel-537/page-admin acl
4b01995
@Adolato
(hel-537) hel-537/page-admin acl
08e2d89
@Adolato
(hel-537) hel-537/page-admin acl
bb5f034
@Adolato
(hel-537) hel-537/page-admin acl
52bdbdf
@Adolato
(hel-537) hel-537/page-admin merge develop & fix conflicts
4e4b1e0
@Adolato
(hel-537) hel-537/page-admin merge develop & fix conflicts
993af75
@Adolato
(hel-537) hel-537/page-admin merge develop & fix conflicts
3f7b296
@Adolato
(hel-537) hel-537/page-admin merge develop & fix conflicts
210e8e9
@Adolato
(hel-572) hel-572/inactivation_d_un_compte
7d4382c
@Adolato
(hel-572) hel-572/inactivation_d_un_compte
c9c3f46
@schlaifa
(hel-537) fix header menu
a61b3ed
@schlaifa
(hel-537) remove search bar from header
53c79d1
@schlaifa
(hel-537) fix profiles routers and breadcrumb
c377341
@schlaifa
(hel-537) fix get profiles in server side
f4b1d52
@schlaifa
(hel-537) fix code region type issue
5b8e1db
@schlaifa
(hel-537) fix wording
30d9e33
@schlaifa
(hel-537) fix clean code
be49c0a
@schlaifa
(hel-537) clean code and add connexion date at login
5da1128
@schlaifa
(hel-537) clean code
ab3b114
@schlaifa
(hel-537) profile settings available only for national admins
454f02c
@schlaifa
(hel-537) fix last connexion date in table
6aa8bd3
@Adolato
(hel-537) merge hel-572/inactivation_d_un_compte
f77c175
@Adolato
(hel-537) fix pb after merge step 1
0ff83fa
@Adolato
(hel-537) fix pb after merge step 2
90210fe
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 4, 2024
View reviewed changes
src/frontend/utils/getUserSessionBack.ts
Comment on lines +20 to +24
const resp = await fetch(`${basePath}/api/auth/session`, {
headers: headers,

method: "GET",
});

Check failure

Code scanning / CodeQL

Server-side request forgery Critical

The
URL
Loading
of this request depends on a
user-provided value
Loading
.
src/frontend/ui/commun/Header/Header.tsx
className="fr-btn"
onClick={(event) => {
event.preventDefault();
router.push(paths.ACCUEIL + "?terme=" + terme, paths.ACCUEIL);

Check warning

Code scanning / CodeQL

DOM text reinterpreted as HTML Medium

DOM text
Loading
is reinterpreted as HTML without escaping meta-characters.
src/backend/infrastructure/gateways/utilisateur-loader/TypeOrmUtilisateurLoader.ts
}
if (user) {
const hashing = createHash("sha256");
hashing.update(password);

Check failure

Code scanning / CodeQL

Use of password hash with insufficient computational effort High

Password from
an access to password
Loading
is hashed insecurely.
Password from
an access to password
Loading
is hashed insecurely.
Password from
an access to password
Loading
is hashed insecurely.
Password from
an access to password
Loading
is hashed insecurely.
Password from
an access to password
Loading
is hashed insecurely.
@schlaifa schlaifa closed this Jan 4, 2024
@schlaifa schlaifa deleted the hel-537/page-admin branch February 16, 2024 13:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@schlaifa @Adolato