Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[VAS] Bug 11305 10529 9960: accession register fixes #1298

Merged
merged 3 commits into from
Apr 25, 2023
Merged

[VAS] Bug 11305 10529 9960: accession register fixes #1298

merged 3 commits into from
Apr 25, 2023

Conversation

laedanrex
Copy link
Contributor

@laedanrex laedanrex commented Mar 31, 2023
edited
Loading

Description

Description des modifications

Bug filtre par entrée ayant subie une opération de transfert dans la recherche avancée du registre des fonds
BUG filtre sur les opérations effectuées KO dans le détail d'une entrée du Registre des fonds

Type de changement:

Indiquer le ou les types de changements

  • Correction

  • Refactorisation de code

Documentation:

Indiquer la documentation mise à jour

[ ] Quels sont les nouvelles documentations ?

[ ] Quels sont les modifications existantes ?

[ ] Quels sont les documentations ou sections de documentations supprimés ?

Tests:

Indiquer comment le code à été testé (manuel, environnement, TU, etc)

manuel

TU

Migration:

Indiquer si les modifications apportées impliquent une migration sur l'existant et comment la faire

Checklist:

Sélectionner les éléments de la checklist

[ ] Mon code suit le style de code de ce projet.

[ ] J'ai commenté mon code, en particulier dans les classes et les méthodes difficile à comprendre.

[ ] J'ai fait les changements correspondant dans la documentation RAML.

[ ] J'ai fait les changements correspondant dans la documentation Métier.

[ ] J'ai fait les changements correspondant dans la documentation Technique.

[ ] J'ai rajouté les tests unitaires vérifiant mes fonctionnalités.

[ ] J'ai rajouté les tests de non régression vérifiant mes fonctionnalités.

[ ] Les tests unitaires nouveaux et existants passent avec succès localement.

[ ] Toutes les dépendances ont été mergées en priorité

Contributeur

Indiquer qui a développé cette fonctionnalité

VAS (Vitam Accessible en Service)

@laedanrex laedanrex added bug Something isn't working VAS VAS contribution labels Mar 31, 2023
@laedanrex laedanrex self-assigned this Mar 31, 2023
@laedanrex laedanrex force-pushed the vas-10529-registre-fond-filtre branch 2 times, most recently from 48d4c05 to 7157b97 Compare March 31, 2023 14:52
@TDevillechabrolle
Copy link
Contributor

TDevillechabrolle commented Mar 31, 2023
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsb3dfc32b-ea87-4087-b81e-88a5f0a1819f

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/service/ProviderService.java: 214 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 111 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 110 Attack Vector
MEDIUM SSRF /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java: 152 Attack Vector
MEDIUM SSRF /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java: 143 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/IngestContractExternalController.java: 124 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ContextExternalController.java: 123 Attack Vector
LOW Log_Forging /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/TransactionController.java: 169 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/UserInfoController.java: 103 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/UserInfoController.java: 86 Attack Vector
LOW Log_Forging /api/api-ingest/ingest-external/src/main/java/fr/gouv/vitamui/ingest/external/server/rest/IngestExternalController.java: 117 Attack Vector
LOW Log_Forging /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/ExternalParamProfileController.java: 97 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/UserInfoController.java: 128 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ArchivalProfileUnitExternalController.java: 127 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/TenantExternalController.java: 172 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/TenantExternalController.java: 137 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/OntologyExternalController.java: 162 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/OwnerExternalController.java: 160 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/SearchCriteriaHistoryController.java: 106 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/UserInfoController.java: 86 Attack Vector
LOW Log_Forging /api/api-ingest/ingest-external/src/main/java/fr/gouv/vitamui/ingest/external/server/rest/IngestExternalController.java: 117 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java: 191 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/SecurityProfileController.java: 190 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/SecurityProfileExternalController.java: 160 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/UserInfoExternalController.java: 167 Attack Vector
LOW Log_Forging /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectArchiveUnitController.java: 106 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/ProfileExternalController.java: 184 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/FileFormatExternalController.java: 175 Attack Vector
LOW Log_Forging /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/ExternalParamProfileController.java: 97 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java: 219 Attack Vector
LOW Log_Forging /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/ExternalParamProfileController.java: 140 Attack Vector

Fixed Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH Client_DOM_XSS /docs/DAT/material/base.html: 4 Attack Vector
MEDIUM Client_Potential_XSS /docs/DAT/material/assets/javascripts/application.d5a09f94.js: 1187 Attack Vector
MEDIUM Client_Potential_XSS /docs/DAT/material/assets/javascripts/application.d5a09f94.js: 1159 Attack Vector
MEDIUM Client_Potential_XSS /docs/DAT/material/assets/javascripts/application.d5a09f94.js: 758 Attack Vector
LOW Client_DOM_Open_Redirect /docs/DAT/material/assets/javascripts/application.d5a09f94.js: 1356 Attack Vector
LOW Client_DOM_Open_Redirect /docs/DAT/material/base.html: 4 Attack Vector
LOW Client_Hardcoded_Domain /docs/DAT/material/base.html: 4 Attack Vector
LOW Client_Hardcoded_Domain /docs/DAT/material/base.html: 4 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ContextController.java: 152 Attack Vector
LOW Log_Forging /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java: 190 Attack Vector
LOW Log_Forging /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java: 226 Attack Vector
LOW Log_Forging /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectController.java: 124 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java: 159 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java: 159 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java: 190 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/SecurityProfileController.java: 156 Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 343 Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 134 Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 135 Attack Vector
LOW Log_Forging /api/api-collect/collect-external/src/main/java/fr/gouv/vitamui/collect/external/server/rest/ProjectExternalController.java: 137 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/IngestContractInternalController.java: 103 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/CustomerInternalController.java: 198 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/CustomerInternalController.java: 198 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/CustomerInternalController.java: 248 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java: 220 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/CustomerExternalController.java: 244 Attack Vector
LOW Log_Forging /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/CustomerInternalController.java: 248 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java: 220 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/CustomerExternalController.java: 244 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/AccessionRegisterInternalController.java: 112 Attack Vector
LOW Unprotected_Cookie /docs/DAT/material/assets/javascripts/application.d5a09f94.js: 978 Attack Vector

@laedanrex laedanrex changed the title WIP [VAS] Bug 11305: accession register transfer_reply fix WIP [VAS] Bug 11305 10529 9960: accession register transfer_reply fix Mar 31, 2023
@laedanrex laedanrex changed the title WIP [VAS] Bug 11305 10529 9960: accession register transfer_reply fix [VAS] Bug 11305 10529 9960: accession register fixes Apr 3, 2023
@GiooDev GiooDev added this to the IT 117 milestone Apr 4, 2023
@oussamasic
Copy link
Contributor

Description de la PR à mettre à jour

@laedanrex laedanrex force-pushed the vas-10529-registre-fond-filtre branch from e3d5cc9 to c520074 Compare April 19, 2023 10:11
@GiooDev GiooDev modified the milestones: IT 117, IT 118 Apr 19, 2023
oussamasic

This comment was marked as resolved.

Sign in to view

@laedanrex laedanrex force-pushed the vas-10529-registre-fond-filtre branch from c520074 to 6e8e1f8 Compare April 19, 2023 15:07
@GiooDev GiooDev merged commit fcf1fc2 into develop Apr 25, 2023
@GiooDev GiooDev deleted the vas-10529-registre-fond-filtre branch April 25, 2023 09:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oussamasic oussamasic oussamasic approved these changes

@GiooDev GiooDev GiooDev left review comments

@bbenaissa bbenaissa bbenaissa approved these changes

Assignees

@laedanrex laedanrex

Labels
bug Something isn't working VAS VAS contribution
Projects
None yet
Milestone
IT 118
Development

Successfully merging this pull request may close these issues.
5 participants
@laedanrex @TDevillechabrolle @oussamasic @bbenaissa @GiooDev