Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 11537: avoid reset tenant in startup service #1380

Merged
merged 1 commit into from
Jun 27, 2023
Merged

Bug 11537: avoid reset tenant in startup service #1380

merged 1 commit into from
Jun 27, 2023

Conversation

laedanrex
Copy link
Contributor

@laedanrex laedanrex commented Jun 16, 2023
edited
Loading

Description

BUG - Problème d'accès aux APPs Collecte et Contrat de gestion dans le cas d'une organisation multi-tenant

Type de changement:

  • Correction

  • Refactorisation de code

Tests:

manuel

Contributeur

VAS (Vitam Accessible en Service)

@TDevillechabrolle
Copy link
Contributor

TDevillechabrolle commented Jun 16, 2023
edited
Loading

Logo
Checkmarx One – Scan Summary & Details538296f9-1ee0-4cb7-a3ab-42ab9948f95f

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM CVE-2023-2976 Maven-com.google.guava:guava-29.0-jre Vulnerable Package

Fixed Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 150 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 150 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 262 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 248 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 286 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 210 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 262 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 248 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 298 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 286 Attack Vector
LOW Log_Forging /api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionArchiveUnitInternalController.java: 162 Attack Vector
LOW Log_Forging /ui/ui-archive-search/src/main/java/fr/gouv/vitamui/archives/search/rest/ArchivesSearchController.java: 111 Attack Vector

@laedanrex laedanrex force-pushed the vas-11537-bug-collect-user-multi-tenant branch 3 times, most recently from 0eb6e0f to c153107 Compare June 19, 2023 10:52
@GiooDev GiooDev changed the title set tenant and save it to avoid bug multi tenant Story 11537: set tenant and save it to avoid bug multi tenant Jun 20, 2023
@GiooDev GiooDev added this to the IT 121 milestone Jun 20, 2023
@GiooDev GiooDev added bug Something isn't working VAS VAS contribution labels Jun 20, 2023
@laedanrex laedanrex force-pushed the vas-11537-bug-collect-user-multi-tenant branch from b223c90 to be0785f Compare June 21, 2023 12:08
@laedanrex laedanrex changed the title Story 11537: set tenant and save it to avoid bug multi tenant Bug 11537: avoid reset tenant in startup service Jun 21, 2023
@laedanrex laedanrex self-assigned this Jun 21, 2023
@laedanrex laedanrex force-pushed the vas-11537-bug-collect-user-multi-tenant branch 8 times, most recently from d8873b2 to 91e83ed Compare June 23, 2023 09:24
@laedanrex laedanrex force-pushed the vas-11537-bug-collect-user-multi-tenant branch from 91e83ed to 31a7097 Compare June 26, 2023 06:10
@GiooDev GiooDev merged commit 76d18b7 into develop Jun 27, 2023
@GiooDev GiooDev deleted the vas-11537-bug-collect-user-multi-tenant branch June 27, 2023 15:58
laedanrex added a commit that referenced this pull request Jul 18, 2023
@laedanrex
set tenant and save it to avoid bug multi tenant (#1380)
fe4427c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mohatizaoui mohatizaoui mohatizaoui approved these changes

@Regzox Regzox Regzox approved these changes

@bbenaissa bbenaissa Awaiting requested review from bbenaissa

@youcefxelians youcefxelians Awaiting requested review from youcefxelians

Assignees

@laedanrex laedanrex

Labels
bug Something isn't working VAS VAS contribution
Projects
None yet
Milestone
IT 121
Development

Successfully merging this pull request may close these issues.
5 participants
@laedanrex @TDevillechabrolle @Regzox @mohatizaoui @GiooDev