Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit API routes don't correctly match resource IDs with a period #2001

Closed
micahlee opened this issue Jan 20, 2021 · 0 comments · Fixed by #2002
Closed

Audit API routes don't correctly match resource IDs with a period #2001

micahlee opened this issue Jan 20, 2021 · 0 comments · Fixed by #2002
Assignees
@micahlee
Labels
kind/bug source/salesforce

Comments

@micahlee
Copy link
Contributor

Problem Description

When the resource ID used for retrieving audit events includes a period (.) the audit endpoint incorrectly reports a 404 Not Found response.

Example for user with ID my.user:

"GET /api/audit/roles/cucumber%3Auser%3Amy.user?limit=10" 404

However, periods in the ID work as expected for other Conjur endpoints:

"GET /api/roles/cucumber/user/my.user" 200

Also, encoding the period as %2E routes correctly, implying that the issue is the URL parsing:

"GET /api/audit/roles/cucumber%3Auser%3Amy%2Euser?limit=10" 200

Expected Outcome:

The audit API URL with the unencoded period returns the correct response code and data.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@micahlee micahlee

Labels
kind/bug source/salesforce
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update audit engine API route constraints for resource IDs cyberark/conjur
2 participants
@micahlee @sjacobs146