feat(SIDM-3410-ips): filter out internal ips from policy valuation (#… #271
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tbamido
added a commit
that referenced
this pull request
Nov 20, 2019
) (#271) * feat(SIDM-3410-ips): filter out internal ips from policy valuation * feat(SIDM-3410-ips): simplify and merge methods * feat(SIDM-3410-ips): simplify regex
nikola-naydenov-hmcts
added a commit
that referenced
this pull request
Feb 14, 2020
* Sidm 3294 mfa e2e tests (#256) * add mfa otp login tests * add missing file * fix typo * add missing code * fix test failures * add more waits * add more waits * add exiplit wait * add block policy scenario * Sidm 3296 waf password configure test (#259) * special character password test * added password characters * changed password characters * redued wait time * SIDM-3127 Remove “Is there a problem with this page?” element. (#257) * feat(SIDM-3128-survey): add pageurl parameter to smartsurvey link (#258) (#268) * feat(make): add port-forward and force-update-pods (#269) * feat(SIDM-2040-pw): update password reset messages (#266) * feat(SIDM-2040-pw): update password reset messages: - blacklisted: Your password is too easy to guess - containing personal info: Do not include your name or email in your password - did not match rules: Your password didn't have all the required characters * feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270) (#271) * feat(SIDM-3410-ips): filter out internal ips from policy valuation * feat(SIDM-3410-ips): simplify and merge methods * feat(SIDM-3410-ips): simplify regex * feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272) * Updating with for suggestions (#273) * Updating with for suggestions * Need to escape the dot * fix(vnet_private_ip_pattern): update escape syntax (#281) * feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#282) * feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) * feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285) * This should fix the ArrAffinity token problem (#278) * feat(SIDM-2040-pw-create): update create pwd (#279) * feat(SIDM-2040-pw): update create pwd * feat(SIDM-2040-pw-register): update create pwd on register user to handle FR errors: - blacklisted password - password contains personal info * add password validation tests (#289) * feat(SIDM-3128-surveyfix): fix survey url and allow only client_id param (#290) * SIDM-3397 Expired Reset Password link. (#288) * SIDM-3397 Expired Reset Password link. * SIDM-3397 Add test. * SIDM-3397 Fix after merge. * Code review adjustements. * Don't show the hyperlink when the data is not provided. * SIDM-3499 Upgrade insights agent (#292) * SIDM-3499 Upgrade Application Insights Agent. * Attempt to make one of the tests less flaky. * Fix the web config file. * fix(docker): update dockerfile from base and use app insights 2.5.1 * Add the agent. * Fix. * SIDM-3499 Adjust link caption. (#293) * Adjust link caption. * Adjust link caption. * Rename message names. * Update contact us details. (revert of the revert) (#294) * login with spaces in user email (#296) * SIDM-3411 Springboot whitelabel error (#295) * Add an AppErrorController. * Add a redirect. * Add a generic error jsp. * Review fixes. * Duplicated code fix (#291) * user eal hmcts policyset in the tests (#298) * Sidm 3530 illegal chars (#299) * Add illegal characters validation. * Add the message. * Improve test coverage and enhance the for loop. * Update working hours. (#301) * SIDM 3487 suspended users login message (#303) * SIDM-3487 Incorrect error message when suspended users try to log in. * Empty commit * Trigger a build. * Upgrade tomcat minor version. * Adjust the code. * Revert "Adjust the code." This reverts commit 3a1f4cd * SIDM-3591 Update Contact Us page with email details for SSCS. (#304) * Bringing all project dependencies in line for 1.5.1. (#309) * Bringing all project dependencies in line for 1.5.1. * Fixing a test Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com> * Sidm 3557 nightly functional tests (#305) * updated code * added both smoke and functuonal tests to ightly pipeline * add reset password with diff case email test (#310) * Moving the sonar setup here to be in line with idam-api (#311) Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com> * Sidm 3118 fix flapping tests (#312) * fix flapping tests * fix flapping tests * update wait time in the tests * fix review comment * Eliminating vulnerabilities * fix unknown char in email links (#317) * SIDM-3511 - Update chart-java release 2.16.0 (#318) * build(chart-java): update chart-java release to 2.16.0 * refactor(cicd): remove deprecated enableDockerBuild() * feat(staging deployment): add aat values for helm * feat(sidm-3483-fr6): 6.5 web-public (#315) (#321) * feat(sidm-3483-fr6): update test regex to extract activation parssword * feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits * feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test * feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf * chore(ase asp): disable legacy deployments (#323) Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com> Co-authored-by: sudhasane <vanisekhar75@gmail.com> Co-authored-by: dfourn <dpatynski@gmail.com> Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com> Co-authored-by: Henry Dobson <henrydobson@me.com> Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com>
henrydobson
added a commit
that referenced
this pull request
Feb 26, 2020
* Eliminating vulnerabilities * fix unknown char in email links (#317) * SIDM-3511 - Update chart-java release 2.16.0 (#318) * build(chart-java): update chart-java release to 2.16.0 * refactor(cicd): remove deprecated enableDockerBuild() * feat(staging deployment): add aat values for helm * feat(sidm-3483-fr6): 6.5 web-public (#315) (#321) * feat(sidm-3483-fr6): update test regex to extract activation parssword * feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits * feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test * feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf * chore(ase asp): disable legacy deployments (#323) * Merging preview to ITHC (#324) * Sidm 3294 mfa e2e tests (#256) * add mfa otp login tests * add missing file * fix typo * add missing code * fix test failures * add more waits * add more waits * add exiplit wait * add block policy scenario * Sidm 3296 waf password configure test (#259) * special character password test * added password characters * changed password characters * redued wait time * SIDM-3127 Remove “Is there a problem with this page?” element. (#257) * feat(SIDM-3128-survey): add pageurl parameter to smartsurvey link (#258) (#268) * feat(make): add port-forward and force-update-pods (#269) * feat(SIDM-2040-pw): update password reset messages (#266) * feat(SIDM-2040-pw): update password reset messages: - blacklisted: Your password is too easy to guess - containing personal info: Do not include your name or email in your password - did not match rules: Your password didn't have all the required characters * feat(SIDM-3410-ips): filter out internal ips from policy valuation (#270) (#271) * feat(SIDM-3410-ips): filter out internal ips from policy valuation * feat(SIDM-3410-ips): simplify and merge methods * feat(SIDM-3410-ips): simplify regex * feat(SIDM-3410-ips-preview): remove filter pattern in preview (#272) * Updating with for suggestions (#273) * Updating with for suggestions * Need to escape the dot * fix(vnet_private_ip_pattern): update escape syntax (#281) * feat(SIDM-3441-sso): Policy eval: remove bearer auth token (#282) * feat(SIDM-3437-redir): login/mfa: redirecting using slash (#280) * feat(SIDM-3410-fix-def): use same escaping as preview which is tested (#285) * This should fix the ArrAffinity token problem (#278) * feat(SIDM-2040-pw-create): update create pwd (#279) * feat(SIDM-2040-pw): update create pwd * feat(SIDM-2040-pw-register): update create pwd on register user to handle FR errors: - blacklisted password - password contains personal info * add password validation tests (#289) * feat(SIDM-3128-surveyfix): fix survey url and allow only client_id param (#290) * SIDM-3397 Expired Reset Password link. (#288) * SIDM-3397 Expired Reset Password link. * SIDM-3397 Add test. * SIDM-3397 Fix after merge. * Code review adjustements. * Don't show the hyperlink when the data is not provided. * SIDM-3499 Upgrade insights agent (#292) * SIDM-3499 Upgrade Application Insights Agent. * Attempt to make one of the tests less flaky. * Fix the web config file. * fix(docker): update dockerfile from base and use app insights 2.5.1 * Add the agent. * Fix. * SIDM-3499 Adjust link caption. (#293) * Adjust link caption. * Adjust link caption. * Rename message names. * Update contact us details. (revert of the revert) (#294) * login with spaces in user email (#296) * SIDM-3411 Springboot whitelabel error (#295) * Add an AppErrorController. * Add a redirect. * Add a generic error jsp. * Review fixes. * Duplicated code fix (#291) * user eal hmcts policyset in the tests (#298) * Sidm 3530 illegal chars (#299) * Add illegal characters validation. * Add the message. * Improve test coverage and enhance the for loop. * Update working hours. (#301) * SIDM 3487 suspended users login message (#303) * SIDM-3487 Incorrect error message when suspended users try to log in. * Empty commit * Trigger a build. * Upgrade tomcat minor version. * Adjust the code. * Revert "Adjust the code." This reverts commit 3a1f4cd * SIDM-3591 Update Contact Us page with email details for SSCS. (#304) * Bringing all project dependencies in line for 1.5.1. (#309) * Bringing all project dependencies in line for 1.5.1. * Fixing a test Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com> * Sidm 3557 nightly functional tests (#305) * updated code * added both smoke and functuonal tests to ightly pipeline * add reset password with diff case email test (#310) * Moving the sonar setup here to be in line with idam-api (#311) Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com> * Sidm 3118 fix flapping tests (#312) * fix flapping tests * fix flapping tests * update wait time in the tests * fix review comment * Eliminating vulnerabilities * fix unknown char in email links (#317) * SIDM-3511 - Update chart-java release 2.16.0 (#318) * build(chart-java): update chart-java release to 2.16.0 * refactor(cicd): remove deprecated enableDockerBuild() * feat(staging deployment): add aat values for helm * feat(sidm-3483-fr6): 6.5 web-public (#315) (#321) * feat(sidm-3483-fr6): update test regex to extract activation parssword * feat(sidm-3483-fr6): password reset working but had to change some of the codecepts waits * feat(sidm-3483-fr6): add 2s wait after Sign In to fix flappy test * feat(sidm-3483-fr6): remove waits because it was fixed by Shravs changes on codecept conf * chore(ase asp): disable legacy deployments (#323) Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com> Co-authored-by: sudhasane <vanisekhar75@gmail.com> Co-authored-by: dfourn <dpatynski@gmail.com> Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com> Co-authored-by: Henry Dobson <henrydobson@me.com> Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com> * ci(env name): add override for env name for build with aks (#325) Co-authored-by: NikolaNaydenov <47004340+NikolaNaydenov@users.noreply.github.com> Co-authored-by: Shravan Mechineni <shravanmechineni5@gmail.com> Co-authored-by: tbamido <50667636+tbamido@users.noreply.github.com> Co-authored-by: nikola-naydenov-hmcts <47384516+nikola-naydenov-hmcts@users.noreply.github.com> Co-authored-by: sudhasane <vanisekhar75@gmail.com> Co-authored-by: dfourn <dpatynski@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…270)
feat(SIDM-3410-ips): filter out internal ips from policy valuation
feat(SIDM-3410-ips): simplify and merge methods
feat(SIDM-3410-ips): simplify regex
JIRA link (if applicable)
https://tools.hmcts.net/jira/browse/SIDM-3410
Change description
MERGING THE WORK DONE FOR 1.5.RC into PREVIEW
Policy evaluation: filter internal ips using pattern 10.x.x.x and send only one IP for evaluation
Effect:
When X-FORWARDED-FOR: "10.0.0.1,7.7.7.7"
Then EvaluatePolicy with requestIp: ["7.7.7.7"]
Reason:
There's a bug in FR where it randomly picks ONE IP from the list to evaluate policies against,
Resulting in inconsistent responses
Does this PR introduce a breaking change? (check one with "x")