Escape commas in usernames to fix rbac permissions #19365
Conversation
Xaseron
changed the title
Changed the Name entry under projDeveloper in the api_test.go file for testing rbac corner cases.
Adjusted the GetUserName method in rbacUser.go to replace commas with underscores. This fixes a bug with commas in usernames.
Xaseron
force-pushed
the
2.7-fix-commas-in-rbac
branch
from
a4b40f3
to
5c93b38
Compare
|
How can i recheck the DCO? |
Codecov Report
@@ Coverage Diff @@
## release-2.7.0 #19365 +/- ##
==================================================
- Coverage 66.41% 44.02% -22.40%
==================================================
Files 1012 245 -767
Lines 108713 13398 -95315
Branches 2678 2678
==================================================
- Hits 72207 5898 -66309
+ Misses 32542 7215 -25327
+ Partials 3964 285 -3679
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
|
I signed it yesterday and force pushed |
|
Because the OIDC onboard function checked the comma in the username, we need to investigate how the comma comes to the username in the database. |
|
You can also create usernames with comma and authdb |
|
@stonezdj, how can we move here further forward? |
|
This PR is being marked stale due to a period of inactivty. If this PR is still relevant, please comment or remove the stale label. Otherwise, this PR will close in 30 days. |
|
This PR was closed because it has been stalled for 30 days with no activity. If this PR is still relevant, please re-open a new PR against main. |
Pull request was closed
Comprehensive Summary of your change
This change escape
,in username which breaks rbac validation.Which leads to that every user with
,in his name wasn't able to access an repository via portal or API.Issue being fixed
Fixes #19356
Please indicate you've done the following: