Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[backend] Check authorized members for element access (#4538) #9809

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

[backend] Check authorized members for element access (#4538) #9809

wants to merge 5 commits into from

Conversation

SouadHadjiat
Copy link
Member

@SouadHadjiat SouadHadjiat commented Feb 3, 2025
edited
Loading

Proposed changes

  • check for authorized members for element access: element was accesible for user not in authorized members
  • refacto isUserCanAccessStixElement() in order to unit test easily element access to user
  • unit test isUserCanAccessStixElement

Related issues

Checklist

  • I consider the submitted work as finished
  • I tested the code for its functionality
  • I wrote test cases for the relevant uses case (coverage and e2e)
  • I added/update the relevant documentation (either on github or on notion)
  • Where necessary I refactored code to improve the overall quality

Further comments

@SouadHadjiat SouadHadjiat added the filigran team use to identify PR from the Filigran team label Feb 3, 2025
@codecov Codecov
Copy link

codecov bot commented Feb 3, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 97.72727% with 2 lines in your changes missing coverage. Please review.

Project coverage is 64.31%. Comparing base (7d55b76) to head (ba457a5).
Report is 1 commits behind head on master.

Files with missing lines Patch % Lines
...encti-platform/opencti-graphql/src/utils/access.ts 97.72% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #9809      +/-   ##
==========================================
+ Coverage   64.29%   64.31%   +0.02%     
==========================================
  Files         655      655              
  Lines       62933    62957      +24     
  Branches     6964     6976      +12     
==========================================
+ Hits        40460    40492      +32     
+ Misses      22473    22465       -8

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@marieflorescontact marieflorescontact changed the base branch from release/6.5.0 to master February 6, 2025 10:26
@marieflorescontact marieflorescontact force-pushed the issue/4538-fix-access branch 3 times, most recently from a2cd443 to 3f7ccd8 Compare February 7, 2025 13:31
@marieflorescontact marieflorescontact marked this pull request as ready for review February 10, 2025 11:03
richard-julien
richard-julien reviewed Feb 10, 2025
View reviewed changes
opencti-platform/opencti-graphql/src/utils/access.ts
if (settings.platform_organization) {
const userOrganizations = user.organizations.map((o) => o.internal_id);
if (hasPlatformOrg) {
const userOrganizations = user.organizations.map((o) => (useStandardId ? o.standard_id : o.internal_id));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could maybe extract All ids from the object to prevent using a special option useStandardId

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richard-julien richard-julien richard-julien left review comments

@marieflorescontact marieflorescontact Awaiting requested review from marieflorescontact

@JeremyCloarec JeremyCloarec Awaiting requested review from JeremyCloarec

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
filigran team use to identify PR from the Filigran team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SouadHadjiat @richard-julien @marieflorescontact