Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sanitize report's inputs and usernames - 3.13.x #4336

Merged
merged 4 commits into from
Aug 11, 2022
Merged

Sanitize report's inputs and usernames - 3.13.x #4336

merged 4 commits into from
Aug 11, 2022

Conversation

Desvelao
Copy link
Member

@Desvelao Desvelao commented Jul 18, 2022
edited
Loading

Description

This PR adds parameter validation to the report's endpoints.

Closes #4329

Changes

  • Add parameter validation to the reporting endpoints.
  • Removed some parameters in the reporting endpoints.
  • Build the report name in the backend.
  • Add testing with Jest.
  • Add tests with invalid parameters in the reporting endpoints.

Test

  • Do requests to the reports endpoints with unexpected / forbidden parameters using some tools such as cURL or Postman.
  • Check that each kind of report can be generated as expected:
    • Modules (with an agent selected, without an agent selected, changing the type of selected time range, etc...)
    • Group
    • Agent configuration
    • Agent inventory

@Desvelao Desvelao self-assigned this Jul 18, 2022
@Desvelao
feature: Add parameter validation to reporting endpoints
7350ee9 
- Removed some parameters when creating endpoints and added groupID and
  agentID. Now the report name is built in the backend.
- Add testing with Jest
- Add tests with invalid expected parameters
@Desvelao Desvelao force-pushed the feature/4329-reporting-inputs-3.13.x branch from d07efdb to 7350ee9 Compare July 18, 2022 07:59
AlexRuiz7
AlexRuiz7 suggested changes Jul 18, 2022
View reviewed changes
Copy link
Member

@AlexRuiz7 AlexRuiz7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add the MD5 dependency with:

npm install md5 --save

@Desvelao Desvelao force-pushed the feature/4329-reporting-inputs-3.13.x branch from 8479000 to 97d0e37 Compare July 19, 2022 06:53
@Desvelao
Copy link
Member Author

Add the MD5 dependency with:

npm install md5 --save

The changes included in this PR don't require the md5 library.

@Desvelao Desvelao requested a review from AlexRuiz7 July 26, 2022 09:00
asteriscos
asteriscos requested changes Aug 5, 2022
View reviewed changes
Copy link
Member

@asteriscos asteriscos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some request parameters are not sent as they should. Please review the comments.

@Desvelao Desvelao requested a review from asteriscos August 8, 2022 08:31
@Desvelao Desvelao added type/bug Bug issue type/enhancement Enhancement issue and removed type/bug Bug issue labels Aug 8, 2022
asteriscos
asteriscos approved these changes Aug 11, 2022
View reviewed changes
Copy link
Member

@asteriscos asteriscos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CR: ✔️
Test: ✔️

Screenshot from 2022-08-11 16-51-28

image

image

matiasmoreno876
matiasmoreno876 approved these changes Aug 11, 2022
View reviewed changes
Copy link
Contributor

@matiasmoreno876 matiasmoreno876 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@matiasmoreno876 matiasmoreno876 merged commit 0b3ce55 into 3.13-7.9 Aug 11, 2022
@matiasmoreno876 matiasmoreno876 deleted the feature/4329-reporting-inputs-3.13.x branch August 11, 2022 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@asteriscos asteriscos asteriscos approved these changes

@matiasmoreno876 matiasmoreno876 matiasmoreno876 approved these changes

@AlexRuiz7 AlexRuiz7 Awaiting requested review from AlexRuiz7

Assignees

@Desvelao Desvelao

Labels
type/enhancement Enhancement issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Desvelao @asteriscos @AlexRuiz7 @matiasmoreno876