From 1a654a3466f8b6ce5242d1d7eb8d06bdcac1f981 Mon Sep 17 00:00:00 2001
From: Ivan Gomes <ivan-gomes@users.noreply.github.com>
Date: Thu, 6 Oct 2022 22:54:49 -0400
Subject: [PATCH 1/3] fix(ldap): encode group search filter

---
 .../main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java b/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java
index 48e7c14c5..56791c6e0 100644
--- a/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java
+++ b/ldap/src/main/java/org/openmbee/mms/ldap/LdapSecurityConfig.java
@@ -21,6 +21,7 @@
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
 import org.springframework.ldap.core.support.LdapContextSource;
 import org.springframework.ldap.filter.*;
+import org.springframework.ldap.support.LdapEncoder;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.authentication.configurers.ldap.LdapAuthenticationProviderConfigurer;
@@ -185,7 +186,7 @@ public Collection<? extends GrantedAuthority> getGrantedAuthorities(
 
                 AndFilter andFilter = new AndFilter();
                 HardcodedFilter groupsFilter = new HardcodedFilter(
-                    groupSearchFilter.replace("{0}", userDn));
+                    groupSearchFilter.replace("{0}", LdapEncoder.filterEncode(userDn)));
                 andFilter.and(groupsFilter);
                 andFilter.and(orFilter);
 

From 501e5d28c53a8658d100179ea3de7c42ba29a8ff Mon Sep 17 00:00:00 2001
From: Ivan Gomes <ivan-gomes@users.noreply.github.com>
Date: Thu, 6 Oct 2022 23:04:51 -0400
Subject: [PATCH 2/3] feat(groups): allow all printable ASCII characters in
 group name

---
 .../org/openmbee/mms/groups/constants/GroupConstants.java | 2 +-
 .../mms/groups/services/GroupValidationService.java       | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/groups/src/main/java/org/openmbee/mms/groups/constants/GroupConstants.java b/groups/src/main/java/org/openmbee/mms/groups/constants/GroupConstants.java
index 1df64f07b..2e75c4027 100644
--- a/groups/src/main/java/org/openmbee/mms/groups/constants/GroupConstants.java
+++ b/groups/src/main/java/org/openmbee/mms/groups/constants/GroupConstants.java
@@ -6,7 +6,7 @@ public class GroupConstants {
     public static final String GROUP_NOT_EMPTY = "Group is not empty";
     public static final String GROUP_NOT_FOUND = "Group not found";
     public static final String INVALID_ACTION = "Invalid action";
-    public static final String INVALID_GROUP_NAME= "Invalid group name";
+    public static final String INVALID_GROUP_NAME = "Invalid group name";
     public static final String NAME = "name";
     public static final String NO_USERS_PROVIDED = "No users provided";
     public static final String RESTRICTED_GROUP = "Restricted group";
diff --git a/groups/src/main/java/org/openmbee/mms/groups/services/GroupValidationService.java b/groups/src/main/java/org/openmbee/mms/groups/services/GroupValidationService.java
index 6e6251d5c..ae40f307c 100644
--- a/groups/src/main/java/org/openmbee/mms/groups/services/GroupValidationService.java
+++ b/groups/src/main/java/org/openmbee/mms/groups/services/GroupValidationService.java
@@ -12,20 +12,20 @@
 @Service
 public class GroupValidationService {
 
-    private static final Set<String> RESTRICTED_NAMES =  Set.of(MMSADMIN, EVERYONE);
-    private Pattern VALID_GROUP_NAME_PATTERN = Pattern.compile("^[\\w-]+");
+    private static final Set<String> RESTRICTED_NAMES = Set.of(MMSADMIN, EVERYONE);
+    private final Pattern VALID_GROUP_NAME_PATTERN = Pattern.compile("^[ -~]+");
 
     public boolean isRestrictedGroup(String groupName) {
         return RESTRICTED_NAMES.contains(groupName);
     }
 
-    public boolean isValidGroupName(String groupName){
+    public boolean isValidGroupName(String groupName) {
         return groupName != null &&
             !isRestrictedGroup(groupName) &&
             VALID_GROUP_NAME_PATTERN.matcher(groupName).matches();
     }
 
-    public boolean canDeleteGroup(Group group){
+    public boolean canDeleteGroup(Group group) {
         return !isRestrictedGroup(group.getName()) &&
             (group.getUsers() == null || group.getUsers().isEmpty());
     }

From 226c9d0d7cae1b777c471d90ba010ea752f7403a Mon Sep 17 00:00:00 2001
From: Jason Han <jason.han@jpl.nasa.gov>
Date: Fri, 7 Oct 2022 13:54:27 -0700
Subject: [PATCH 3/3] Bump version for release

---
 gradle.properties | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gradle.properties b/gradle.properties
index de52d9b49..6fcfb3d8f 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -1,4 +1,4 @@
-version=4.0.11
+version=4.0.12
 group=org.openmbee.mms
 
 springBootVersion=2.6.7