Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug #14405 : Collect - filters issues #2550

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

bug #14405 : Collect - filters issues #2550

wants to merge 2 commits into from
+1,154 −861

Conversation

hazco75
Copy link
Contributor

@hazco75 hazco75 commented Mar 18, 2025

Description

Suite à l'US sur la sauvegarde des critères de recherche dans l'URL sur Collecte, les critères de recherche de type DUA, DUC, Communicabilité, Diffusion et Réutilisation ne sont pas sauvegardés avec les bonnes valeurs. Un travail a été fait pour aligner l'URL avec les bons critères de recherche

Type de changement

  • Correction

@hazco75 hazco75 added this to the IT 150 milestone Mar 18, 2025
@vitam-prg
Copy link
Collaborator

vitam-prg commented Mar 18, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsc7e72f68-f224-477b-b4e4-023638dcad76

New Issues (30)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 85
detailsMethod getTenantIdentifier at line 85 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends us...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
detailsMethod getApplicationId at line 175 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
detailsMethod getHttpContext at line 117 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java sends user i...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java: 100
detailsMethod getMe at line 100 of /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java sends user information outside the...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java: 100
detailsMethod getMe at line 100 of /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java sends user information outside the...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java: 100
detailsMethod getMe at line 100 of /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java sends user information outside the...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java: 100
detailsMethod getMe at line 100 of /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java sends user information outside the...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java: 100
detailsMethod getMe at line 100 of /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java sends user information outside the...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java: 100
detailsMethod getMe at line 100 of /api/api-iam/iam-client/src/main/java/fr/gouv/vitamui/iam/client/UserRestClient.java sends user information outside the...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 105
detailsMethod buildClient at line 105 of /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java sends user inform...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 88
detailsMethod buildClient at line 88 of /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java sends user informa...
Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java: 106
detailsMethod buildClient at line 106 of /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/Pac4jClientBuilder.java sends user inform...
Attack Vector
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 98
detailsMethod getAllPaginated at line 98 of /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java gets user input ...
Attack Vector
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 100
detailsMethod getAllPaginated at line 100 of /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java gets user input...
Attack Vector
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
detailsMethod getApplicationId at line 175 of /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java gets user ...
Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 198
detailsMethod startEliminationAnalysis at line 198 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Arc...
Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 198
detailsMethod startEliminationAnalysis at line 198 of /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/Arc...
Attack Vector
Fixed Issues (48)

Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 99
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 99
LOW Log_Forging /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 289
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 136
LOW Log_Forging /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 158
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 117
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/SecurityService.java: 175
LOW Log_Forging /api/api-iam/iam/src/main/java/fr/gouv/vitamui/iam/server/rest/IdentityProviderController.java: 254
LOW Log_Forging /api/api-iam/iam/src/main/java/fr/gouv/vitamui/iam/server/rest/IdentityProviderController.java: 200
LOW Log_Forging /api/api-iam/iam/src/main/java/fr/gouv/vitamui/iam/server/rest/IdentityProviderController.java: 235
LOW Log_Forging /api/api-iam/iam/src/main/java/fr/gouv/vitamui/iam/server/rest/IdentityProviderController.java: 163
LOW Log_Forging /api/api-iam/iam/src/main/java/fr/gouv/vitamui/iam/server/rest/IdentityProviderController.java: 143
LOW Log_Forging /api/api-iam/iam/src/main/java/fr/gouv/vitamui/iam/server/rest/IdentityProviderController.java: 278
LOW Log_Forging /api/api-iam/iam/src/main/java/fr/gouv/vitamui/iam/server/idp/service/IdentityProviderService.java: 292
LOW Log_Forging /api/api-iam/iam/src/main/java/fr/gouv/vitamui/iam/server/rest/IdentityProviderController.java: 279
LOW Log_Forging /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 116
LOW Log_Forging /api/api-archive-search/archive-search/src/main/java/fr/gouv/vitamui/archives/search/server/rest/ArchivesSearchController.java: 249
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 99
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 98
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 144
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 131
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 145
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 121
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 99
LOW Log_Forging /api/api-ingest/ingest/src/main/java/fr/gouv/vitamui/ingest/server/rest/IngestController.java: 143

@hazco75 hazco75 force-pushed the bug_14405_collect_search_filters branch from 15e8d31 to 468ea31 Compare March 20, 2025 10:44
marob
marob requested changes Mar 21, 2025
View reviewed changes
Copy link
Contributor

@marob marob left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Les corrections doivent être également appliquées sur archive-search.

Centraliser les constantes (ID_ACCESS, TITLE_ACCESS, ...) dans vitamui-library et les réutiliser à la place de leurs valeurs.

@hazco75 hazco75 force-pushed the bug_14405_collect_search_filters branch 8 times, most recently from 74ce4b7 to a85efe6 Compare March 28, 2025 14:31
marob
marob requested changes Mar 31, 2025
View reviewed changes
Copy link
Contributor

@marob marob left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hazco75 Les corrections doivent être également appliquées sur archive-search.

@hazco75 hazco75 force-pushed the bug_14405_collect_search_filters branch 3 times, most recently from 5eb4662 to 7d7bc92 Compare March 31, 2025 14:14
@hazco75 hazco75 force-pushed the bug_14405_collect_search_filters branch from 7d7bc92 to 7f062ee Compare March 31, 2025 14:25
@hazco75
Copy link
Contributor Author

hazco75 commented Mar 31, 2025

@marob j'ai fais les modifs pour Archive-Search, je te laisse regarder. Je m'occupe du confilt, mais il semble concerner ta méthode getDataType, qui est redondante avec ma méthode setDataType

@hazco75 hazco75 force-pushed the bug_14405_collect_search_filters branch from f615be4 to 4129d7a Compare March 31, 2025 15:54
marob
marob reviewed Mar 31, 2025
View reviewed changes
Copy link
Contributor

@marob marob left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

archive-search-helper.service.ts est quasi identique (mais il y a quelques différences qui semblent indiquer que l'un a été mieux maintenu que l'autre) entre archive-search et collect. Il faudrait peut-être les mutualiser dans vitamui-library.

...-search/archive-search-by-mgt-rules/appraisal-rule-search/appraisal-rule-search.component.ts
const RULE_TITLE = 'RULE_TITLE';
const RULE_END_DATE = 'RULE_END_DATE';
const ELIMINATION_TECHNICAL_ID = 'ELIMINATION_TECHNICAL_ID';
// const keysList = [RULE_ORIGIN + RULE_TYPE_SUFFIX, FINAL_ACTION + RULE_TYPE_SUFFIX, FINAL_ACTION_TYPE + RULE_TYPE_SUFFIX];
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Supprimer

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marob marob marob requested changes

@Salimdev Salimdev Salimdev left review comments

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
IT 150
Development

Successfully merging this pull request may close these issues.
4 participants
@hazco75 @vitam-prg @marob @Salimdev