Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-orm): add search support in json path #9759

Merged
merged 3 commits into from
Oct 15, 2024
Merged

feat(jans-orm): add search support in json path #9759

merged 3 commits into from
Oct 15, 2024

Conversation

yurem
Copy link
Contributor

@yurem yurem commented Oct 15, 2024

closes #9754

  • I confirm that there is no impact on the docs due to the code changes in this PR.

yurem added 2 commits October 15, 2024 18:50
@yurem
feat(jans-orm): add search support in json path
b6dcb0f 
Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
@yurem
feat(jans-orm): add search support in json path
ec25bba 
Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
@yurem yurem requested a review from yuriyz as a code owner October 15, 2024 18:23
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Oct 15, 2024
edited
Loading

DryRun Security Summary

The code change in this pull request is a minor bugfix or improvement to the SqlFilterConverter class, which is responsible for converting LDAP filters to SQL filters, and does not introduce any obvious security concerns.

Expand for full summary

Summary:

The code change in this pull request is part of the SqlFilterConverter class, which is responsible for converting LDAP filters to SQL filters. The specific change is in the resolveAttributeName() method, which is used to determine the attribute name for a given filter.

The change is to return the filter's attribute name directly if the tableMapping or the filter itself is null. This is likely a defensive change to handle cases where the attribute name cannot be resolved from the tableMapping. From an application security perspective, this change does not introduce any obvious security concerns, as it appears to be a minor bugfix or improvement to the existing functionality.

Overall, the code change seems reasonable and does not raise any immediate security red flags. However, it's always important to review the entire codebase and consider the broader context of the application to ensure that there are no other security vulnerabilities or concerns.

Files Changed:

  • jans-orm/sql/src/main/java/io/jans/orm/sql/impl/SqlFilterConverter.java: The changes in this file are focused on the resolveAttributeName() method of the SqlFilterConverter class. The method now returns the filter's attribute name directly if the tableMapping or the filter itself is null. This is likely a defensive change to handle cases where the attribute name cannot be resolved from the tableMapping.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@yurem
Merge branch 'main' into orm_json_search
dcda62f 
Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
@yuriyz yuriyz enabled auto-merge (squash) October 15, 2024 18:29
@yuriyz yuriyz merged commit 5c69a4c into main Oct 15, 2024
11 checks passed
@yuriyz yuriyz deleted the orm_json_search branch October 15, 2024 18:29
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'Jans-Keycloak-Link'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'Fido2 API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'SCIM API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed for 'orm'

Failed conditions
2 Security Hotspots
37 New Code Smells (required ≤ 8)
1 New Bugs (required ≤ 0)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

imShakil pushed a commit that referenced this pull request Oct 28, 2024
@yurem @imShakil
feat(jans-orm): add search support in json path (#9759)
c84443f 
* feat(jans-orm): add search support in json path

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat(jans-orm): add search support in json path

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

---------

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@yurem
feat(jans-orm): add search support in json path (#9759)
8ed0f39 
* feat(jans-orm): add search support in json path

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat(jans-orm): add search support in json path

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

---------

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Former-commit-id: 5c69a4c
moabu pushed a commit that referenced this pull request Dec 26, 2024
@yurem @imShakil
feat(jans-orm): add search support in json path (#9759)
fdf55f4 
* feat(jans-orm): add search support in json path

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat(jans-orm): add search support in json path

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

---------

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
moabu pushed a commit that referenced this pull request Dec 27, 2024
@yurem @imShakil
feat(jans-orm): add search support in json path (#9759)
3cba129 
* feat(jans-orm): add search support in json path

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* feat(jans-orm): add search support in json path

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

---------

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyzz yuriyzz yuriyzz approved these changes

@yuriyz yuriyz yuriyz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

featjans-orm): PostgreSQL ORM should allow to search inside JSON attributes
3 participants
@yurem @yuriyz @yuriyzz