Skip to content

/ graylog2-server

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add user role name with slash "/" #3569

Closed
crazydavidoff opened this issue Mar 6, 2017 · 0 comments
Closed

Add user role name with slash "/" #3569

crazydavidoff opened this issue Mar 6, 2017 · 0 comments
Assignees
@dennisoelkers
Labels
bug triaged
Milestone
2.2.3

Comments

@crazydavidoff
Copy link

@crazydavidoff crazydavidoff commented Mar 6, 2017
edited by jalogisch

If add user role name with "/" you cannot delete it.

Expected Behavior

Current Behavior

There was an error fetching a resource: cannot GET http://172.16.20.58:9000/api/roles/%20Stream/Dashboard%20Editor/members (404). Additional information: HTTP 404 Not Found

t @ plugin.org.graylog.plugins.pipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:1
plugin.org.graylog.plugins.pipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:55 Unhandled rejection Error: cannot GET http://172.16.20.58:9000/api/roles/%20Stream/Dashboard%20Editor/members (404)
    at new t (http://example.com/assets/plugin/org.graylog.plugins.pipelineprocessor.Pr…s.pipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:1:2770)
    at http://example.com/assets/plugin/org.graylog.plugins.pipelineprocessor.Pr…s.pipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:1:4196
From previous event:
    at h.r.then (http://example.com/assets/plugin/org.graylog.plugins.pipelineprocessor.Pr…ipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:257:20641)
    at e.value (http://example.com/assets/plugin/org.graylog.plugins.pipelineprocessor.Pr…s.pipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:1:3714)
    at i (http://example.com/assets/plugin/org.graylog.plugins.pipelineprocessor.Pr…s.pipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:1:1711)
    at s (http://example.com/assets/plugin/org.graylog.plugins.pipelineprocessor.Pr…s.pipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:1:1782)
    at Object.getMembers (http://example.com/assets/plugin/org.graylog.plugins.pipelineprocessor.Pr…ipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:143:20338)
    at n._deleteRole (http://example.com/assets/38.38.037df0c3d824b82fe316.js:1:9159)
    at onClick (http://example.com/assets/38.38.037df0c3d824b82fe316.js:1:7245)
    at Object.r.invokeGuardedCallback (http://example.com/assets/vendor.js:29:11002)
    at i (http://example.com/assets/vendor.js:33:26673)
    at Object.s [as executeDispatchesInOrder] (http://example.com/assets/vendor.js:33:26920)
    at f (http://example.com/assets/vendor.js:8:11906)
    at M (http://example.com/assets/vendor.js:8:12032)
    at Array.forEach (native)
    at n (http://example.com/assets/vendor.js:29:18772)
    at Object.processEventQueue (http://example.com/assets/vendor.js:8:13329)
    at o (http://example.com/assets/vendor.js:35:7775)
    at Object.handleTopLevel [as _handleTopLevel] (http://example.com/assets/vendor.js:35:7880)
    at i (http://example.com/assets/vendor.js:35:8329)
    at a (http://example.com/assets/vendor.js:35:8143)
    at o.perform (http://example.com/assets/vendor.js:8:25971)
    at Object.batchedUpdates (http://example.com/assets/vendor.js:29:4842)
    at Object.a [as batchedUpdates] (http://example.com/assets/vendor.js:7:19906)
    at dispatchEvent (http://example.com/assets/vendor.js:35:9220)
O @ plugin.org.graylog.plugins.pipelineprocessor.PipelineProcessorPlugin.3256fc68b6ac83634199.js:55

Possible Solution

Steps to Reproduce (for bugs)

Context

Your Environment

  • Graylog Version:2.2.1
  • Elasticsearch Version: 2.4.4
  • MongoDB Version: 3.4
  • Operating System:
  • Browser version: Chrome
@joschi joschi added the bug label Mar 6, 2017
@dennisoelkers dennisoelkers self-assigned this Mar 6, 2017
dennisoelkers added a commit that referenced this issue Mar 6, 2017
@dennisoelkers
Escaping username component to allow usernames with slash.
Verified
This commit was signed with the committer’s verified signature.
dennisoelkers Dennis Oelkers
GPG key ID: 26B2C114209DC497 Learn about signing commits
Loading status checks…
e14a89f 
Fixes #3569.
@dennisoelkers dennisoelkers mentioned this issue Mar 6, 2017
Merged
3 of 9 tasks complete
@jalogisch jalogisch added the triaged label Mar 6, 2017
dennisoelkers added a commit that referenced this issue Mar 7, 2017
@dennisoelkers
Escaping username component to allow usernames with slash.
Verified
This commit was signed with the committer’s verified signature.
dennisoelkers Dennis Oelkers
GPG key ID: 26B2C114209DC497 Learn about signing commits
03dd11f 
Fixes #3569.
@joschi joschi closed this in #3570 Mar 7, 2017
joschi added a commit that referenced this issue Mar 7, 2017
@dennisoelkers @joschi
Properly escape username/roles in web interface (#3570)
Loading status checks…
34446c2 
* Escaping username component to allow usernames with slash.
* Allowing to handle deletion/updates of roles with special characters.
* Allowing editing/updating/deleting users with special characters in name
* Using proper route methods, escaping username in CurrentUserStore.

Fixes #3569
@joschi joschi removed the in progress label Mar 7, 2017
dennisoelkers added a commit that referenced this issue Mar 7, 2017
@dennisoelkers
Properly escape username/roles in web interface (#3570)
Verified
This commit was signed with the committer’s verified signature.
dennisoelkers Dennis Oelkers
GPG key ID: 26B2C114209DC497 Learn about signing commits
Loading status checks…
63cb44a 
* Escaping username component to allow usernames with slash.
* Allowing to handle deletion/updates of roles with special characters.
* Allowing editing/updating/deleting users with special characters in name
* Using proper route methods, escaping username in CurrentUserStore.

Fixes #3569

(cherry picked from commit 34446c2)
@dennisoelkers dennisoelkers mentioned this issue Mar 7, 2017
Merged
3 of 9 tasks complete
@joschi joschi added this to the 2.2.3 milestone Mar 7, 2017
joschi added a commit that referenced this issue Mar 7, 2017
@dennisoelkers @joschi
Properly escape username/roles in web interface (#3588)
Loading status checks…
f9a9d2b 
* Escaping username component to allow usernames with slash.
* Allowing to handle deletion/updates of roles with special characters.
* Allowing editing/updating/deleting users with special characters in name
* Using proper route methods, escaping username in CurrentUserStore.

Fixes #3569

(cherry picked from commit 34446c2 / PR #3570)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dennisoelkers dennisoelkers

Labels
bug triaged
Projects
None yet
Milestone
2.2.3
Linked pull requests

Successfully merging a pull request may close this issue.

Escaping username/roles parameters to allow usernames/roles with special characters.
4 participants
@dennisoelkers @joschi @jalogisch @crazydavidoff