Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Expose non-generic messages for 403 HTTP status to the end user #38416

Merged
merged 1 commit into from
Feb 16, 2021

Conversation

VicDeo
Copy link
Member

@VicDeo VicDeo commented Feb 16, 2021

Description

8b2ebe2#diff-5f714a00dd14764258a4e4a95b600644974f29a1046a61a7cecd40f96337163d

Introduces a regression: all messages that are coming from 3rd-party apps (files_antivirus, firewall, etc) are masked with a generic message for HTTP status 403
image

Related Issue

https://github.com/owncloud/enterprise/issues/4418
owncloud/files_antivirus#395

Motivation and Context

The real reason why the file hasn't been uploaded is misreported

How Has This Been Tested?

  1. Enable and set files_antivirus
  2. Upload EICAR

Expected

Web UI reports that file is infected with EICAR

Actual

Web UI reports that user has no upload permission

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:
  • Changelog item, see TEMPLATE

@VicDeo VicDeo added this to the development milestone Feb 16, 2021
@VicDeo VicDeo self-assigned this Feb 16, 2021
@sonarcloud
Copy link

sonarcloud bot commented Feb 16, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@owncloud owncloud deleted a comment from update-docs bot Feb 16, 2021
Copy link
Contributor

@phil-davis phil-davis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants