avoid providing internal notes to /whoami endpoint (fixes #170) #171
Conversation
pmauduit
force-pushed
the
knowledge-info-whoami-170
branch
from
6823a48 to
da242bf
Compare
| @@ -106,6 +106,11 @@ public Mono<Map<String, Object>> whoami(Authentication principal, ServerWebExcha | |||
| } | |||
|
|
|||
| Map<String, Object> ret = new LinkedHashMap<>(); | |||
| if (user != null) { | |||
There was a problem hiding this comment.
(Auto-reviewing myself): I am not very fond of null testing user, as using an Optional some lines above should be about avoiding it, but is there another way ?
There was a problem hiding this comment.
but is there another way ?
I don't think so.
|
Also I am wondering if we should handle sensitive fields one by one (hashed passwords from the LDAP, internal CRM notes, ...), or if there are no other means for doing so ? |
|
Perhaps it would be interesting to be able to configure these fields ? |
why not, but we can't really predict what would be needed on the GeorchestraUser object in the coming months / years / ... and what should be stripped from the whoami endpoint, in my opinion. Also making it configureable would leave the opportunity to the administrators to have flawed configurations revealing undesired fields, so I am a bit puzzled. |
See mentioned issue #170 and related one (georchestra/georchestra#4280). This PR aims to avoid having the /whoami endpoint revealing the "internal notes" field from the LDAP, as it is an internal note on the user and is not meant to be available from the endpoint.
Tests: 2 tests added, also making sure that the /whoami endpoint will work when not connected (
useris null).