Commit 0f846f66 authored by Alexis Ragot's avatar Alexis Ragot

Merge branch 'hotfix/2.3.6' into 'master'

Hotfix 2.3.6 - fix security bug that allow to change service account token

See merge request !164
parents ed494154 b2b74d73
......@@ -266,7 +266,7 @@ class serviceAccount
// Check userAccount exists
$currentDate = \laabs::newTimestamp();
if (!$this->sdoFactory->exists('auth/account', array('accountId' => $serviceAccountId))) {
if (!$this->sdoFactory->exists('auth/account', array('accountId' => $serviceAccountId, "accountType" => "service"))) {
\laabs::newController('audit/entry')->add(
$entryType = "auth/serviceTokenGenerationFailure",
$objectClass = "auth/account",
......
......@@ -103,7 +103,7 @@ interface serviceAccountInterface
*
* @action auth/serviceAccount/generateToken
*/
public function readServicetoken_serviceAccountId_();
public function updateServicetoken_serviceAccountId_();
/**
* Search the service account for typehead
......
......@@ -212,7 +212,7 @@
serviceAccount.displayName = serviceAccount.accountName;
serviceAccount.emailAddress = '';
serviceAccount.enabled = false;
orgId = $("#serviceOrgId").val();
var orgId = $("#serviceOrgId").val();
var servicesURI = new Array();
$("#listPrivilege").find("[name=privilegeURI]").each(function(){
......@@ -283,10 +283,10 @@
//Delete privilege
$("#privilegesTab").on("click","[name=btnDeletePrvilege]", function(){
var serviceURI = $(this).closest("[name=privilegeURI").find('input').data('serviceuri');
var serviceURI = $(this).closest("[name=privilegeURI]").find('input').data('serviceuri');
$("#selectPrivilegeURI").val('').find('option[data-serviceuri="'+serviceURI+'"]').show();
$(this).closest("[name=privilegeURI").remove();
$(this).closest("[name=privilegeURI]").remove();
});
//Cancel
......@@ -299,7 +299,7 @@
$("#tokenRegenerateModal").modal("hide");
ajax($(this), {
url : "/Serviceaccount/"+ $("#serviceAccountId").val() + "/token",
type : "GET",
type : "PUT",
dataType : "json",
success : function(response){
$('#generatedToken').text(response.cookie);
......
......@@ -67,11 +67,11 @@ interface adminServiceaccountInterface
* Get a new service account
* @param string $serviceName The service name
*
* @uses auth/serviceAccount/readServicetoken_serviceAccountId_
* @uses auth/serviceAccount/updateServicetoken_serviceAccountId_
*
* @return auth/serviceAccount/serviceToken
*/
public function readServiceaccount_serviceAccountId_Token();
public function updateServiceaccount_serviceAccountId_Token();
/**
* Update service account
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment