[VAS] 11340 : clean audit collect toggle #1311

laedanrex · 2023-04-13T15:14:11Z

Description

Description des modifications

Regression du toggle dans l'app AUDIT

Type de changement:

Indiquer le ou les types de changements

Correction

Documentation:

Indiquer la documentation mise à jour

[ ] Quels sont les nouvelles documentations ?

[ ] Quels sont les modifications existantes ?

[ ] Quels sont les documentations ou sections de documentations supprimés ?

Tests:

Indiquer comment le code à été testé (manuel, environnement, TU, etc)

manuel

Migration:

Indiquer si les modifications apportées impliquent une migration sur l'existant et comment la faire

Checklist:

Sélectionner les éléments de la checklist

[ ] Mon code suit le style de code de ce projet.

[ ] J'ai commenté mon code, en particulier dans les classes et les méthodes difficile à comprendre.

[ ] J'ai fait les changements correspondant dans la documentation RAML.

[ ] J'ai fait les changements correspondant dans la documentation Métier.

[ ] J'ai fait les changements correspondant dans la documentation Technique.

[ ] J'ai rajouté les tests unitaires vérifiant mes fonctionnalités.

[ ] J'ai rajouté les tests de non régression vérifiant mes fonctionnalités.

[ ] Les tests unitaires nouveaux et existants passent avec succès localement.

[ ] Toutes les dépendances ont été mergées en priorité

Contributeur

Indiquer qui a développé cette fonctionnalité

VAS (Vitam Accessible en Service)

TDevillechabrolle · 2023-04-20T13:28:17Z

Checkmarx One – Scan Summary & Details – 51a033ce-72b1-464f-a5ee-e19d84a54a26

New Issues

Issue	Source File / Package	Checkmarx Insight
Reflected_XSS_All_Clients	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Reflected_XSS_All_Clients	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Reflected_XSS_All_Clients	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Reflected_XSS_All_Clients	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Cleartext_Submission_of_Sensitive_Information	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 118	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Privacy_Violation	/api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/service/InternalSecurityService.java: 110	Attack Vector
Privacy_Violation	/ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/service/ProviderService.java: 214	Attack Vector
Privacy_Violation	/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 111	Attack Vector
Privacy_Violation	/api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 110	Attack Vector
SSRF	/ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java: 152	Attack Vector
SSRF	/ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java: 143	Attack Vector
SSRF	/api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/IngestContractExternalController.java: 124	Attack Vector
SSRF	/api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ContextExternalController.java: 123	Attack Vector
Unchecked_Input_for_Loop_Condition	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 281	Attack Vector
Unchecked_Input_for_Loop_Condition	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 246	Attack Vector
Unchecked_Input_for_Loop_Condition	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 222	Attack Vector
Unchecked_Input_for_Loop_Condition	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 210	Attack Vector
Unchecked_Input_for_Loop_Condition	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/ProjectInternalController.java: 109	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 292	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 270	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionArchiveUnitInternalController.java: 162	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 258	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 281	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 210	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionInternalController.java: 120	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/ProjectObjectGroupInternalController.java: 101	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/ProjectInternalController.java: 108	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 167	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionInternalController.java: 133	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 318	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionInternalController.java: 133	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 281	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 318	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 304	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 281	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 246	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 222	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/SearchCriteriaHistoryInternalController.java: 91	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionArchiveUnitInternalController.java: 96	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionArchiveUnitInternalController.java: 162	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 281	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 156	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/SearchCriteriaHistoryInternalController.java: 91	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 304	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionInternalController.java: 133	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 179	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 210	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/ProjectInternalController.java: 109	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 303	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionInternalController.java: 120	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 317	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionInternalController.java: 131	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 167	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 281	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 246	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionArchiveUnitInternalController.java: 129	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 318	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 222	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/ProjectObjectGroupInternalController.java: 101	Attack Vector
Log_Forging	/api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/ProjectObjectGroupInternalController.java: 83	Attack Vector
Log_Forging	/api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 180	Attack Vector
Log_Forging

More results are available on AST platform

laedanrex added bug Something isn't working javascript Pull requests that update Javascript code VAS VAS contribution clean Code Clean Code VitamUI labels Apr 13, 2023

laedanrex self-assigned this Apr 13, 2023

oussamasic approved these changes Apr 17, 2023

View reviewed changes

GiooDev added this to the IT 118 milestone Apr 19, 2023

bbenaissa approved these changes Apr 20, 2023

View reviewed changes

[VAS] Bug audit selector

dad43e5

laedanrex force-pushed the vas-audit-bug branch from feaa781 to dad43e5 Compare April 20, 2023 13:03

ProgrammeVitam deleted a comment from TDevillechabrolle Apr 20, 2023

GiooDev merged commit 50fcc65 into develop Apr 20, 2023

GiooDev deleted the vas-audit-bug branch April 20, 2023 13:40

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[VAS] 11340 : clean audit collect toggle #1311

[VAS] 11340 : clean audit collect toggle #1311

laedanrex commented Apr 13, 2023

TDevillechabrolle commented Apr 20, 2023

[VAS] 11340 : clean audit collect toggle #1311

[VAS] 11340 : clean audit collect toggle #1311

Conversation

laedanrex commented Apr 13, 2023

Description

Type de changement:

Documentation:

Tests:

Migration:

Checklist:

Contributeur

TDevillechabrolle commented Apr 20, 2023

New Issues