Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CP V6 - bug #12592: fix error 500 when unselectcontract management #1724

Merged
merged 1 commit into from
Mar 29, 2024
Merged

CP V6 - bug #12592: fix error 500 when unselectcontract management #1724

merged 1 commit into from
Mar 29, 2024

Conversation

mohatizaoui
Copy link
Contributor

Description

Description des modifications

Type de changement:

Indiquer le ou les types de changements

  • Build

  • PKI

  • Ansiblerie

  • Nouveau Code

  • Correction

  • Refactorisation de code

  • Autre

Documentation:

Indiquer la documentation mise à jour

[ ] Quels sont les nouvelles documentations ?

[ ] Quels sont les modifications existantes ?

[ ] Quels sont les documentations ou sections de documentations supprimés ?

Tests:

Indiquer comment le code à été testé (manuel, environnement, TU, etc)

manuel

environnement

TU

Migration:

Indiquer si les modifications apportées impliquent une migration sur l'existant et comment la faire

Checklist:

Sélectionner les éléments de la checklist

[ ] Mon code suit le style de code de ce projet.

[ ] J'ai commenté mon code, en particulier dans les classes et les méthodes difficile à comprendre.

[ ] J'ai fait les changements correspondant dans la documentation RAML.

[ ] J'ai fait les changements correspondant dans la documentation Métier.

[ ] J'ai fait les changements correspondant dans la documentation Technique.

[ ] J'ai rajouté les tests unitaires vérifiant mes fonctionnalités.

[ ] J'ai rajouté les tests de non régression vérifiant mes fonctionnalités.

[ ] Les tests unitaires nouveaux et existants passent avec succès localement.

[ ] Toutes les dépendances ont été mergées en priorité

Contributeur

Indiquer qui a développé cette fonctionnalité

VAS (Vitam Accessible en Service)

CEA (Commissariat à l'énergie atomique et aux énergies alternatives)

@mohatizaoui mohatizaoui added bug Something isn't working small pr embarquant peu de changements et à review rapide, ne nécessitant qu'un reviewer Cherry-Pick a cherry pick labels Mar 27, 2024
@mohatizaoui mohatizaoui changed the base branch from develop to master_6.x March 27, 2024 10:03
@GiooDev GiooDev added this to the IT 133 milestone Mar 27, 2024
@GiooDev GiooDev changed the title Cp6 bug 12592 fix error 500 unselect management contract CP V6 - bug #12592: fix error 500 unselect management contract Mar 27, 2024
@marob marob changed the title CP V6 - bug #12592: fix error 500 unselect management contract CP V6 - bug #12592: fix error 500 when unselectcontract management Mar 27, 2024
marob
marob requested changes Mar 27, 2024
View reviewed changes
Copy link
Contributor

@marob marob left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Il manque l'utilisation de la clé i18n dans le template :

vitam-ui/ui/ui-frontend/projects/referential/src/app/ingest-contract/ingest-contract-preview/ingest-contract-information-tab/ingest-contract-information-tab.component.html

Line 67 in ab4e447

<mat-option [value]="null"> {{ 'CONTRACT_MANAGEMENT.CONTRACTS_CREATION.SELECT_MANAGEMENT_CONTRACT' | translate }}</mat-option>

@vitam-devops
Copy link
Collaborator

Logo
Checkmarx One – Scan Summary & Details86e93b65-fa52-4116-83c7-2619abf655bb

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2020-28491 Maven-com.fasterxml.jackson.dataformat:jackson-dataformat-cbor-2.6.7 Vulnerable Package
HIGH CVE-2020-7793 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2021-27292 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2021-33813 Maven-org.jdom:jdom2-2.0.6 Vulnerable Package
HIGH CVE-2021-37136 Maven-io.netty:netty-codec-4.1.65.Final Vulnerable Package
HIGH CVE-2021-37137 Maven-io.netty:netty-codec-4.1.65.Final Vulnerable Package
HIGH CVE-2021-43466 Maven-org.thymeleaf:thymeleaf-spring5-3.0.12.RELEASE Vulnerable Package
HIGH CVE-2022-0265 Maven-com.hazelcast:hazelcast-4.2.2 Vulnerable Package
HIGH CVE-2022-25927 Npm-ua-parser-js-0.7.22 Vulnerable Package
HIGH CVE-2022-28366 Maven-net.sourceforge.htmlunit:neko-htmlunit-2.24 Vulnerable Package
HIGH CVE-2022-36437 Maven-com.hazelcast:hazelcast-4.2.2 Vulnerable Package
HIGH CVE-2022-42252 Maven-org.apache.tomcat.embed:tomcat-embed-core-9.0.63 Vulnerable Package
HIGH CVE-2022-45143 Maven-org.apache.tomcat.embed:tomcat-embed-core-9.0.63 Vulnerable Package
MEDIUM Absolute_Path_Traversal /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java: 245 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java: 219 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: 211 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java: 211 Attack Vector
MEDIUM Absolute_Path_Traversal /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/PastisController.java: 99 Attack Vector
MEDIUM CVE-2022-24823 Maven-io.netty:netty-common-4.1.65.Final Vulnerable Package
MEDIUM CVE-2023-28708 Maven-org.apache.tomcat.embed:tomcat-embed-core-9.0.63 Vulnerable Package
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 153 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 169 Attack Vector
MEDIUM Cleartext_Submission_of_Sensitive_Information /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 166 Attack Vector
MEDIUM Cx816df59e-1cc9 Npm-marked-0.7.0 Vulnerable Package
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 3286 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 3300 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 3300 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/doas.py: 118 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 3286 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 809 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 809 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 809 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 3283 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 3300 Attack Vector
MEDIUM Filtering_Sensitive_Logs /deployment/lib/mitogen-0.2.9/mitogen/core.py: 3300 Attack Vector
MEDIUM Object_Access_Violation /deployment/lib/mitogen-0.2.9/mitogen/utils.py: 125 Attack Vector
MEDIUM Path_Traversal /deployment/lib/mitogen-0.2.9/mitogen/compat/tokenize.py: 451 Attack Vector
MEDIUM Privacy_Violation /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/service/ProviderService.java: 214 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 111 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 110 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/idp/converter/IdentityProviderConverter.java: 155 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/idp/converter/IdentityProviderConverter.java: 155 Attack Vector
MEDIUM SSL_Verification_Bypass /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/filter/ExternalRequestHeadersAuthenticationFilter.java: 88 Attack Vector
MEDIUM SSL_Verification_Bypass /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/filter/ExternalRequestHeadersAuthenticationFilter.java: 85 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/IngestContractExternalController.java: 107 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ContextExternalController.java: 106 Attack Vector
MEDIUM SSRF /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: 181 Attack Vector
MEDIUM SSRF /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/UserInfoExternalController.java: 167 Attack Vector
MEDIUM SSRF /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java: 161 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/IngestContractExternalController.java: 140 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ContextExternalController.java: 138 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/FileFormatExternalController.java: 135 Attack Vector
MEDIUM SSRF /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java: 152 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/IngestContractExternalController.java: 124 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ContextExternalController.java: 123 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/IngestContractExternalController.java: 115 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ContextExternalController.java: 113 Attack Vector
MEDIUM SSRF /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/LogbookManagementOperationExternalController.java: 81 Attack Vector
MEDIUM SSRF /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/LogbookManagementOperationController.java: 103 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/LogbookExternalController.java: 128 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/LogbookController.java: 179 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/service/LogbookExternalService.java: 134 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-iam/iam-internal/src/main/java/fr/gouv/vitamui/iam/internal/server/rest/LogbookInternalController.java: 109 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/OperationExternalController.java: 124 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/LogbookController.java: 146 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-archive-search/archive-search-external/src/main/java/fr/gouv/vitamui/archives/search/external/server/rest/ArchivesSearchExternalController.java: 99 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/LogbookController.java: 135 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ManagementContractInternalController.java: 153 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-collect/collect-external/src/main/java/fr/gouv/vitamui/collect/external/server/rest/TransactionArchiveUnitExternalController.java: 94 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/LogbookManagementOperationExternalController.java: 60 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 105 Attack Vector
LOW Heap_Inspection /cas/cas-server/src/main/java/fr/gouv/vitamui/cas/webflow/actions/I18NSendPasswordResetInstructionsAction.java: 122 Attack Vector
LOW Log_Forging /api/api-collect/collect-internal/src/main/java/fr/gouv/vitamui/collect/internal/server/rest/TransactionArchiveUnitInternalController.java: 162 Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 284 Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 273 Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 261 Attack Vector
LOW Log_Forging /api/api-archive-search/archive-search-internal/src/main/java/fr/gouv/vitamui/archive/internal/server/rest/ArchiveSearchInternalController.java: 295 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/OntologyExternalController.java: 178 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/OntologyExternalController.java: 178 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/OntologyExternalController.java: 178 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/OntologyExternalController.java: 178 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-standalone/src/main/java/fr/gouv/vitamui/pastis/standalone/controller/PastisController.java: 92 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-external/src/main/java/fr/gouv/vitamui/pastis/server/rest/PastisController.java: 80 Attack Vector
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/filter/ExternalRequestHeadersAuthenticationFilter.java: 70 Attack Vector
LOW Log_Forging /api/api-iam/iam-security/src/main/java/fr/gouv/vitamui/iam/security/filter/ExternalRequestHeadersAuthenticationFilter.java: 70 Attack Vector
LOW Log_Forging /api/api-pastis/pastis-external/src/main/java/fr/gouv/vitamui/pastis/server/rest/PastisController.java: 124 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/RuleController.java: 219 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/RuleExternalController.java: 202 Attack Vector
LOW Log_Forging /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/RuleController.java: 211 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/CustomerController.java: 114 Attack Vector
LOW Log_Forging /api/api-iam/iam-external/src/main/java/fr/gouv/vitamui/iam/external/server/rest/CustomerExternalController.java: 185 Attack Vector
LOW Log_Forging

More results are available on AST platform

@mohatizaoui mohatizaoui force-pushed the CP6_BUG_12592_fix_error_500_unselect_management_contract branch from 0e675a9 to bac85f8 Compare March 29, 2024 15:29
@mohatizaoui mohatizaoui requested a review from marob March 29, 2024 15:29
@mohatizaoui mohatizaoui merged commit 5c4140d into master_6.x Mar 29, 2024
@mohatizaoui mohatizaoui deleted the CP6_BUG_12592_fix_error_500_unselect_management_contract branch March 29, 2024 17:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@soukami soukami soukami approved these changes

@marob marob marob approved these changes

Assignees
No one assigned
Labels
bug Something isn't working Cherry-Pick a cherry pick small pr embarquant peu de changements et à review rapide, ne nécessitant qu'un reviewer
Projects
None yet
Milestone
IT 133
Development

Successfully merging this pull request may close these issues.
5 participants
@mohatizaoui @vitam-devops @marob @soukami @GiooDev