Roles: Added max validation for role external auth id field

For #5037
This commit is contained in:
Dan Brown 2024-06-08 20:33:34 +01:00
parent 6019d2ee14
commit bddc6ae66b
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 29 additions and 4 deletions

View File

@ -21,7 +21,7 @@ class RoleApiController extends ApiController
'display_name' => ['required', 'string', 'min:3', 'max:180'], 'display_name' => ['required', 'string', 'min:3', 'max:180'],
'description' => ['string', 'max:180'], 'description' => ['string', 'max:180'],
'mfa_enforced' => ['boolean'], 'mfa_enforced' => ['boolean'],
'external_auth_id' => ['string'], 'external_auth_id' => ['string', 'max:180'],
'permissions' => ['array'], 'permissions' => ['array'],
'permissions.*' => ['string'], 'permissions.*' => ['string'],
], ],
@ -29,7 +29,7 @@ class RoleApiController extends ApiController
'display_name' => ['string', 'min:3', 'max:180'], 'display_name' => ['string', 'min:3', 'max:180'],
'description' => ['string', 'max:180'], 'description' => ['string', 'max:180'],
'mfa_enforced' => ['boolean'], 'mfa_enforced' => ['boolean'],
'external_auth_id' => ['string'], 'external_auth_id' => ['string', 'max:180'],
'permissions' => ['array'], 'permissions' => ['array'],
'permissions.*' => ['string'], 'permissions.*' => ['string'],
] ]

View File

@ -75,7 +75,7 @@ class RoleController extends Controller
$data = $this->validate($request, [ $data = $this->validate($request, [
'display_name' => ['required', 'min:3', 'max:180'], 'display_name' => ['required', 'min:3', 'max:180'],
'description' => ['max:180'], 'description' => ['max:180'],
'external_auth_id' => ['string'], 'external_auth_id' => ['string', 'max:180'],
'permissions' => ['array'], 'permissions' => ['array'],
'mfa_enforced' => ['string'], 'mfa_enforced' => ['string'],
]); ]);
@ -109,7 +109,7 @@ class RoleController extends Controller
$data = $this->validate($request, [ $data = $this->validate($request, [
'display_name' => ['required', 'min:3', 'max:180'], 'display_name' => ['required', 'min:3', 'max:180'],
'description' => ['max:180'], 'description' => ['max:180'],
'external_auth_id' => ['string'], 'external_auth_id' => ['string', 'max:180'],
'permissions' => ['array'], 'permissions' => ['array'],
'mfa_enforced' => ['string'], 'mfa_enforced' => ['string'],
]); ]);

View File

@ -96,6 +96,31 @@ class RoleManagementTest extends TestCase
$this->assertActivityExists(ActivityType::ROLE_DELETE); $this->assertActivityExists(ActivityType::ROLE_DELETE);
} }
public function test_role_external_auth_id_validation()
{
config()->set('auth.method', 'oidc');
$role = Role::query()->first();
$routeByMethod = [
'post' => '/settings/roles/new',
'put' => "/settings/roles/{$role->id}",
];
foreach ($routeByMethod as $method => $route) {
$resp = $this->asAdmin()->get($route);
$resp->assertDontSee('The external auth id');
$resp = $this->asAdmin()->call($method, $route, [
'display_name' => 'Test role for auth id validation',
'description' => '',
'external_auth_id' => str_repeat('a', 181),
]);
$resp->assertRedirect($route);
$resp = $this->followRedirects($resp);
$resp->assertSee('The external auth id may not be greater than 180 characters.');
}
}
public function test_admin_role_cannot_be_removed_if_user_last_admin() public function test_admin_role_cannot_be_removed_if_user_last_admin()
{ {
/** @var Role $adminRole */ /** @var Role $adminRole */