Uploaded image for project: 'Syncope'
  1. Syncope
  2. SYNCOPE-707

ConfigurationLogic doesn't check the existence of key during deletion.

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.2.5, 2.0.0-M1
    • Fix Version/s: 1.2.6, 2.0.0-M1
    • Component/s: None
    • Labels:
      None

      Description

      When I try to delete a configuration I get always a valid response also when the configuration key doesn't exist (while I was expecting a NotFound error).
      Reading the code I found below difference from (1) ConfigurationLogic and, for instance, (2) SchemaLogic classes:

      (1)
      @PreAuthorize("hasRole('" + Entitlement.CONFIGURATION_DELETE + "')")
      public void delete(final String schema)

      { confDAO.delete(schema); }

      (2)
      @PreAuthorize("hasRole('" + Entitlement.SCHEMA_DELETE + "')")
      public void delete(final SchemaType schemaType, final String schemaName) {
      if (!doesSchemaExist(schemaType, schemaName))

      { throw new NotFoundException(schemaType + "/" + schemaName); }

      switch (schemaType)

      { case VIRTUAL: virSchemaDAO.delete(schemaName); break; case DERIVED: derSchemaDAO.delete(schemaName); break; case PLAIN: default: plainSchemaDAO.delete(schemaName); }

      }

      As you can read the second class has a control on schema existence, the first one hasn't.

      We have to add the same check on the ConfigurationLogic class.

      Relevant mail thread: http://markmail.org/message/3ufidttokvw2km5k

        Attachments

          Activity

            People

            • Assignee:
              massi Massimiliano Perrone
              Reporter:
              massi Massimiliano Perrone
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: