Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-40828

SiteService: Prevent creating sites with ids that contain spaces or other characters.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: CLOSED
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 12.4, 19.0, 20.0 [Tentative]
    • Fix Version/s: 12.6, 19.0, 20.0 [Tentative]
    • Component/s: Deploy, Kernel
    • Labels:
      None
    • 19 status:
      Resolved
    • 12 status:
      Resolved
    • Property addition/change required:
      Yes
    • Test Plan:
      Hide

      Login as admin

      Click on the 'Sites' tool in the admin workspace

      Enter 'abc def ghi' for the site id and a title of your choice.

      Save the site.

      You should get an error message about the site id being invalid.

       

      Show
      Login as admin Click on the 'Sites' tool in the admin workspace Enter 'abc def ghi' for the site id and a title of your choice. Save the site. You should get an error message about the site id being invalid.  

      Description

      The SiteService allows creating sites containing spaces and other symbols, this can bring unexpected behaviors in some tools like SAK-40702 or SAK-40703.

      We should validate the siteId and throw an exception if the siteId is not valid, it will be desirable to restrict the siteIds to not allow spaces or other symbols that can cause conflicts with URLs or tools.

      The current validation is for resources, this implementation is deprecated and not valid anymore.

      https://github.com/sakaiproject/sakai/blob/master/kernel/kernel-impl/src/main/java/org/sakaiproject/site/impl/BaseSiteService.java#L1265

      https://github.com/sakaiproject/sakai/blob/master/kernel/kernel-impl/src/main/java/org/sakaiproject/site/impl/BaseSiteService.java#L1321

      I suggest creating a new validator using StringUtils, I'd like to have a consensus about what's valid and what's not, because siteIds are very important.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  jtingen Jolie Tingen
                  Reporter:
                  farreri Miguel Pellicer
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  9 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Git Source Code