Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11976

XUI Session query session by username does not work with +

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 14.0.0, 14.1.0, 14.1.1, 14.5.0
    • Fix Version/s: 6.0.0, 14.1.2, 5.5.2
    • Component/s: XUI
    • Labels:
    • Sprint:
      AM Sustaining Sprint 45
    • Story Points:
      2
    • Needs backport:
      No
    • Support Ticket IDs:
    • Verified Version/s:
    • Needs QA verification:
      Yes
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      With usernames starting ot containing "+", finding this uses in the Sessions by typing the username is not found. However searching with "*" shows that they are present

      How to reproduce the issue

      1. Create two users like +999 and +911 (uid)
      2. Now login as each of these users (but do not clear or logout)
      3. Login on another browser and search for all existing sessions ("*")
      4. Now search for +999 and +911

      Expected behaviour
      Search on +999 should show the +999 sessions
      and respectively for +9111
      
      Current behaviour
      Query on * shows all session including +999
      Qurty on +999 shows nothing
      

      Work around

      Directly using curl and escaping + to %2B works

      Code analysis

      UsersSessions.jsm
      rl: fetchUrl(`/users?_queryId=${username}*`, { realm })
      

      username may need to be ${encodeURIComponent(username)}.

      Or for the generated code

      openam/XUI/org/forgerock/openam/ui/admin/services/realm/UsersService.js
      
        function getByUsernameStartsWith(realm, username) {
           // [was]  url: (0, _fetchUrl2.default)("/users?_queryId=" + username + "*", { realm: realm }),
          // changed to uri encode the username
          return obj.serviceCall({
            url: (0, _fetchUrl2.default)("/users?_queryId=" + encodeURIComponent(username) + "*", { realm: realm }),
            headers: { "Accept-API-Version": "protocol=1.0,resource=1.0" }
          }).then(function (response) {
            return response.result;
          });
      
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                chee-weng.chea C-Weng C
                Reporter:
                chee-weng.chea C-Weng C
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: