From fe2d0f15e5931f4719bed28df506b5ec473a388b Mon Sep 17 00:00:00 2001 From: Ian Nara Date: Mon, 30 Jun 2025 14:12:24 -0600 Subject: [PATCH 1/2] check servicelink disabled --- .../operator/service/SecureLinkValidatorService.java | 5 ++++- .../service/SecureLinkValidatorServiceTest.java | 12 ++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/uid2/operator/service/SecureLinkValidatorService.java b/src/main/java/com/uid2/operator/service/SecureLinkValidatorService.java index 3a630dfe5..9e1d8b85c 100644 --- a/src/main/java/com/uid2/operator/service/SecureLinkValidatorService.java +++ b/src/main/java/com/uid2/operator/service/SecureLinkValidatorService.java @@ -46,9 +46,12 @@ public boolean validateRequest(RoutingContext rc, JsonObject requestJsonObject, LOGGER.warn("Path: {} , ClientKey has ServiceId set, but LinkId in request was not authorized. ServiceId: {}, LinkId in request: {}", rc.normalizedPath(), clientKey.getServiceId(), linkId); return false; } + if (serviceLink.isDisabled()) { + LOGGER.warn("Path: {} , ServiceLink {} is disabled", rc.normalizedPath(), linkId); + return false; + } if (!serviceLink.getRoles().contains(role)) { LOGGER.warn("Path: {} , ServiceLink {} does not have role {}", rc.normalizedPath(), linkId, role); - return false; } Service service = rotatingServiceStore.getService(clientKey.getServiceId()); diff --git a/src/test/java/com/uid2/operator/service/SecureLinkValidatorServiceTest.java b/src/test/java/com/uid2/operator/service/SecureLinkValidatorServiceTest.java index 68decfb9f..9f8cd8a81 100644 --- a/src/test/java/com/uid2/operator/service/SecureLinkValidatorServiceTest.java +++ b/src/test/java/com/uid2/operator/service/SecureLinkValidatorServiceTest.java @@ -67,6 +67,18 @@ void validateRequest_linkIdNotFound_returnsFalse() { assertFalse(service.validateRequest(this.routingContext, requestJsonObject, Role.MAPPER)); } + @Test + void validateRequest_linkIdFoundLinkDisabled_returnsFalse() { + this.setClientKey(10); + JsonObject requestJsonObject = new JsonObject(); + requestJsonObject.put(SecureLinkValidatorService.LINK_ID, "999"); + + when(this.rotatingServiceLinkStore.getServiceLink(10, "999")).thenReturn(new ServiceLink("999", 10, 100, "testServiceLink", Set.of(Role.MAPPER), true)); + + SecureLinkValidatorService service = new SecureLinkValidatorService(this.rotatingServiceLinkStore, this.rotatingServiceStore); + assertFalse(service.validateRequest(this.routingContext, requestJsonObject, Role.MAPPER)); + } + @Test void validateRequest_roleNotInServiceLink_returnsFalse() { this.setClientKey(10); From cd1cdf9bb5ecfd14374af1f1f90d04af74ee49f5 Mon Sep 17 00:00:00 2001 From: Ian Nara Date: Tue, 1 Jul 2025 15:29:59 -0600 Subject: [PATCH 2/2] update shared version --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index b3f74f95a..0ff00b5f7 100644 --- a/pom.xml +++ b/pom.xml @@ -22,7 +22,7 @@ 2.1.0 2.1.13 2.1.0 - 10.1.0 + 10.8.0 ${project.version} 21 21 @@ -308,7 +308,7 @@ org.apache.maven.plugins maven-surefire-plugin - 2.22.2 + 3.2.5 ${argLine} -Dfile.encoding=${project.build.sourceEncoding}