Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-pycloudlib): add flag to support simple JSON data format #9937

Merged
merged 3 commits into from
Oct 29, 2024
Merged

feat(jans-pycloudlib): add flag to support simple JSON data format #9937

merged 3 commits into from
Oct 29, 2024
+49 −3

Conversation

iromli
Copy link
Contributor

@iromli iromli commented Oct 25, 2024
edited
Loading

Prepare

Description

Target issue

closes #9935

Implementation Details

Test and Document the changes

  • Static code analysis has been run locally and issues have been fixed
  • Relevant unit and integration tests have been added/updated
  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@iromli iromli self-assigned this Oct 25, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Oct 25, 2024
edited
Loading

DryRun Security Summary

The pull request focuses on improving the persistence functionality of the jans-pycloudlib library, including support for Couchbase, SQL, and Spanner databases, with changes to the handling of JSON data, the introduction of a "simple JSON" mode, and the addition of new test cases to ensure the correct functionality of the persistence-related components.

Expand for full summary

Summary:

The changes in this pull request are focused on improving the persistence functionality of the jans-pycloudlib library, which includes support for Couchbase, SQL, and Spanner databases. The key changes involve the handling of JSON data, the introduction of a "simple JSON" mode, and the addition of new test cases to ensure the correct functionality of the persistence-related components.

From an application security perspective, the changes do not appear to introduce any immediate security concerns. However, it's important to review the overall implementation of the data handling and persistence mechanisms to ensure that they are secure and robust. This includes ensuring that the JSON data is properly validated and sanitized, that the SQL connection parameters are securely stored, and that the Couchbase connection is properly secured.

Additionally, the introduction of the "simple JSON" mode for MySQL databases is an interesting change, as it may affect the way the data is handled and queried. Developers should carefully consider the trade-offs between simplicity and security when deciding on the appropriate JSON storage format for their application.

Files Changed:

  1. jans-pycloudlib/jans/pycloudlib/persistence/spanner.py: The changes in this file are related to the handling of JSON data in the Spanner database. The _transform_value() method has been updated to return the JSON values directly, without wrapping them in a dictionary.

  2. jans-pycloudlib/jans/pycloudlib/persistence/sql.py: The changes in this file include the addition of a use_simple_json property to the SqlClient class, which determines whether to use a simple JSON format (where values are stored as a JSON array) or a more complex format (where values are stored as a dictionary with a "v" key) for MySQL databases.

  3. jans-pycloudlib/jans/pycloudlib/persistence/couchbase.py: The changes in this file include the addition of a use_simple_json property and the removal of the suppress_verification_warning function. The code should be reviewed to ensure that the Couchbase connection is properly secured and that user management and data transformation processes are implemented securely.

  4. jans-pycloudlib/tests/test_persistence.py: The changes in this file involve the addition of new test cases for various persistence-related functionality, including Couchbase, SQL, and Spanner. The tests are focused on ensuring the correct functionality of the persistence-related components, which is an important aspect of application security.

Code Analysis

We ran 9 analyzers against 4 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added comp-jans-pycloudlib kind-feature Issue or PR is a new feature request labels Oct 25, 2024
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Oct 28, 2024

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Oct 28, 2024

Quality Gate Passed Quality Gate passed for 'jans-pycloudlib'

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@iromli iromli marked this pull request as ready for review October 28, 2024 19:19
@iromli iromli requested a review from moabu as a code owner October 28, 2024 19:19
@moabu moabu merged commit 6b1eb3d into main Oct 29, 2024
15 of 18 checks passed
@moabu moabu deleted the cn-pycloudlib-json-fmt branch October 29, 2024 03:26
olevacho pushed a commit that referenced this pull request Nov 1, 2024
@iromli @olevacho
feat(jans-pycloudlib): add flag to support simple JSON data format (#…
fe99956 
…9937)

* feat(jans-pycloudlib): add flag to support simple JSON data format

Signed-off-by: iromli <[email protected]>

* fix: toggle data format based on simple json flag

Signed-off-by: iromli <[email protected]>

---------

Signed-off-by: iromli <[email protected]>
Signed-off-by: Olevacho <[email protected]>
olevacho pushed a commit that referenced this pull request Nov 1, 2024
@iromli @olevacho
feat(jans-pycloudlib): add flag to support simple JSON data format (#…
44fbb0d 
…9937)

* feat(jans-pycloudlib): add flag to support simple JSON data format

Signed-off-by: iromli <[email protected]>

* fix: toggle data format based on simple json flag

Signed-off-by: iromli <[email protected]>

---------

Signed-off-by: iromli <[email protected]>
Signed-off-by: Olevacho <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moabu moabu moabu approved these changes

Assignees

@iromli iromli

Labels
comp-jans-pycloudlib kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(jans-pycloudlib): add flag to support simple JSON data format
3 participants
@iromli @moabu @mo-auto