RHCLOUD-33514 Implement blocklist #374
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/retest |
dehort
requested changes
Aug 30, 2024
internal/common/utils/misc.go
Outdated
| @@ -109,3 +109,16 @@ func LoadSchemas(cfg *viper.Viper, schemaNames []string) (schemas []*jsonschema. | |||
| } | |||
| return | |||
| } | |||
|
|
|||
| func IsOrgIdBlocklisted(cfg *viper.Viper, orgId string) bool { | |||
| blocklistedOrgIds := strings.Split(cfg.GetString("blocklist.orgids"), ",") | |||
There was a problem hiding this comment.
It is unfortunate that we have to retrieve the block/deny list from the viper object each time and split it into a list. I wonder if there is a different way to do this. 🤔
dehort
reviewed
Aug 30, 2024
internal/validator/handler.go
Outdated
| @@ -156,6 +156,10 @@ func (this *handler) validateRequest(request *messageModel.IngressValidationRequ | |||
| return fmt.Errorf("Rejecting payload due to file size: %d", request.Size) | |||
| } | |||
|
|
|||
| if utils.IsOrgIdBlocklisted(cfg, request.OrgID) { | |||
| return fmt.Errorf("Rejecting payload because the org_id is blocklisted: %s", request.OrgID) | |||
There was a problem hiding this comment.
I think this might cause us to trigger PlaybookDispatcherValidator alerts. We might need to move this call up into the main message processing function and avoid returning an error and just log (debug level...probably, maybe even trace level) that we rejected a payload due to the org-id being blocked.
|
@dehort Unfortunately, you or someone else from the new Integrations team will have to take over this task from me. I'm occupied with PlatEx Services right now. 😅 |
dehort
force-pushed
the
implement-blocklist
branch
from
57628bb to
8198b50
Compare
dehort
force-pushed
the
implement-blocklist
branch
from
8198b50 to
9577f10
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What?
Explain what the change is linking any relevant JIRAs or Issues.
When the
org_idis in the blocklist:org_idWhy?
Consider what business or engineering goal does this PR achieves.
How?
Describe how the change is implemented. Any noteable new libaries, APIs, or features.
Testing
Did you add any tests for the change?
Anything Else?
Any other notes about the PR that would be useful for the reviewer.
Secure Coding Practices Checklist Link
Secure Coding Checklist