Proper fix for filter value escaping (references #750)

27553a3f · Raphaël OUAZANA · 58b8b1cc · 27553a3f · 27553a3f · 27553a3f
Commit 27553a3f authored Feb 02, 2015 by Raphaël OUAZANA
--- a/src/main/java/org/lsc/LscDatasets.java
+++ b/src/main/java/org/lsc/LscDatasets.java
@@ -53,6 +53,7 @@ import java.util.Set;

 import org.apache.directory.api.ldap.model.entry.BinaryValue;
 import org.apache.directory.api.ldap.model.filter.EqualityNode;
+import org.apache.directory.api.ldap.model.filter.FilterEncoder;
 import org.apache.directory.api.ldap.model.filter.SimpleNode;
 import org.lsc.utils.CaseIgnoreStringHashMap;

@@ -97,7 +98,7 @@ public class LscDatasets implements Serializable {
 			SimpleNode<byte[]> filter = new EqualityNode<byte[]>(attribute, binValue);
 			return filter.getEscapedValue().toString();
 		} else {
-			return getStringValueAttribute(attribute);
+			return FilterEncoder.encodeFilterValue(getStringValueAttribute(attribute));
 		}
 	}


--- a/src/main/java/org/lsc/jndi/AbstractSimpleJndiService.java
+++ b/src/main/java/org/lsc/jndi/AbstractSimpleJndiService.java
@@ -60,7 +60,6 @@ import javax.naming.directory.Attribute;
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;

-import org.apache.directory.api.ldap.model.filter.FilterEncoder;
 import org.lsc.Configuration;
 import org.lsc.LscDatasets;
 import org.lsc.beans.IBean;
@@ -243,17 +242,17 @@ public abstract class AbstractSimpleJndiService implements Closeable {
 	 *             the identified object
 	 */
 	public SearchResult get(String id, LscDatasets pivotAttrs, boolean fromSource, String searchString) throws NamingException {
-        searchString = Pattern.compile("\\{id\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(FilterEncoder.encodeFilterValue(id)));
+        searchString = Pattern.compile("\\{id\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(id));
 		if (pivotAttrs != null && pivotAttrs.getDatasets() != null && pivotAttrs.getDatasets().size() > 0) {
 			for (String attributeName : pivotAttrs.getAttributesNames()) {
 				String valueId = pivotAttrs.getValueForFilter(attributeName.toLowerCase());
-				searchString = Pattern.compile("\\{" + attributeName + "\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(FilterEncoder.encodeFilterValue(valueId)));
+				searchString = Pattern.compile("\\{" + attributeName + "\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(valueId));
 			}
 		} else if (attrsId.size() == 1) {
-			searchString = Pattern.compile("\\{" + attrsId.get(0) + "\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(FilterEncoder.encodeFilterValue(id)));
+			searchString = Pattern.compile("\\{" + attrsId.get(0) + "\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(id));
 		} else {
 			// this is kept for backwards compatibility but will be removed
-			searchString = filterIdSync.replaceAll("\\{0\\}", Matcher.quoteReplacement(FilterEncoder.encodeFilterValue(id)));
+			searchString = filterIdSync.replaceAll("\\{0\\}", Matcher.quoteReplacement(id));
 		}

 		return getJndiServices().getEntry(baseDn, searchString, _filteredSc);

--- a/src/main/java/org/lsc/service/SyncReplSourceService.java
+++ b/src/main/java/org/lsc/service/SyncReplSourceService.java
@@ -80,7 +80,6 @@ import org.apache.directory.api.ldap.model.entry.Value;
 import org.apache.directory.api.ldap.model.exception.LdapException;
 import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
 import org.apache.directory.api.ldap.model.exception.LdapURLEncodingException;
-import org.apache.directory.api.ldap.model.filter.FilterEncoder;
 import org.apache.directory.api.ldap.model.message.AliasDerefMode;
 import org.apache.directory.api.ldap.model.message.Control;
 import org.apache.directory.api.ldap.model.message.LdapResult;
@@ -227,14 +226,14 @@ public class SyncReplSourceService extends SimpleJndiSrcService implements IAsyn
 			searchString = filterIdClean; 
 		}

-        searchString = Pattern.compile("\\{id\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(FilterEncoder.encodeFilterValue(id)));
+        searchString = Pattern.compile("\\{id\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(id));
 		if (pivotAttrs != null && pivotAttrs.getDatasets() != null && pivotAttrs.getDatasets().size() > 0) {
 			for (String attributeName : pivotAttrs.getAttributesNames()) {
 				String valueId = pivotAttrs.getValueForFilter(attributeName.toLowerCase());
-				searchString = Pattern.compile("\\{" + attributeName + "\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(FilterEncoder.encodeFilterValue(valueId)));
+				searchString = Pattern.compile("\\{" + attributeName + "\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(valueId));
 			}
 		} else if (attrsId.size() == 1) {
-			searchString = Pattern.compile("\\{" + attrsId.get(0) + "\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(FilterEncoder.encodeFilterValue(id)));
+			searchString = Pattern.compile("\\{" + attrsId.get(0) + "\\}", Pattern.CASE_INSENSITIVE).matcher(searchString).replaceAll(Matcher.quoteReplacement(id));
 		} else {
 			// this is kept for backwards compatibility but will be removed
 			searchString = filterIdSync.replaceAll("\\{0\\}", id);