Skip to content

Validation bug in RepositoryController.IsValidCopyAppRequestAsync: targetOrg parameter not validated #17104

New issue
New issue
Open
Open
Validation bug in RepositoryController.IsValidCopyAppRequestAsync: targetOrg parameter not validated#17104
Assignees
HauklandJ
@coderabbitai

Description

@coderabbitai
coderabbitai
bot
opened on Nov 28, 2025

Description

In src/Designer/backend/src/Designer/Controllers/RepositoryController.cs at line 122 within the IsValidCopyAppRequestAsync method, when targetOrg is supplied, the validation uses AltinnOrganizationNameRegex().IsMatch(org) but the error message refers to targetOrg. This means targetOrg itself is never validated against the regex pattern.

Current Behaviour

The code validates the org parameter instead of targetOrg:

  • Line 122 checks: AltinnOrganizationNameRegex().IsMatch(org)
  • Error message states: $"{targetOrg} is not a valid name for an organization."

This mismatch means an invalid targetOrg value could bypass validation.

Context

This pre-existing issue was identified during refactoring work in PR #17092.

References

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

Team Studio

Status

No status
Team Altinn Studio

Status

No status

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions