Skip to content

Validation bug in RepositoryController.IsValidCopyAppRequestAsync: targetOrg parameter not validated #17104

@coderabbitai

Description

@coderabbitai

Description

In src/Designer/backend/src/Designer/Controllers/RepositoryController.cs at line 122 within the IsValidCopyAppRequestAsync method, when targetOrg is supplied, the validation uses AltinnOrganizationNameRegex().IsMatch(org) but the error message refers to targetOrg. This means targetOrg itself is never validated against the regex pattern.

Current Behaviour

The code validates the org parameter instead of targetOrg:

  • Line 122 checks: AltinnOrganizationNameRegex().IsMatch(org)
  • Error message states: $"{targetOrg} is not a valid name for an organization."

This mismatch means an invalid targetOrg value could bypass validation.

Context

This pre-existing issue was identified during refactoring work in PR #17092.

References

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

Status

No status

Status

No status

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions