980084 – It is possible to add incorrect email in alert Definition Notifications

Bug 980084 - It is possible to add incorrect email in alert Definition Notifications

Summary: It is possible to add incorrect email in alert Definition Notifications

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Operations Network
Classification:	JBoss
Component:	UI
Sub Component:
Version:	JON 3.2
Hardware:	x86_64
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	ER04
Target Release:	JON 3.3.0
Assignee:	Michael Burman
QA Contact:	Mike Foley
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-07-01 11:46 UTC by jvlasak
Modified:	2014-12-11 14:00 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2014-12-11 14:00:49 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)
alert_notification_email (176.32 KB, image/png) 2013-07-01 11:46 UTC, jvlasak	no flags	Details
View All

Description jvlasak 2013-07-01 11:46:43 UTC

Created attachment 767352 [details]
alert_notification_email

Description of problem:
It is possible to add incorrect email in alert Definition Notifications

Version-Release number of selected component (if applicable):
Version: 4.8.0
Build Number: f21300f

How reproducible:
always

Steps to Reproduce:
1. Log in to Server gui
2. Edit Alert Definition under RHQ Storage/Cassandra Server JVM/ VM Memory Subsystem
3. In Notification/Direct Email  add incorrect email "asdf@@@asdf.cz,asdf@@ca.c"

Actual results:
Alert Definition is saved with incorrect email

Expected results:
Alert Definition is not saved with incorrect email - red sign is visible asking for correct email format.

Additional info:
screen-shot attached

Comment 1 Charles Crouch 2013-07-01 19:13:55 UTC

From 7/1 BZ triage: Fix via smartgwt or regex check

Comment 3 Michael Burman 2014-09-01 21:56:42 UTC

This is actually validated currently, just not with very strict regexp:

<c:regex-constraint expression=".+@[^@, ]+(,.+@[^,@ ]+)?"/>

Do we really need stricter email validation here?

Comment 4 Larry O'Leary 2014-09-12 20:03:14 UTC

I do not think we need "strict" validation but we do need basic validation. From the regex you display here it would seem that "asdf@@@asdf.cz,asdf@@ca.c" would be invalid? If not, it should. The double and triple '@' should have cause a validation error.

Comment 6 Michael Burman 2014-09-16 12:24:09 UTC

Changed in master to use stricter validation:

commit 2672ea76be3b94f468fb1ac6d267c2b612ba443b
Author: Michael Burman <miburman>
Date:   Tue Sep 16 15:23:14 2014 +0300

    [BZ 980084] Add stricter email validation regexp to alert-email serverplugin. Use the same regexp as with other EmailValidations

Comment 7 Thomas Segismont 2014-09-23 15:04:35 UTC

Cherry-picked over to release/jon3.3.x

commit a719242d1e5155eb907fed844c6be534c3b398d5
Author: Michael Burman <miburman>
Date:   Tue Sep 16 15:23:14 2014 +0300

    [BZ 980084] Add stricter email validation regexp to alert-email serverplugin. Use the same regexp as with other EmailValidations
    
    (cherry picked from commit 2672ea76be3b94f468fb1ac6d267c2b612ba443b)
    Signed-off-by: Thomas Segismont <tsegismo>

Comment 8 Simeon Pinder 2014-10-01 21:32:59 UTC

Moving to ON_QA as available for test with build:
https://brewweb.devel.redhat.com/buildinfo?buildID=388959

Note You need to log in before you can comment on or make changes to this bug.