[REST] Entry with "/" in their RDN cannot be managed by REST webservice
Description
Using webservice REST (https://rest-api.fusiondirectory.org/) on FD 1.4, it's impossible to read or update objects whose RDN have "/" in them, such as supannEntity.
Distribution Name and Version
Any
FusionDirectory Version
latest 1.4 dev branch
Plugin with the defect
webservice
PHP version used
7.4.3
Steps to Reproduce
Call webservice using curl to get a token
export FD_TOKEN=$(curl -X POST -d '{"directory": "default", "user": "fd-admin", "password": "secret"}' http://<fd.local>/rest.php/v1/login | sed 's/"//g')
Try to read entry containing two "/" in RDN
curl -H "Session-Token: $FD_TOKEN" http://<fd.local>/rest.php/v1/objects/ENTITE/supannCodeEntite=DC/DAF/PDC,ou=structures,dc=domain,dc=com
Getting error:
[{"class":"WebServiceError","message":"Tab \"DAF\" of type \"ENTITE\" does not exists","line":213,"file":"/usr/local/share/fusiondirectory/include/webservice/class_fdRPCService.inc"}]
Try to read entry containing three "/" in RDN:
curl -H "Session-Token: $FD_TOKEN" http://<fd.local>/rest.php/v1/objects/ENTITE/supannCodeEntite=DC/SG/PVC/SVE,ou=structures,dc=domain,dc=com
Getting error
[{"class":"WebServiceError","message":"[endpoint_objects_GET_5] Invalid request for endpoint objects: GET with 5 path elements","line":190,"file":"/usr/local/share/fusiondirectory/html/rest.php"}]
I tried to URLencode the "/" in the DN, replacing "/" with %2F with same error, tried escaping with %252f (escaping the %) but got a "Non-existing dn" error.
It seems that even if I could configure the http server to not decode the "/" in the URL transmitted in PATH_INFO (eg. with AllowEncodedSlashes NoDecode
in Apache), Fusiondirectory doesn't decode it when requesting the DN.
Expected behavior:
Be able to manage these entries
Actual behavior:
Cannot read or update object.
Additional Information
A quick fix I've tested would be to decode the DN passed in the URL, so escaping the slashes with "%252f" would work (http server would decode %252f to %2f and %2f would be decoded by Fusiondirectory)