[bot] Merge 26.3 to 26.7#1795
Merged
Merged
Conversation
Added more filters: 1. Remove cases in which the ID has a surrogate dam entered in prime. (There are several but 41043 is one example) 2. Remove cases in which the observed dam is "unknown" 3. Remove cases in which the observed dam ID is not an ONPRC. E.g. there are several NEPRC IDs of the format ###-####.
## Rationale ONPRC_BillingManager.deleteBillingRuns built SimpleFilters over the raw onprc_billing tables (invoicedItems, invoiceRuns, miscCharges) from request-supplied primary keys with no container predicate, and the method received no Container. Since DeleteBillingPeriodAction's permission check is evaluated only against the current folder, a billing admin in one folder could delete or detach billing rows belonging to any other folder by POSTing arbitrary object IDs - a cross-container horizontal privilege-escalation bug. This change confines every operation to the caller's folder. This is the 26.3 port of #1759 (originally against release25.7-SNAPSHOT). ## Related Pull Requests - #1759 (original, against release25.7-SNAPSHOT) ## Changes - Add a Container parameter to deleteBillingRuns and pass getContainer() from both DeleteBillingPeriodAction call sites. - Add integration test ONPRC_BillingManager.TestCase asserting a delete from one container cannot affect another, registered in ONPRC_BillingModule.getIntegrationTests(). - Drop two unused row-count locals from the Table.delete calls. ## Container filters added on All tables are in the onprc_billing schema: - invoiceRuns - container filter on the PK->run-id lookup and on the final delete. - invoicedItems - the preview read and the delete both carry a direct container filter (SimpleFilter.createContainerFilter) plus an invoiceId restriction to the container-scoped run ids. - miscCharges - the read and the detaching Table.update are keyed off container-authorized run ids only; intentionally NOT container-scoped (source charges may live in satellite containers) but can only match runs the caller already owns.
labkey-tchad
approved these changes
Jul 8, 2026
f2a3299
into
release26.7-SNAPSHOT
9 of 10 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Generated automatically.
Merging changes from: 210bd3d
Approve all matching PRs simultaneously.
Approval will trigger automatic merge.
Verify all PRs before approving: https://internal.labkey.com/Scrumtime/Backlog/harvest-gitOpenPullRequests.view?branch=26.7_fb_bot_merge_26.3