Skip to content

Commit d1a3b5b

Browse files
gssbzngssbzn
authored
fix: fix username path escape for db username (#199)
1 parent 729c84c commit d1a3b5b

File tree

1 file changed

+20
-3
lines changed

1 file changed

+20
-3
lines changed

mongodbatlas/database_users.go

Lines changed: 20 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ import (
1818
"context"
1919
"fmt"
2020
"net/http"
21+
"net/url"
2122
)
2223

2324
const dbUsersBasePath = "groups/%s/databaseUsers"
@@ -115,6 +116,9 @@ type databaseUsers struct {
115116
//
116117
// See more: https://docs.atlas.mongodb.com/reference/api/database-users-get-all-users/
117118
func (s *DatabaseUsersServiceOp) List(ctx context.Context, groupID string, listOptions *ListOptions) ([]DatabaseUser, *Response, error) {
119+
if groupID == "" {
120+
return nil, nil, NewArgError("groupID", "must be set")
121+
}
118122
path := fmt.Sprintf(dbUsersBasePath, groupID)
119123

120124
// Add query params from listOptions
@@ -156,7 +160,8 @@ func (s *DatabaseUsersServiceOp) Get(ctx context.Context, databaseName, groupID,
156160
}
157161

158162
basePath := fmt.Sprintf(dbUsersBasePath, groupID)
159-
path := fmt.Sprintf("%s/%s/%s", basePath, databaseName, username)
163+
escapedEntry := url.PathEscape(username)
164+
path := fmt.Sprintf("%s/%s/%s", basePath, databaseName, escapedEntry)
160165

161166
req, err := s.Client.NewRequest(ctx, http.MethodGet, path, nil)
162167
if err != nil {
@@ -176,6 +181,9 @@ func (s *DatabaseUsersServiceOp) Get(ctx context.Context, databaseName, groupID,
176181
//
177182
// See more: https://docs.atlas.mongodb.com/reference/api/database-users-create-a-user/
178183
func (s *DatabaseUsersServiceOp) Create(ctx context.Context, groupID string, createRequest *DatabaseUser) (*DatabaseUser, *Response, error) {
184+
if groupID == "" {
185+
return nil, nil, NewArgError("groupID", "must be set")
186+
}
179187
if createRequest == nil {
180188
return nil, nil, NewArgError("createRequest", "cannot be nil")
181189
}
@@ -200,13 +208,21 @@ func (s *DatabaseUsersServiceOp) Create(ctx context.Context, groupID string, cre
200208
//
201209
// See more: https://docs.atlas.mongodb.com/reference/api/database-users-update-a-user/
202210
func (s *DatabaseUsersServiceOp) Update(ctx context.Context, groupID, username string, updateRequest *DatabaseUser) (*DatabaseUser, *Response, error) {
211+
if groupID == "" {
212+
return nil, nil, NewArgError("groupID", "must be set")
213+
}
214+
if username == "" {
215+
return nil, nil, NewArgError("username", "must be set")
216+
}
203217
if updateRequest == nil {
204218
return nil, nil, NewArgError("updateRequest", "cannot be nil")
205219
}
206220

207221
basePath := fmt.Sprintf(dbUsersBasePath, groupID)
208222

209-
path := fmt.Sprintf("%s/%s/%s", basePath, updateRequest.GetAuthDB(), username)
223+
escapedEntry := url.PathEscape(username)
224+
225+
path := fmt.Sprintf("%s/%s/%s", basePath, updateRequest.GetAuthDB(), escapedEntry)
210226

211227
req, err := s.Client.NewRequest(ctx, http.MethodPatch, path, updateRequest)
212228
if err != nil {
@@ -237,7 +253,8 @@ func (s *DatabaseUsersServiceOp) Delete(ctx context.Context, databaseName, group
237253
}
238254

239255
basePath := fmt.Sprintf(dbUsersBasePath, groupID)
240-
path := fmt.Sprintf("%s/%s/%s", basePath, databaseName, username)
256+
escapedEntry := url.PathEscape(username)
257+
path := fmt.Sprintf("%s/%s/%s", basePath, databaseName, escapedEntry)
241258

242259
req, err := s.Client.NewRequest(ctx, http.MethodDelete, path, nil)
243260
if err != nil {

0 commit comments

Comments
 (0)