.gitlab-ci.yml

@@ -33,7 +33,7 @@ stages:
 # Common setup for all meteor based jobs
 .meteor:
   extends: .not-on-stable
-  image: hub.eole.education/proxyhub/geoffreybooth/meteor-base:2.8.1
+  image: hub.eole.education/proxyhub/geoffreybooth/meteor-base:2.10.0
   before_script:
     - cd app
   cache:

Dockerfile

 # The tag here should match the Meteor version of your app, per .meteor/release
-FROM hub.eole.education/proxyhub/geoffreybooth/meteor-base:2.8.0
+FROM hub.eole.education/proxyhub/geoffreybooth/meteor-base:2.10.0
 
 # Copy app package.json and package-lock.json into container
 COPY ./app/package*.json $APP_SOURCE_FOLDER/
@@ -15,7 +15,7 @@ RUN bash $SCRIPTS_FOLDER/build-meteor-bundle.sh
 RUN cd $APP_SOURCE_FOLDER && meteor npm install
 
 # Rather than Node 8 latest (Alpine), you can also use the specific version of Node expected by your Meteor release, per https://docs.meteor.com/changelog.html
-FROM hub.eole.education/proxyhub/library/node:14.21.1-alpine
+FROM hub.eole.education/proxyhub/library/node:14.21.2-alpine
 
 ENV APP_BUNDLE_FOLDER /opt/bundle
 ENV SCRIPTS_FOLDER /docker
@@ -38,7 +38,7 @@ RUN bash $SCRIPTS_FOLDER/build-meteor-npm-dependencies.sh --build-from-source
 
 # Start another Docker stage, so that the final image doesn’t contain the layer with the build dependencies
 # See previous FROM line; this must match
-FROM hub.eole.education/proxyhub/library/node:14.21.1-alpine
+FROM hub.eole.education/proxyhub/library/node:14.21.2-alpine
 
 ENV APP_BUNDLE_FOLDER /opt/bundle
 ENV SCRIPTS_FOLDER /docker

app/.meteor/packages

@@ -6,13 +6,13 @@
 
 meteor-base@1.5.1             # Packages every Meteor app needs to have
 mobile-experience@1.1.0       # Packages for a great mobile UX
-mongo@1.15.0                   # The database Meteor supports right now
-reactive-var@1.0.11            # Reactive variable for tracker
+mongo@1.16.4                   # The database Meteor supports right now
+reactive-var@1.0.12            # Reactive variable for tracker
 
-standard-minifier-css@1.8.1   # CSS minifier run for production mode
-standard-minifier-js@2.8.0    # JS minifier run for production mode
+standard-minifier-css@1.8.3   # CSS minifier run for production mode
+standard-minifier-js@2.8.1    # JS minifier run for production mode
 es5-shim@4.8.0                # ECMAScript 5 compatibility for older browsers
-ecmascript@0.16.2              # Enable ECMAScript2015+ syntax in app code
+ecmascript@0.16.5              # Enable ECMAScript2015+ syntax in app code
 shell-server@0.5.0            # Server-side component of the `meteor shell` command
 
 static-html@1.3.2             # Define static page content in .html files
@@ -22,9 +22,9 @@ aldeed:collection2
 aldeed:schema-index
 mdg:validated-method
 universe:i18n
-hot-module-replacement@0.5.1
+hot-module-replacement@0.5.2
 
-accounts-password@2.3.1
+accounts-password@2.3.3
 alanning:roles
 
 # testing
@@ -32,17 +32,18 @@ meteortesting:mocha
 hwillson:stub-collections
 johanbrook:publication-collector
 dburles:factory
-service-configuration@1.3.0
+service-configuration@1.3.1
 reywood:publish-composite
 percolate:find-from-publication
 
 percolate:migrations
 matb33:collection-hooks
 seba:method-hooks
-email@2.2.1
-check@1.3.1
+email@2.2.3
+check@1.3.2
 tmeasday:publish-counts
 eoleteam:accounts-keycloak
 mexar:mdt
-random@1.2.0
-server-render@0.4.0
+random@1.2.1
+server-render@0.4.1
+logging

app/.meteor/release

-METEOR@2.8.1
+METEOR@2.10.0

app/.meteor/versions

-accounts-base@2.2.5
-accounts-oauth@1.4.1
-accounts-password@2.3.1
+accounts-base@2.2.6
+accounts-oauth@1.4.2
+accounts-password@2.3.3
 alanning:roles@3.4.0
 aldeed:collection2@3.5.0
 aldeed:schema-index@3.0.0
 allow-deny@1.1.1
 autoupdate@1.8.0
-babel-compiler@7.9.2
+babel-compiler@7.10.2
 babel-runtime@1.5.1
 base64@1.0.12
 binary-heap@1.0.11
@@ -14,10 +14,10 @@ blaze-tools@1.1.3
 boilerplate-generator@1.7.1
 caching-compiler@1.2.2
 caching-html-compiler@1.2.1
-callback-hook@1.4.0
+callback-hook@1.5.0
 check@1.3.2
 dburles:collection-helpers@1.1.0
-dburles:factory@1.1.0
+dburles:factory@1.3.0
 ddp@1.4.1
 ddp-client@2.6.1
 ddp-common@1.4.0
@@ -25,16 +25,16 @@ ddp-rate-limiter@1.1.1
 ddp-server@2.6.0
 diff-sequence@1.1.2
 dynamic-import@0.7.2
-ecmascript@0.16.3
+ecmascript@0.16.5
 ecmascript-runtime@0.8.0
 ecmascript-runtime-client@0.12.1
 ecmascript-runtime-server@0.11.0
 ejson@1.1.3
-email@2.2.2
+email@2.2.3
 eoleteam:accounts-keycloak@2.1.0
 eoleteam:keycloak-oauth@2.2.0
 es5-shim@4.8.0
-fetch@0.1.2
+fetch@0.1.3
 geojson-utils@1.0.11
 hot-code-push@1.0.4
 hot-module-replacement@0.5.2
@@ -48,61 +48,62 @@ johanbrook:publication-collector@1.1.0
 launch-screen@1.3.0
 localstorage@1.2.0
 logging@1.3.1
-matb33:collection-hooks@1.1.4
+matb33:collection-hooks@1.2.0
 mdg:validated-method@1.2.0
-meteor@1.10.2
+meteor@1.11.0
 meteor-base@1.5.1
-meteortesting:browser-tests@1.3.5
-meteortesting:mocha@2.0.3
+meteortesting:browser-tests@1.5.1
+meteortesting:mocha@2.0.4
 meteortesting:mocha-core@8.1.2
 mexar:mdt@0.2.2
-minifier-css@1.6.1
+minifier-css@1.6.2
 minifier-js@2.7.5
-minimongo@1.9.0
+minimongo@1.9.1
 mobile-experience@1.1.0
 mobile-status-bar@1.1.0
 modern-browsers@0.1.9
 modules@0.19.0
 modules-runtime@0.13.1
 modules-runtime-hot@0.14.1
-mongo@1.16.1
+mongo@1.16.4
 mongo-decimal@0.1.3
 mongo-dev-server@1.1.0
 mongo-id@1.0.8
-npm-mongo@4.11.0
-oauth@2.1.2
-oauth2@1.3.1
+npm-mongo@4.12.1
+oauth@2.1.3
+oauth2@1.3.2
 ordered-dict@1.1.0
 percolate:find-from-publication@0.2.1
 percolate:migrations@1.1.0
-promise@0.12.1
+promise@0.12.2
 raix:eventemitter@1.0.0
 random@1.2.1
 rate-limit@1.0.9
-react-fast-refresh@0.2.3
-react-meteor-data@2.4.0
+react-fast-refresh@0.2.5
+react-meteor-data@2.6.3
 reactive-var@1.0.12
 reload@1.3.1
 retry@1.1.0
 reywood:publish-composite@1.7.3
 routepolicy@1.1.1
-seba:method-hooks@3.0.2
+seba:method-hooks@3.0.3
 server-render@0.4.1
 service-configuration@1.3.1
 sha@1.0.9
 shell-server@0.5.0
 socket-stream-client@0.5.0
 spacebars-compiler@1.3.1
-standard-minifier-css@1.8.2
+standard-minifier-css@1.8.3
 standard-minifier-js@2.8.1
 static-html@1.3.2
 templating-tools@1.2.2
 tmeasday:check-npm-versions@1.0.2
 tmeasday:publish-counts@0.8.0
-tracker@1.2.1
-typescript@4.5.4
+tracker@1.3.0
+typescript@4.7.4
 underscore@1.0.11
 universe:i18n@1.32.6
 url@1.3.2
-webapp@1.13.2
+webapp@1.13.3
 webapp-hashing@1.1.1
+zodern:types@1.0.9

app/imports/api/appclients/bbbClient.js

@@ -4,7 +4,7 @@ import { Roles } from 'meteor/alanning:roles';
 import i18n from 'meteor/universe:i18n';
 import crypto from 'crypto';
 import { parseStringPromise } from 'xml2js';
-import logServer from '../logging';
+import logServer, { levels, scopes } from '../logging';
 import Groups from '../groups/groups';
 import { testMeteorSettingsUrl } from '../../ui/utils/utilsFuncs';
 
@@ -76,6 +76,16 @@ class BigBlueButtonClient {
               },
             });
             // logServer(`meeting created: ${JSON.stringify(meetingData)}`);
+            logServer(
+              `APPCLIENT - BBBCLIENT - createMeeting - meeting created: ${JSON.stringify(meetingData)}`,
+              levels.INFO,
+              scopes.SYSTEM,
+              {
+                meetingData,
+                slug,
+                userId,
+              },
+            );
             return Promise.resolve(this.getJoinURL(slug, userId));
           }
           if (result.response.messageKey[0] === 'idNotUnique') {
@@ -87,7 +97,12 @@ class BigBlueButtonClient {
         }),
       )
       .catch((err) => {
-        logServer(`BBB create error: ${err}`, 'error');
+        // logServer(`BBB create error: ${err}`, 'error');
+        logServer(`APPCLIENT - BBBCLIENT - createMeeting - BBB create error: ${err}`, levels.ERROR, scopes.SYSTEM, {
+          slug,
+          userId,
+          meetingParams,
+        });
         throw new Meteor.Error('api.BBBClient.createMeeting.error', i18n.__('api.bbb.createError'));
       });
   }
@@ -136,7 +151,16 @@ class BigBlueButtonClient {
         }),
       )
       .catch((err) => {
-        logServer(`BBB checkRunning Error: ${JSON.stringify(err)}`);
+        // logServer(`BBB checkRunning Error: ${JSON.stringify(err)}`);
+        logServer(
+          `APPCLIENT - BBBCLIENT - checkRunning - BBB checkRunning Error: ${JSON.stringify(err)}`,
+          levels.ERROR,
+          scopes.SYSTEM,
+          {
+            slug,
+            groupId,
+          },
+        );
         return Promise.resolve(null);
       });
   }
@@ -161,7 +185,13 @@ class BigBlueButtonClient {
         }),
       )
       .catch((err) => {
-        logServer(`BBB getMeetings Error: ${JSON.stringify(err)}`);
+        // logServer(`BBB getMeetings Error: ${JSON.stringify(err)}`);
+        logServer(
+          `APPCLIENT - BBBCLIENT - getMeetings - BBB getMeetings Error: ${JSON.stringify(err)}`,
+          levels.ERROR,
+          scopes.SYSTEM,
+          {},
+        );
         return Promise.resolve(null);
       });
   }
@@ -170,10 +200,21 @@ class BigBlueButtonClient {
 let Client = null;
 if (Meteor.isServer && bbbEnabled) {
   Client = new BigBlueButtonClient();
-  logServer(i18n.__('api.bbb.checkConfig', { URL: Client.bbbURL }));
+  // logServer(i18n.__('api.bbb.checkConfig', { URL: Client.bbbURL }));
+  logServer(
+    `APPCLIENT - BBBCLIENT - ${i18n.__('api.bbb.checkConfig', { URL: Client.bbbURL })}`,
+    levels.INFO,
+    scopes.SYSTEM,
+    {
+      URL: Client.bbbURL,
+    },
+  );
   Client.getMeetings().then(() => {
     // console.log('*** ALL MEETINGS : ', JSON.stringify(response));
-    logServer(i18n.__('api.bbb.configOk'));
+    // logServer(i18n.__('api.bbb.configOk'));
+    logServer(`APPCLIENT - BBBCLIENT - ${i18n.__('api.bbb.configOk')}`, levels.INFO, scopes.SYSTEM, {
+      URL: Client.bbbURL,
+    });
   });
 }
 const BBBClient = Client;

app/imports/api/appsettings/methods.js

@@ -6,14 +6,22 @@ import SimpleSchema from 'simpl-schema';
 import { ValidatedMethod } from 'meteor/mdg:validated-method';
 import { Roles } from 'meteor/alanning:roles';
 import i18n from 'meteor/universe:i18n';
-import logServer from '../logging';
+import sanitizeHtml from 'sanitize-html';
 
-import { isActive, getLabel } from '../utils';
+import logServer, { levels, scopes } from '../logging';
+
+import { isActive, getLabel, validateString } from '../utils';
 import AppSettings from './appsettings';
 
 export function checkMigrationStatus() {
   if (Migrations._getControl().locked === true) {
-    logServer('Migration lock detected !!!!', 'error');
+    // logServer('Migration lock detected !!!!', 'error');
+    logServer(
+      `APPSETTINGS - METHODS - checkMigrationStatus,Migration lock detected !!!!`,
+      levels.ERROR,
+      scopes.SYSTEM,
+      {},
+    );
     AppSettings.update({}, { $set: { maintenance: true, textMaintenance: 'api.appsettings.migrationLockedText' } });
   }
 }
@@ -43,12 +51,19 @@ export const updateAppsettings = new ValidatedMethod({
 
   run({ external, link, content, key }) {
     try {
+      if (link) validateString(link);
+      let sanitizedContent = '';
+      if (content) {
+        sanitizedContent = sanitizeHtml(content);
+        validateString(sanitizedContent);
+      }
+      validateString(key, true);
       // check if current user is admin
       const authorized = isActive(this.userId) && Roles.userIsInRole(this.userId, 'admin');
       if (!authorized) {
         throw new Meteor.Error('api.appsettings.updateAppsettings.notPermitted', i18n.__('api.users.adminNeeded'));
       }
-      const args = { content, external, link };
+      const args = { content: sanitizedContent, external, link };
       return AppSettings.update({ _id: 'settings' }, { $set: { [key]: args } });
     } catch (error) {
       throw new Meteor.Error(error, error);
@@ -126,6 +141,7 @@ export const updateTextMaintenance = new ValidatedMethod({
   }).validator({ clean: true }),
 
   run({ text }) {
+    if (text) validateString(text);
     try {
       // check if current user is admin
       const authorized = isActive(this.userId) && Roles.userIsInRole(this.userId, 'admin');
@@ -160,6 +176,13 @@ export const updateTextInfoLanguage = new ValidatedMethod({
   }).validator({ clean: true }),
 
   run({ language, content, tabkey }) {
+    if (language) validateString(language, true);
+    if (tabkey) validateString(tabkey, true);
+    let sanitizedContent = '';
+    if (content) {
+      sanitizedContent = sanitizeHtml(content);
+      validateString(sanitizedContent);
+    }
     try {
       // check if current user is admin
       const authorized = isActive(this.userId) && Roles.userIsInRole(this.userId, 'admin');
@@ -183,9 +206,9 @@ export const updateTextInfoLanguage = new ValidatedMethod({
       }
 
       if (langIndex > -1) {
-        newInfo[langIndex].content = content;
+        newInfo[langIndex].content = sanitizedContent;
       } else {
-        newInfo.push({ language, content });
+        newInfo.push({ language, content: sanitizedContent });
       }
 
       return AppSettings.update({ _id: 'settings' }, { $set: { [tabkey]: newInfo } });

app/imports/api/articles/methods.js

@@ -4,10 +4,21 @@ import { _ } from 'meteor/underscore';
 import SimpleSchema from 'simpl-schema';
 import { ValidatedMethod } from 'meteor/mdg:validated-method';
 import i18n from 'meteor/universe:i18n';
+import sanitizeHtml from 'sanitize-html';
 
-import { isActive, getLabel } from '../utils';
+import { isActive, getLabel, validateString } from '../utils';
 import Articles from './articles';
 
+const validateData = (data) => {
+  // check for unauthorized content in article data
+  validateString(data.title);
+  validateString(data.description);
+  validateString(data.licence);
+  if (data.markdown) validateString(data.content);
+  data.tags.forEach((tag) => validateString(tag));
+  data.groups.forEach((group) => validateString(group.name));
+};
+
 export const createArticle = new ValidatedMethod({
   name: 'articles.createArticle',
   validate: new SimpleSchema({
@@ -18,11 +29,15 @@ export const createArticle = new ValidatedMethod({
     if (!isActive(this.userId)) {
       throw new Meteor.Error('api.articles.createArticle.notLoggedIn', i18n.__('api.users.mustBeLoggedIn'));
     }
+    validateData(data);
+    const sanitizedContent = data.markdown ? data.content : sanitizeHtml(data.content);
+    validateString(sanitizedContent);
     Meteor.users.update({ _id: this.userId }, { $inc: { articlesCount: 1 }, $set: { lastArticle: new Date() } });
     const structure = Meteor.users.findOne(this.userId, { fields: { structure: 1 } }).structure || '';
-    return Articles.insert({ ...data, userId: this.userId, structure });
+    return Articles.insert({ ...data, content: sanitizedContent, userId: this.userId, structure });
   },
 });
+
 export const removeArticle = new ValidatedMethod({
   name: 'articles.removeArticle',
   validate: new SimpleSchema({
@@ -62,9 +77,12 @@ export const updateArticle = new ValidatedMethod({
     if (!authorized) {
       throw new Meteor.Error('api.articles.updateArticle.notPermitted', i18n.__('api.articles.adminArticleNeeded'));
     }
+    validateData(data);
+    const sanitizedContent = data.markdown ? data.content : sanitizeHtml(data.content);
+    validateString(sanitizedContent);
     const userStructure = Meteor.users.findOne(this.userId, { fields: { structure: 1 } }).structure || '';
     Meteor.users.update({ _id: this.userId }, { $set: { lastArticle: new Date() } });
-    const updateData = { ...data, userId: this.userId };
+    const updateData = { ...data, content: sanitizedContent, userId: this.userId };
     if (updateStructure) updateData.structure = userStructure;
     return Articles.update({ _id: articleId }, { $set: updateData });
   },
@@ -122,14 +140,18 @@ export const uploadBackupPublications = new ValidatedMethod({
           i18n.__('api.users.mustBeLoggedIn'),
         );
       }
+      articles.forEach((data) => validateData(data));
       const userStructure = Meteor.users.findOne(this.userId, { fields: { structure: 1 } }).structure || '';
-      return articles.map((article) =>
-        Articles.insert({
+      return articles.map((article) => {
+        const sanitizedContent = article.markdown ? article.content : sanitizeHtml(article.content);
+        validateString(sanitizedContent);
+        return Articles.insert({
           ...article,
+          content: sanitizedContent,
           userId: this.userId,
           structure: updateStructure ? userStructure : article.structure,
-        }),
-      );
+        });
+      });
     } catch (error) {
       throw new Meteor.Error(error, error);
     }

app/imports/api/articles/server/publications.js

@@ -3,7 +3,7 @@ import { Roles } from 'meteor/alanning:roles';
 import { FindFromPublication } from 'meteor/percolate:find-from-publication';
 import { publishComposite } from 'meteor/reywood:publish-composite';
 import SimpleSchema from 'simpl-schema';
-import logServer from '../../logging';
+import logServer, { levels, scopes } from '../../logging';
 import Tags from '../../tags/tags';
 import { checkPaginationParams, getLabel, isActive } from '../../utils';
 import Articles from '../articles';
@@ -56,7 +56,14 @@ FindFromPublication.publish(
         .extend(checkPaginationParams)
         .validate({ page, itemPerPage, userId, search });
     } catch (err) {
-      logServer(`publish articles.all : ${err}`);
+      // logServer(`publish articles.all : ${err}`);
+      logServer(`ARTICLES - PUBLICATION - articles.all,publish articles.all : ${err}`, levels.ERROR, scopes.SYSTEM, {
+        nodrafts,
+        page,
+        search,
+        itemPerPage,
+        userId,
+      });
       this.error(err);
     }
 
@@ -86,7 +93,14 @@ FindFromPublication.publish('articles.one.admin', ({ slug }) => {
       },
     }).validate({ slug });
   } catch (err) {
-    logServer(`publish articles.one : ${err}`);
+    // logServer(`publish articles.one : ${err}`);
+    logServer(
+      `ARTICLES - PUBLICATION - articles.one.admin,publish articles.one : ${err}`,
+      levels.ERROR,
+      scopes.SYSTEM,
+      { slug },
+    );
+
     this.error(err);
   }
   return Articles.find(
@@ -108,7 +122,11 @@ publishComposite('articles.one', ({ slug }) => {
       },
     }).validate({ slug });
   } catch (err) {
-    logServer(`publish articles.one : ${err}`);
+    // logServer(`publish articles.one : ${err}`);
+    logServer(`ARTICLES - PUBLICATION - articles.one,publish articles.one : ${err}`, levels.ERROR, scopes.SYSTEM, {
+      slug,
+    });
+
     this.error(err);
   }
   return {
@@ -174,7 +192,19 @@ FindFromPublication.publish('groups.articles', function groupsArticles({ page, s
   try {
     checkPaginationParams.validate({ page, itemPerPage, search });
   } catch (err) {
-    logServer(`publish groups.articles : ${err}`);
+    // logServer(`publish groups.articles : ${err}`);
+    logServer(
+      `ARTICLES - PUBLICATION - groups.articles,publish groups.articles : ${err}`,
+      levels.ERROR,
+      scopes.SYSTEM,
+      {
+        page,
+        search,
+        slug,
+        itemPerPage,
+      },
+    );
+
     this.error(err);
   }
   const group = Groups.findOne(

app/imports/api/asamextensions/methods.js

@@ -5,6 +5,15 @@ import i18n from 'meteor/universe:i18n';
 import { Roles } from 'meteor/alanning:roles';
 import { _ } from 'meteor/underscore';
 import AsamExtensions from './asamextensions';
+import { validateString } from '../utils';
+
+const validateAsam = (extension, entiteNomCourt, entiteNomLong, familleNomCourt, familleNomLong) => {
+  if (extension) validateString(extension, true);
+  if (entiteNomCourt) validateString(entiteNomCourt, true);
+  if (entiteNomLong) validateString(entiteNomLong, true);
+  if (familleNomCourt) validateString(familleNomCourt, true);
+  if (familleNomLong) validateString(familleNomLong, true);
+};
 
 export const assignStructureToAsam = new ValidatedMethod({
   name: 'asam.assignStructureToAsam',
@@ -41,7 +50,7 @@ export const assignStructureToAsam = new ValidatedMethod({
     if (!isAdmin) {
       throw new Meteor.Error('api.asam.assignStructureToAsam.notPermitted', i18n.__('api.users.adminNeeded'));
     }
-
+    validateAsam(extension, entiteNomCourt, entiteNomLong, familleNomCourt, familleNomLong);
     return AsamExtensions.update(
       { _id: extensionId },
       { $set: { structureId, extension, entiteNomCourt, entiteNomLong, familleNomCourt, familleNomLong } },
@@ -108,7 +117,7 @@ export const addNewAsam = new ValidatedMethod({
     if (!isAdmin) {
       throw new Meteor.Error('api.asamextensions.notPermitted', i18n.__('api.users.adminNeeded'));
     }
-
+    validateAsam(extension, entiteNomCourt, entiteNomLong, familleNomCourt, familleNomLong);
     return AsamExtensions.insert({
       extension,
       entiteNomCourt,

app/imports/api/bookmarks/methods.js

@@ -5,7 +5,7 @@ import SimpleSchema from 'simpl-schema';
 import { Roles } from 'meteor/alanning:roles';
 import { _ } from 'meteor/underscore';
 import i18n from 'meteor/universe:i18n';
-import { isActive, getLabel } from '../utils';
+import { isActive, getLabel, validateString } from '../utils';
 import Bookmarks from './bookmarks';
 
 function _updateBookmarkURL(id, url, name, tag) {
@@ -60,7 +60,9 @@ export const createBookmark = new ValidatedMethod({
         i18n.__('api.bookmarks.createBookmark.URLAlreadyExists'),
       );
     }
-
+    validateString(finalUrl);
+    validateString(name);
+    validateString(tag);
     _createBookmarkUrl(finalUrl, name, tag, groupId, this.userId);
     return finalUrl;
   },
@@ -69,10 +71,10 @@ export const createBookmark = new ValidatedMethod({
 export const updateBookmark = new ValidatedMethod({
   name: 'bookmark.updateURL',
   validate: new SimpleSchema({
-    id: { type: String, regEx: SimpleSchema.RegEx.url, label: getLabel('api.bookmarks.labels.id') },
+    id: { type: String, regEx: SimpleSchema.RegEx.Id, label: getLabel('api.bookmarks.labels.id') },
     url: { type: String, regEx: SimpleSchema.RegEx.url, label: getLabel('api.bookmarks.labels.url') },
-    name: { type: String, regEx: SimpleSchema.RegEx.url, label: getLabel('api.bookmarks.labels.name') },
-    tag: { type: String, regEx: SimpleSchema.RegEx.url, label: getLabel('api.bookmarks.labels.tag'), defaultValue: '' },
+    name: { type: String, label: getLabel('api.bookmarks.labels.name') },
+    tag: { type: String, label: getLabel('api.bookmarks.labels.tag'), defaultValue: '' },
     groupId: { type: String, regEx: SimpleSchema.RegEx.Id, label: getLabel('api.groups.labels.id') },
   }).validator({ clean: true }),
 
@@ -93,6 +95,9 @@ export const updateBookmark = new ValidatedMethod({
 
     const finalUrl = _formatURL(url);
 
+    validateString(finalUrl);
+    validateString(name);
+    validateString(tag);
     _updateBookmarkURL(id, finalUrl, name, tag);
     return finalUrl;
   },

app/imports/api/businessReGrouping/methods.js

@@ -6,7 +6,7 @@ import { ValidatedMethod } from 'meteor/mdg:validated-method';
 import { Roles } from 'meteor/alanning:roles';
 import i18n from 'meteor/universe:i18n';
 
-import { isActive, getLabel } from '../utils';
+import { isActive, getLabel, validateString } from '../utils';
 import BusinessReGrouping from './businessReGrouping';
 import Services from '../services/services';
 import Structures from '../structures/structures';
@@ -16,7 +16,11 @@ export const createBusinessReGrouping = new ValidatedMethod({
   structure: 'BusinessReGrouping.createBusinessReGrouping',
   validate: new SimpleSchema({
     name: { type: String, min: 1, label: getLabel('api.businessReGrouping.labels.name') },
-    structure: { type: String, min: 1, label: getLabel('api.businessReGrouping.labels.structure') },
+    structure: {
+      type: String,
+      regEx: SimpleSchema.RegEx.Id,
+      label: getLabel('api.businessReGrouping.labels.structure'),
+    },
   }).validator(),
 
   run({ name, structure }) {
@@ -51,6 +55,7 @@ export const createBusinessReGrouping = new ValidatedMethod({
         i18n.__('api.users.adminNeeded'),
       );
     }
+    validateString(name);
     BusinessReGrouping.insert({
       name,
       structure,
@@ -66,7 +71,11 @@ export const removeBusinessReGrouping = new ValidatedMethod({
       regEx: SimpleSchema.RegEx.Id,
       label: getLabel('api.businessReGrouping.labels.id'),
     },
-    structure: { type: String, min: 1, label: getLabel('api.businessReGrouping.labels.structure') },
+    structure: {
+      type: String,
+      regEx: SimpleSchema.RegEx.Id,
+      label: getLabel('api.businessReGrouping.labels.structure'),
+    },
   }).validator(),
 
   run({ businessReGroupingId, structure }) {
@@ -104,7 +113,11 @@ export const updateBusinessReGrouping = new ValidatedMethod({
     },
     data: Object,
     'data.name': { type: String, min: 1, label: getLabel('api.businessReGrouping.labels.name') },
-    'data.structure': { type: String, min: 1, label: getLabel('api.businessReGrouping.labels.structure') },
+    'data.structure': {
+      type: String,
+      regEx: SimpleSchema.RegEx.Id,
+      label: getLabel('api.businessReGrouping.labels.structure'),
+    },
   }).validator(),
 
   run({ businessReGroupingId, data }) {
@@ -126,6 +139,7 @@ export const updateBusinessReGrouping = new ValidatedMethod({
         i18n.__('api.users.adminNeeded'),
       );
     }
+    validateString(data.name);
     BusinessReGrouping.update({ _id: businessReGroupingId }, { $set: data });
   },
 });

app/imports/api/businessReGrouping/server/businessRegrouping.tests.js

@@ -60,11 +60,13 @@ describe('businessReGrouping', function () {
     let businessReGroupingId;
     let chatData;
     let chatData2;
+    let structureId;
     beforeEach(function () {
       // Clear
       Meteor.users.remove({});
-      // FIXME : find a way to reset roles collection ?
-      Roles.createRole('admin', { unlessExists: true });
+      Meteor.roles.remove({});
+      Roles.createRole('admin');
+      BusinessReGrouping.remove({});
       // Generate 'users'
       const email = faker.internet.email();
       userId = Accounts.createUser({
@@ -89,13 +91,14 @@ describe('businessReGrouping', function () {
       // set users as active
       Meteor.users.update({}, { $set: { isActive: true } }, { multi: true });
       businessReGroupingId = Factory.create('businessReGrouping')._id;
+      structureId = Random.id();
       chatData = {
         name: 'businessReGroupingName',
-        structure: 'businessReGroupingStructure',
+        structure: structureId,
       };
       chatData2 = {
         name: 'businessReGroupingName2',
-        structure: 'businessReGroupingStructure2',
+        structure: Random.id(),
       };
     });
     describe('createBusinessReGrouping', function () {
@@ -123,6 +126,7 @@ describe('businessReGrouping', function () {
       });
       it('does not create a business reGrouping if name already use', function () {
         // Throws if non admin user, or logged out user, tries to create a businessReGrouping
+        createBusinessReGrouping._execute({ userId: adminId }, chatData);
         assert.throws(
           () => {
             createBusinessReGrouping._execute({ userId: adminId }, chatData);
@@ -134,10 +138,7 @@ describe('businessReGrouping', function () {
     });
     describe('removeBusinessReGrouping', function () {
       it('does delete a business reGrouping with admin user', function () {
-        removeBusinessReGrouping._execute(
-          { userId: adminId },
-          { businessReGroupingId, structure: 'businessReGroupingStructure' },
-        );
+        removeBusinessReGrouping._execute({ userId: adminId }, { businessReGroupingId, structure: structureId });
         assert.equal(BusinessReGrouping.findOne(businessReGroupingId), undefined);
       });
       it('does remove the business reGrouping from a service', function () {
@@ -145,10 +146,7 @@ describe('businessReGrouping', function () {
           title: 'test',
           businessReGrouping: [businessReGroupingId],
         })._id;
-        removeBusinessReGrouping._execute(
-          { userId: adminId },
-          { businessReGroupingId, structure: 'businessReGroupingStructure' },
-        );
+        removeBusinessReGrouping._execute({ userId: adminId }, { businessReGroupingId, structure: structureId });
         assert.equal(BusinessReGrouping.findOne(businessReGroupingId), undefined);
         assert.equal(Services.findOne(oneServiceId).businessReGrouping.length, 0);
       });
@@ -156,17 +154,14 @@ describe('businessReGrouping', function () {
         // Throws if non admin user, or logged out user, tries to delete the businessReGrouping
         assert.throws(
           () => {
-            removeBusinessReGrouping._execute(
-              { userId },
-              { businessReGroupingId, structure: 'businessReGroupingStructure' },
-            );
+            removeBusinessReGrouping._execute({ userId }, { businessReGroupingId, structure: structureId });
           },
           Meteor.Error,
           /api.businessReGrouping.removeBusinessReGrouping.notPermitted/,
         );
         assert.throws(
           () => {
-            removeBusinessReGrouping._execute({}, { businessReGroupingId, structure: 'businessReGroupingStructure' });
+            removeBusinessReGrouping._execute({}, { businessReGroupingId, structure: structureId });
           },
           Meteor.Error,
           /api.businessReGrouping.removeBusinessReGrouping.notPermitted/,
@@ -177,7 +172,7 @@ describe('businessReGrouping', function () {
       it('does update a business reGrouping with admin user', function () {
         const data = {
           name: 'businessReGrouping',
-          structure: 'businessReGroupingStructure',
+          structure: structureId,
         };
         updateBusinessReGrouping._execute({ userId: adminId }, { businessReGroupingId, data });
         const businessReGrouping = BusinessReGrouping.findOne(businessReGroupingId);
@@ -189,7 +184,7 @@ describe('businessReGrouping', function () {
           () => {
             updateBusinessReGrouping._execute(
               { userId },
-              { businessReGroupingId, data: { name: 'businessReGrouping', structure: 'businessReGroupingStructure' } },
+              { businessReGroupingId, data: { name: 'businessReGrouping', structure: structureId } },
             );
           },
           Meteor.Error,
@@ -199,7 +194,7 @@ describe('businessReGrouping', function () {
           () => {
             updateBusinessReGrouping._execute(
               {},
-              { businessReGroupingId, data: { name: 'businessReGrouping', structure: 'businessReGroupingStructure' } },
+              { businessReGroupingId, data: { name: 'businessReGrouping', structure: structureId } },
             );
           },
           Meteor.Error,

app/imports/api/categories/methods.js

@@ -6,7 +6,7 @@ import { ValidatedMethod } from 'meteor/mdg:validated-method';
 import { Roles } from 'meteor/alanning:roles';
 import i18n from 'meteor/universe:i18n';
 
-import { isActive, getLabel } from '../utils';
+import { isActive, getLabel, validateString } from '../utils';
 import Categories from './categories';
 import Services from '../services/services';
 
@@ -29,6 +29,7 @@ export const createCategorie = new ValidatedMethod({
     if (!authorized) {
       throw new Meteor.Error('api.categories.createCategorie.notPermitted', i18n.__('api.users.adminNeeded'));
     }
+    validateString(name);
     Categories.insert({
       name,
     });
@@ -83,6 +84,7 @@ export const updateCategorie = new ValidatedMethod({
     if (!authorized) {
       throw new Meteor.Error('api.categories.updateCategorie.notPermitted', i18n.__('api.users.adminNeeded'));
     }
+    validateString(data.name);
     Categories.update({ _id: categoryId }, { $set: data });
   },
 });

app/imports/api/defaultspaces/methods.js

@@ -6,7 +6,7 @@ import { ValidatedMethod } from 'meteor/mdg:validated-method';
 import i18n from 'meteor/universe:i18n';
 
 import DefaultSpaces from './defaultspaces';
-import { generateDefaultPersonalSpace } from '../personalspaces/methods';
+import { checkPersonalSpaceData, generateDefaultPersonalSpace } from '../personalspaces/methods';
 import { hasAdminRightOnStructure } from '../structures/utils';
 
 export const updateStructureSpace = new ValidatedMethod({
@@ -21,7 +21,7 @@ export const updateStructureSpace = new ValidatedMethod({
     if (!isAdminOfStructure) {
       throw new Meteor.Error('api.defaultspaces.updateStructureSpace.notPermitted', i18n.__('api.users.notPermitted'));
     }
-    // console.log(data);
+    checkPersonalSpaceData(data);
     const currentStructureSpace = DefaultSpaces.findOne({ structureId: data.structureId });
     if (currentStructureSpace === undefined) {
       // create DefaultSpaces if not existing

app/imports/api/domains.js

 import { Meteor } from 'meteor/meteor';
-import logServer from './logging';
+import logServer, { levels, scopes } from './logging';
 import AsamExtensions from './asamextensions/asamextensions';
 
 // checks if the domain part of an email address matches whitelisted domains
@@ -10,7 +10,15 @@ export default function checkDomain(email) {
   const checkKeyCloakWhiteListDomain = Meteor.settings.private.checkKeyCloakWhiteListDomain || false;
   whiteDomains.forEach((whiteDomain) => {
     if (new RegExp(whiteDomain).test(domainMail)) {
-      logServer(`  Email domain matches ${whiteDomain}: user activated`);
+      // logServer(`  Email domain matches ${whiteDomain}: user activated`);
+      logServer(
+        `DOMAIN - checkDomain - Email domain matches${whiteDomain}:user activated`,
+        levels.INFO,
+        scopes.SYSTEM,
+        {
+          email,
+        },
+      );
       res = true;
     }
   });

app/imports/api/eventsAgenda/server/publications.js

@@ -2,7 +2,7 @@ import { FindFromPublication } from 'meteor/percolate:find-from-publication';
 import { Roles } from 'meteor/alanning:roles';
 import EventsAgenda from '../eventsAgenda';
 import { checkPaginationParams, isActive } from '../../utils';
-import logServer from '../../logging';
+import logServer, { levels, scopes } from '../../logging';
 import Groups from '../../groups/groups';
 
 // build query for all users from group
@@ -45,7 +45,18 @@ FindFromPublication.publish('groups.events', function groupsEvents({ page, searc
   try {
     checkPaginationParams.validate({ page, itemPerPage, search });
   } catch (err) {
-    logServer(`publish groups.events : ${err}`);
+    // logServer(`publish groups.events : ${err}`);
+    logServer(
+      `EVENTSAGENDA - PUBLICATION - groups.events, publish groups.events : ${err}`,
+      levels.ERROR,
+      scopes.SYSTEM,
+      {
+        page,
+        search,
+        slug,
+        itemPerPage,
+      },
+    );
     this.error(err);
   }
   const group = Groups.findOne(