[BUG] in update v2/entities/<id> does not validate forbidden chars in url

[iariasleon]

in PATCH v2/entities/<id> does not validate forbidden chars in url and it continues to looking for the id in mongoDB.

Datasets

      | house_?             |
      | house_&             |
      | house_/             |
      | house_#             |
      | my house            |

Update request

PATCH http://localhost:1026/v2/entities/house_&
Content-Type: application/json
Fiware-Service: test_update_entity_id
Fiware-ServicePath: /test
 {"temperature": {"value": "80"}}

Update response

http code: 404
date: Wed, 10 Feb 2016 09:59:21 GMT
connection: Keep-Alive
content-type: application/json
content-length: 61
{"error":"NotFound","description":"No context element found"}

Expected response

http code: 400
date: Wed, 10 Feb 2016 09:52:36 GMT
connection: Keep-Alive
content-type: application/json
content-length: 63
{"error":"BadRequest","description":"invalid character in URI"}

log messages

time=2016-02-10T10:59:21.201CET | lvl=DEBUG | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=composeDatabaseName | comp=Orion | msg=MongoGlobal.cpp[419]: database name composed: 'orion-test_update_entity_id'
time=2016-02-10T10:59:21.201CET | lvl=DEBUG | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=collectionRangedQuery | comp=Orion | msg=connectionOperations.cpp[134]: query() in 'orion-test_update_entity_id.registrations' collection limit=0, offset=0: '{ query: { $or: [ { contextRegistration.entities: { $in: [] } }, { contextRegistration.entities.id: { $in: [ "house_&" ] } } ], expiration: { $gt: 1455098361 }, servicePath: { $in: [ /^/test$/ ] } }, orderby: { _id: 1 } }'
time=2016-02-10T10:59:21.202CET | lvl=INFO | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=collectionRangedQuery | comp=Orion | msg=connectionOperations.cpp[153]: Database Operation Successful (query: { query: { $or: [ { contextRegistration.entities: { $in: [] } }, { contextRegistration.entities.id: { $in: [ "house_&" ] } } ], expiration: { $gt: 1455098361 }, servicePath: { $in: [ /^/test$/ ] } }, orderby: { _id: 1 } })
time=2016-02-10T10:59:21.202CET | lvl=DEBUG | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=reqSemGive | comp=Orion | msg=sem.cpp[353]: mongoUpdateContext gives the 'req' semaphore for 'ngsi10 update request'
time=2016-02-10T10:59:21.202CET | lvl=DEBUG | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=restReply | comp=Orion | msg=restReply.cpp[67]: Response 2: responding with 61 bytes, Status Code 404
time=2016-02-10T10:59:21.202CET | lvl=DEBUG | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=restReply | comp=Orion | msg=restReply.cpp[68]: Response payload: '{"error":"NotFound","description":"No context element found"}'
time=2016-02-10T10:59:21.202CET | lvl=DEBUG | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=~UpdateContextResponse | comp=Orion | msg=UpdateContextResponse.cpp[77]: destroyed
time=2016-02-10T10:59:21.202CET | lvl=DEBUG | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=~RegisterContextResponse | comp=Orion | msg=RegisterContextResponse.cpp[56]: destroyed
time=2016-02-10T10:59:21.202CET | lvl=INFO | trans=1455098360-858-00000000002 | srv=test_update_entity_id | subsrv=/test | from=10.95.233.37 | function=lmTransactionEnd | comp=Orion | msg=logMsg.h[1887]: Transaction ended

[fgalan]

Fixed in PR #1787. Please @iariasleon have a look in order to check if it is ok.

[iariasleon]

Tested with git hash: 469ebeb

If we use & or whitespace chars, now return 400 - invalid character in URI correctly,

But another cases, ?, / or # chars still return 404 - No context element found

[iariasleon]

In PUT v2/entities/<id> has the same behavior.

[iariasleon]

In POST v2/entities/<id> has the same behavior.

[crbrox]

Special characters ?, # , /, etc. should be sent %-encoded to avoid its meaning in the URI. When sent %-encoded the right error message is returned ("forbidden chars in ID") except for '/' , which has been considerate as not being worth to "fix"

[iariasleon]

LGTM