fix: Access service validates permission to user appdata in a wrong m…

…anner #674 (#676)

server/src/main/java/com/epam/aidial/core/server/security/AccessService.java

@@ -208,7 +208,7 @@ public static Map<ResourceDescriptor, Set<ResourceAccessType>> getAppResourceAcc
     public static Map<ResourceDescriptor, Set<ResourceAccessType>> getAppResourceAccess(
             Set<ResourceDescriptor> resources, ProxyContext context, String deployment) {
 
-        String appPath = BucketBuilder.APPDATA_PATTERN.formatted(UrlUtil.encodePath(deployment));
+        String appPath = BucketBuilder.APPDATA_PATTERN.formatted(deployment);
         Map<ResourceDescriptor, Set<ResourceAccessType>> result = new HashMap<>();
         String location = BucketBuilder.buildAppDataBucket(context);
         for (ResourceDescriptor resource : resources) {

server/src/test/java/com/epam/aidial/core/server/service/AccessServiceTest.java

@@ -79,4 +79,20 @@ public void testGetAppResourceAccess_AppDataFile() {
         assertTrue(result.containsKey(descriptor));
         assertEquals(ResourceAccessType.ALL, result.get(descriptor));
     }
+
+    @Test
+    public void testGetAppResourceAccess_DeploymentNameHasSpecialChars() {
+        ProxyContext context = mock(ProxyContext.class);
+        ApiKeyData apiKeyData = new ApiKeyData();
+        apiKeyData.setPerRequestKey("key");
+        when(context.getApiKeyData()).thenReturn(apiKeyData);
+        when(context.getUserSub()).thenReturn("user");
+        when(context.getSourceDeployment()).thenReturn("test app");
+        ResourceDescriptor descriptor = new ResourceDescriptor(ResourceTypes.FILE, "file.json", List.of("appdata", "test app"), "bucket", "Users/user/", false);
+
+        Map<ResourceDescriptor, Set<ResourceAccessType>> result = AccessService.getAppResourceAccess(Set.of(descriptor), context);
+
+        assertTrue(result.containsKey(descriptor));
+        assertEquals(ResourceAccessType.ALL, result.get(descriptor));
+    }
 }