Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-11201

Query Request Should Work If Privilege Does Not have Filter Defined

    Details

    • Target Version/s:
    • Verified Version/s:
    • Story Points:
      2
    • Sprint:
      OpenIDM Sprint 6.5-5

      Description

      When attempting a query request for a user who has a privilege associated with their role, the query should work even if a "filter" is not defined on the privilege.

      Example:
      If a user has the following privilege associated with its role:

      {
      "description" : "test priv",
      "path" : "managed/user/*",
      "methods" : ["patch", "read", "query"]
      }

      They should be able to query:

      GET http://localhost:8080/openidm/managed/user?_queryFilter=true

       

      Expected Response:

      {
      "result": [
      {
      "_id": "test2",
      "_rev": "000000004f69c968",
      "userName": "test2",
      "mail": "adsf@asd.zxc",
      "givenName": "first",
      "sn": "last",
      "accountStatus": "active",
      "effectiveRoles": [],
      "effectiveAssignments": []
      },
      {
      "_id": "test",
      "_rev": "00000000d48ac656",
      "userName": "test",
      "mail": "adsf@asd.zxc",
      "givenName": "first",
      "sn": "last",
      "accountStatus": "active",
      "effectiveRoles": [],
      "effectiveAssignments": []
      },
      {
      "_id": "test3",
      "_rev": "00000000b253c780",
      "userName": "test3",
      "mail": "adsf@asd.zxc",
      "givenName": "first",
      "sn": "last",
      "accountStatus": "active",
      "effectiveRoles": [],
      "effectiveAssignments": []
      }
      ],
      "resultCount": 3,
      "pagedResultsCookie": null,
      "totalPagedResultsPolicy": "NONE",
      "totalPagedResults": -1,
      "remainingPagedResults": -1
      }

       

      Current response:

      {
      "result": [],
      "resultCount": 0,
      "pagedResultsCookie": null,
      "totalPagedResultsPolicy": "NONE",
      "totalPagedResults": -1,
      "remainingPagedResults": -1
      }

       

      Cause of this bug:
      This bug is a result of the PrivilegeQueryFilterCombiner as part of the visitQueryRequestMethod.
      In the case where a privilege has no "filter" field associated with it and it is the only privilege associated with the user, then the combined query result is

      true AND false

      This is because the "or" method defaults to "false" if the list is empty (which in this case it is). In the case that there are no filters defined for any privileges, we want to maintain only the original filter, so that we return the appropriate response. 

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                katie.gonzalez Katie Gonzalez
                Reporter:
                krismy.alfaro Krismy Alfaro
                QA Assignee:
                Garyl Erickson
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: