Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-13661

Delegated Admin is getting 404 when creating an user via PUT request with MySQL repo

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Not a defect
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Labels:
    • Environment:
      Issue first occurs with: OpenIDM: 7.0.0-SNAPSHOT f6a758b
    • Target Version/s:
    • Story Points:
      2
    • Sprint:
      2019.11 - IDM

      Description

      If DA attempts to create an user via PUT request, the user will be generated however the respond will be incorrect:

      {
          "code": 404,
          "reason": "Not Found",
          "message": "Object test-user not found in managed/user"
      }
      

      This issue occurs only if Delegated Admin has a privilege with Query Filter
      Steps to reproduce:

      1. Create managed user which will be Delegated Admin
      2. Create Internal Role with Privilege for internal/role (to be able to create user with default internal/role openidm-authorized):
        curl -X POST \
          'http://localhost:8080/openidm/internal/role?_action=create' \
          -H 'Content-Type: application/json' \
          -H 'X-OpenIDM-Password: openidm-admin' \
          -H 'X-OpenIDM-Username: openidm-admin' \
          -d '{"name":"role7","description":"desc desc",
            "privileges": [
              {
                "name": "tr",
                "path": "internal/role",
                "permissions": [
                  "VIEW"
                ],
                "accessFlags": [
                  {
                    "attribute": "name",
                    "readOnly": true
                  }
                ],
                "actions":[],
                "filter": "/_id eq '\''openidm-authorized'\''"
              }
            ]
          }
        '
        
      3. Add another Privilege for managed/user with VIEW & CREATE with Query Filter as: /city eq 'San Francisco'
      4. Assign this Internal Role to previously create managed/user
      5. Attempts to create a new managed user as DA, eg:
        curl -X PUT \
          http://idm.example.com:8080/openidm/managed/user/test-user \
          -H 'X-OpenIDM-Password: Passw0rd' \
          -H 'X-OpenIDM-Username: juserDA' \
          -d '{
            "userName": "user2",
            "givenName": "Test",
            "sn": "User2",
            "mail": "user2@test.com",
            "telephoneNumber": "18005551212",
            "password": "Passw0rd",
            "city": "San Francisco",
            "description": "A user in San Francisco"
        }'
        

        Expected result: Response status is 201 and new managed user is created
        Actual result: Response status is 404 however new managed user is created

      Issue occurs for MySQL and MariaDB repos (also explicit_table)

        Attachments

          Activity

            People

            Assignee:
            alexander.dracka Alexander Dracka
            Reporter:
            alexander.dracka Alexander Dracka
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: