-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Not a defect
-
Affects Version/s: 6.5.0, 7.0.0
-
Fix Version/s: None
-
Component/s: Module - Managed Objects, Module - Relationships
-
Labels:
-
Target Version/s:
-
Story Points:2
-
Sprint:2020.04 - IDM
To reproduce this issue
1. Create a relationship with validate set to false. For example managed/user (mygroups) <many to many> managed/group (mymembers), attached is the sample managed.json
"mygroups" : {
"title" : "mygroups",
"viewable" : true,
"searchable" : false,
"userEditable" : false,
"returnByDefault" : false,
"type" : "array",
"items" : {
"type" : "relationship",
"reverseRelationship" : true,
"reversePropertyName" : "mymembers",
"validate" : false,
2. Create a new user referencing a non-existent group.
POST /openidm/managed/user?_action=create
{
"givenName" : "test2",
"sn" : "test2",
"userName" : "test2",
"mail" : "test2@example.com",
"mygroups" : [{"_ref": "managed/group/group2"}]
}
The REST call is successful
GET /openidm/managed/user/61749b6c-7785-43f8-9e9e-0ff15b6bf6a6?_fields=*,mygroups
{
"_id": "61749b6c-7785-43f8-9e9e-0ff15b6bf6a6",
"_rev": "0000000062d979ff",
"givenName": "test2",
"sn": "test2",
"userName": "test2",
"mail": "test2@example.com",
"accountStatus": "active",
"effectiveRoles": [],
"effectiveAssignments": [],
"mygroups": [
{
"_ref": "managed/group/group2",
"_refResourceCollection": "managed/group",
"_refResourceId": "group2",
"_refProperties": {
"_id": "9cb5020f-d53d-48be-a8d2-ad829da24f1f",
"_rev": "00000000852aa0ed"
}
}
]
}
3. Load the user in admin ui. The REST call /openidm/managed/user/cda3731d-4812-4126-92e9-15a3b6dd51c3/mygroups?_pageSize=50&_sortKeys=_id&_totalPagedResultsPolicy=ESTIMATE&_queryFilter=true&_fields= causes an exception
-> [164] Sep 04, 2019 10:54:51.900 AM org.forgerock.openidm.relationship.EdgeCollectionInternals lambda$dispatchQuery$3 SEVERE: Error expanding resource: No Such Entry: The search base entry 'uid=group2,ou=group,ou=managed,dc=openidm,dc=forgerock,dc=com' does not exist org.forgerock.json.resource.NotFoundException: No Such Entry: The search base entry 'uid=group2,ou=group,ou=managed,dc=openidm,dc=forgerock,dc=com' does not exist at org.forgerock.opendj.rest2ldap.Rest2Ldap.asResourceException(Rest2Ldap.java:354) at org.forgerock.opendj.rest2ldap.SubResourceImpl.lambda$adaptLdapException$22(SubResourceImpl.java:1109) ... at org.forgerock.openidm.repo.opendj.impl.OpenDJRepoService.handleRead(OpenDJRepoService.java:176) ... at org.forgerock.openidm.managed.ManagedObjectSet.readInstance(ManagedObjectSet.java:1012) ... at org.forgerock.openidm.relationship.EdgeInternals.expandFields(EdgeInternals.java:644) at org.forgerock.openidm.relationship.EdgeCollectionInternals.lambda$dispatchQuery$3(EdgeCollectionInternals.java:288) at org.forgerock.openidm.relationship.impl.augmentation.AugmentingQueryResourceFilterProxy.handleResource(AugmentingQueryResourceFilterProxy.java:51) ... at org.eclipse.jetty.server.Server.handle(Server.java:499) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555) at java.lang.Thread.run(Thread.java:748) Caused by: No Such Entry: The search base entry 'uid=group2,ou=group,ou=managed,dc=openidm,dc=forgerock,dc=com' does not exist at org.forgerock.opendj.ldap.LdapException.newLdapException(LdapException.java:246) at org.opends.server.protocols.ReactiveHandlersUtils.emitResult(ReactiveHandlersUtils.java:390) at org.opends.server.api.ClientConnection.sendResponse(ClientConnection.java:301) at org.opends.server.core.SearchOperation.sendSearchResultDone(SearchOperation.java:636) at org.opends.server.core.SearchOperation.run(SearchOperation.java:779) at org.opends.server.protocols.internal.AbstractInternalClientConnection.handleRequest(AbstractInternalClientConnection.java:365) at org.opends.server.protocols.internal.AbstractInternalClientConnection.lambda$handle$0(AbstractInternalClientConnection.java:348) ... at org.opends.server.protocols.internal.AbstractInternalClientConnection$InternalConnection.search(AbstractInternalClientConnection.java:146) at org.forgerock.opendj.ldap.AbstractSynchronousConnection.searchAsync(AbstractSynchronousConnection.java:132) at org.forgerock.opendj.rest2ldap.authz.TransactionIdConnection.searchAsync(TransactionIdConnection.java:99) at org.forgerock.opendj.ldap.AbstractConnection.searchAsync(AbstractConnection.java:352) at org.forgerock.opendj.ldap.AbstractConnection.searchSingleEntryAsync(AbstractConnection.java:378) at org.forgerock.opendj.rest2ldap.SubResourceImpl.read(SubResourceImpl.java:898) ... 422 more
4. If validate is set to true for the relationships, then step 2 would fail with
{
"code": 400,
"reason": "Bad Request",
"message": "The referenced object 'managed/group/group2', does not exist"
}