-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Not a defect
-
Affects Version/s: 6.5.0, 7.0.0
-
Fix Version/s: None
-
Component/s: Module - Managed Objects, Module - Relationships
-
Labels:
-
Target Version/s:
-
Story Points:2
-
Sprint:2020.04 - IDM
To reproduce this issue
1. Create a relationship with validate set to false. For example managed/user (mygroups) <many to many> managed/group (mymembers), attached is the sample managed.json
"mygroups" : { "title" : "mygroups", "viewable" : true, "searchable" : false, "userEditable" : false, "returnByDefault" : false, "type" : "array", "items" : { "type" : "relationship", "reverseRelationship" : true, "reversePropertyName" : "mymembers", "validate" : false,
2. Create a new user referencing a non-existent group.
POST /openidm/managed/user?_action=create { "givenName" : "test2", "sn" : "test2", "userName" : "test2", "mail" : "test2@example.com", "mygroups" : [{"_ref": "managed/group/group2"}] }
The REST call is successful
GET /openidm/managed/user/61749b6c-7785-43f8-9e9e-0ff15b6bf6a6?_fields=*,mygroups { "_id": "61749b6c-7785-43f8-9e9e-0ff15b6bf6a6", "_rev": "0000000062d979ff", "givenName": "test2", "sn": "test2", "userName": "test2", "mail": "test2@example.com", "accountStatus": "active", "effectiveRoles": [], "effectiveAssignments": [], "mygroups": [ { "_ref": "managed/group/group2", "_refResourceCollection": "managed/group", "_refResourceId": "group2", "_refProperties": { "_id": "9cb5020f-d53d-48be-a8d2-ad829da24f1f", "_rev": "00000000852aa0ed" } } ] }
3. Load the user in admin ui. The REST call /openidm/managed/user/cda3731d-4812-4126-92e9-15a3b6dd51c3/mygroups?_pageSize=50&_sortKeys=_id&_totalPagedResultsPolicy=ESTIMATE&_queryFilter=true&_fields= causes an exception
-> [164] Sep 04, 2019 10:54:51.900 AM org.forgerock.openidm.relationship.EdgeCollectionInternals lambda$dispatchQuery$3 SEVERE: Error expanding resource: No Such Entry: The search base entry 'uid=group2,ou=group,ou=managed,dc=openidm,dc=forgerock,dc=com' does not exist org.forgerock.json.resource.NotFoundException: No Such Entry: The search base entry 'uid=group2,ou=group,ou=managed,dc=openidm,dc=forgerock,dc=com' does not exist at org.forgerock.opendj.rest2ldap.Rest2Ldap.asResourceException(Rest2Ldap.java:354) at org.forgerock.opendj.rest2ldap.SubResourceImpl.lambda$adaptLdapException$22(SubResourceImpl.java:1109) ... at org.forgerock.openidm.repo.opendj.impl.OpenDJRepoService.handleRead(OpenDJRepoService.java:176) ... at org.forgerock.openidm.managed.ManagedObjectSet.readInstance(ManagedObjectSet.java:1012) ... at org.forgerock.openidm.relationship.EdgeInternals.expandFields(EdgeInternals.java:644) at org.forgerock.openidm.relationship.EdgeCollectionInternals.lambda$dispatchQuery$3(EdgeCollectionInternals.java:288) at org.forgerock.openidm.relationship.impl.augmentation.AugmentingQueryResourceFilterProxy.handleResource(AugmentingQueryResourceFilterProxy.java:51) ... at org.eclipse.jetty.server.Server.handle(Server.java:499) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555) at java.lang.Thread.run(Thread.java:748) Caused by: No Such Entry: The search base entry 'uid=group2,ou=group,ou=managed,dc=openidm,dc=forgerock,dc=com' does not exist at org.forgerock.opendj.ldap.LdapException.newLdapException(LdapException.java:246) at org.opends.server.protocols.ReactiveHandlersUtils.emitResult(ReactiveHandlersUtils.java:390) at org.opends.server.api.ClientConnection.sendResponse(ClientConnection.java:301) at org.opends.server.core.SearchOperation.sendSearchResultDone(SearchOperation.java:636) at org.opends.server.core.SearchOperation.run(SearchOperation.java:779) at org.opends.server.protocols.internal.AbstractInternalClientConnection.handleRequest(AbstractInternalClientConnection.java:365) at org.opends.server.protocols.internal.AbstractInternalClientConnection.lambda$handle$0(AbstractInternalClientConnection.java:348) ... at org.opends.server.protocols.internal.AbstractInternalClientConnection$InternalConnection.search(AbstractInternalClientConnection.java:146) at org.forgerock.opendj.ldap.AbstractSynchronousConnection.searchAsync(AbstractSynchronousConnection.java:132) at org.forgerock.opendj.rest2ldap.authz.TransactionIdConnection.searchAsync(TransactionIdConnection.java:99) at org.forgerock.opendj.ldap.AbstractConnection.searchAsync(AbstractConnection.java:352) at org.forgerock.opendj.ldap.AbstractConnection.searchSingleEntryAsync(AbstractConnection.java:378) at org.forgerock.opendj.rest2ldap.SubResourceImpl.read(SubResourceImpl.java:898) ... 422 more
4. If validate is set to true for the relationships, then step 2 would fail with
{ "code": 400, "reason": "Bad Request", "message": "The referenced object 'managed/group/group2', does not exist" }