Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14278

Child attributes of array / object attributes aren't validated for type

    XMLWordPrintable

    Details

    • Support Ticket IDs:

      Description

      Child attributes of arrays and objects are not validated for the correct data type during a patch.

      To re-produce:

      1. Unzip and start IDM 6.5.0
      2. Modify the managed/user object to include an array of type objects where the child attributes are boolean and string type respectively:

                          "someArr" : {
                              "title" : null,
                              "type" : "array",
                              "viewable" : true,
                              "searchable" : false,
                              "userEditable" : true,
                              "items" : {
                                  "type" : "object",
                                  "properties" : {
                                      "someBool" : {
                                          "title" : null,
                                          "type" : "boolean",
                                          "viewable" : true,
                                          "searchable" : false,
                                          "userEditable" : true
                                      },
                                      "someString" : {
                                          "title" : null,
                                          "type" : "string",
                                          "viewable" : true,
                                          "searchable" : true,
                                          "userEditable" : true
                                      }
                                  },
                                  "order" : [
                                      "someBool",
                                      "someString"
                                  ],
                                  "required" : [ ]
                              },
                              "description" : null,
                              "isVirtual" : false
                          }
      

      3. Create a managed user without this attribute
      4. Patch the managed user to add the attribute with the child attributes incorrectly typed:

      POST http://localhost:8080/openidm/managed/user/0fe79008-15a9-4e18-9547-8d53a55e73e9?_action=patch
      
      [
        {
          "operation": "replace",
          "field": "someArr/",
          "value": [
            {
              "someBool": "stringHere",
              "someString": true
            }
          ]
        }
      ]
      

      5. Confirm that the patch was successful with the incorrect types stored within each child attribute:

      {
          "userName": "testUser",
          "givenName": "testUser",
          "sn": "testUser",
          "mail": "testUser@testUser.com",
          "preferences": {
              "updates": false,
              "marketing": false
          },
          "someArr": [
              {
                  "someBool": "stringHere",
                  "someString": true
              }
          ],
          "accountStatus": "active",
          "effectiveRoles": [],
          "effectiveAssignments": [],
          "_rev": "00000000bcc919fc",
          "_id": "0fe79008-15a9-4e18-9547-8d53a55e73e9"
      }
      

      Also tested with latest 7.0.0 snapshot (OpenIDM version "7.0.0-SNAPSHOT" (build: 20200115145820, revision: a61a6e3) jenkins-OpenIDM-build-master-1579)

        Attachments

          Activity

            People

            Assignee:
            tal.herman Tal Herman [X] (Inactive)
            Reporter:
            tom.wood Tom Wood
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: