Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14349

Relationship properties not in source object when returnByDefault is true

    XMLWordPrintable

    Details

    • Target Version/s:
    • Verified Version/s:
    • Story Points:
      2
    • Sprint:
      2020.04 - IDM
    • Support Ticket IDs:

      Description

      It is expected that a relationship property which has been configured with "returnByDefault": true would always be present when working with the base object. Testing has shown that in at least one case (implicit sync), this is not always the case.

      Consider this setup:

      1) A new managed object, defined like so:

              {
                  "name" : "test",
                  "schema" : {
                      "$schema" : "http://forgerock.org/json-schema#",
                      "type" : "object",
                      "title" : "Test",
                      "description" : null,
                      "icon" : "fa-database",
                      "properties" : {
                          "userName" : {
                              "title" : null,
                              "type" : "string",
                              "viewable" : true,
                              "searchable" : true,
                              "userEditable" : true
                          },
                          "managerUsername" : {
                              "title" : null,
                              "type" : "string",
                              "viewable" : true,
                              "searchable" : true,
                              "userEditable" : true
                          }
                      },
                      "order" : [
                          "userName",
                          "managerUsername"
                      ],
                      "required" : [ ]
                  }
              }
      

      2) The default managed/user schema, with one exception: "manager" has "returnByDefault": true

      3) A sync entry that looks like so:

                  "target" : "managed/test",
                  "source" : "managed/user",
                  "name" : "managedUser_managedTest",
                  "properties" : [
                      {
                          "target" : "userName",
                          "source" : "userName"
                      },
                      {
                          "target" : "managerUsername",
                          "transform" : {
                              "type" : "text/javascript",
                              "globals" : { },
                              "source" : "source.manager ? openidm.read(source.manager._ref).userName : \"No Manager\""
                          },
                          "source" : ""
                      }
      

      With this setup, you would expect that every request to a managed/user would result in an implicit sync to managed/test, and you would expect that if that managed/user has a manager, that it would reliably be defined as source.manager.

      Consider the following curl commands:
      1) Create a base user (no manager):

      curl -u openidm-admin:openidm-admin -X PUT -H 'If-None-Match: *' --data '{"userName":"jfeasel", "givenName": "Jake", "sn": "Feasel", "mail": "jfeasel@gmail.com"}' http://localhost:8080/openidm/managed/user/jake -H "Content-type: application/json" | jq .
      
      {
        "_id": "jake",
        "_rev": "2",
        "userName": "jfeasel",
        "givenName": "Jake",
        "sn": "Feasel",
        "mail": "jfeasel@gmail.com",
        "accountStatus": "active",
        "effectiveRoles": [],
        "effectiveAssignments": [],
        "manager": null
      }
      

      2) Create a user which reports to the above:

      curl -u openidm-admin:openidm-admin -X PUT -H 'If-None-Match: *' --data '{"userName":"egarner", "givenName": "Eliza", "sn": "Garner", "mail": "egarner@gmail.com", "manager": {"_ref": "managed/user/jake"}}' http://localhost:8080/openidm/managed/user/eliza -H "Content-type: application/json" | jq .
      
      {
        "_id": "eliza",
        "_rev": "2",
        "userName": "egarner",
        "givenName": "Eliza",
        "sn": "Garner",
        "mail": "egarner@gmail.com",
        "accountStatus": "active",
        "effectiveRoles": [],
        "effectiveAssignments": [],
        "manager": {
          "_ref": "managed/user/jake",
          "_refResourceCollection": "managed/user",
          "_refResourceId": "jake",
          "_refProperties": {
            "_id": "ccdb0ddc-2b0b-40b8-9f56-47c06dc6601a",
            "_rev": "0"
          }
        }
      }
      

      3) Note the correct resulting managed/test entries:

      curl -u openidm-admin:openidm-admin  http://localhost:8080/openidm/managed/test?_queryFilter=true | jq .
      
      {
        "result": [
          {
            "_id": "429ecea4-e5db-4677-892c-f0c4a2cb9f10",
            "_rev": "0",
            "userName": "egarner",
            "managerUsername": "jfeasel"
          },
          {
            "_id": "637457a5-27ca-4645-8ae3-eab6817aa97b",
            "_rev": "0",
            "userName": "jfeasel",
            "managerUsername": "No Manager"
          }
        ],
        "resultCount": 2,
        "pagedResultsCookie": null,
        "totalPagedResultsPolicy": "NONE",
        "totalPagedResults": -1,
        "remainingPagedResults": -1
      }
      

      4) Create a new role

      curl --location --request PUT 'http://localhost:8080/openidm/managed/role/role1' \
      --header 'X-OpenIDM-username: openidm-admin' \
      --header 'X-OpenIDM-password: openidm-admin' \
      --header 'Content-Type: application/json' \
      --header 'If-None-Match: *' \
      --data-raw '{  
         "name":"role1",
         "description":"number ONE role"
      }'
      

       

      5) Add a new role to Eliza

      curl --location --request POST 'http://localhost:8080/openidm/managed/user/eliza/roles?_action=create' \
      --header 'X-OpenIDM-username: openidm-admin' \
      --header 'X-OpenIDM-password: openidm-admin' \
      --header 'Content-Type: application/json' \
      --data-raw '{"_ref":"managed/role/role1","_refProperties":{}}'
      

       

      5) Check again the managed/test entries again. You'll see that the managerUsername for egarner is now No Manager.

      curl -u openidm-admin:openidm-admin  http://localhost:8080/openidm/managed/test?_queryFilter=true | jq . 
      
      {
        "result": [
          {
            "_id": "429ecea4-e5db-4677-892c-f0c4a2cb9f10",
            "_rev": "0",
            "userName": "egarner",
            "managerUsername": "No Manager"
          },
          {
            "_id": "637457a5-27ca-4645-8ae3-eab6817aa97b",
            "_rev": "0",
            "userName": "jfeasel",
            "managerUsername": "No Manager"
          }
        ],
        "resultCount": 2,
        "pagedResultsCookie": null,
        "totalPagedResultsPolicy": "NONE",
        "totalPagedResults": -1,
        "remainingPagedResults": -1
      }
      

       

       

        Attachments

        1. managed.json
          49 kB
        2. sync.json
          2 kB

          Issue Links

            Activity

              People

              Assignee:
              alin Alin Brici
              Reporter:
              jake.feasel Jake Feasel
              QA Assignee:
              Julian Keller Julian Keller
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: