Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14349

Relationship properties not in source object when returnByDefault is true

    Details

    • Target Version/s:
    • Verified Version/s:
    • Story Points:
      2
    • Sprint:
      2020.04 - IDM
    • Support Ticket IDs:

      Description

      It is expected that a relationship property which has been configured with "returnByDefault": true would always be present when working with the base object. Testing has shown that in at least one case (implicit sync), this is not always the case.

      Consider this setup:

      1) A new managed object, defined like so:

              {
                  "name" : "test",
                  "schema" : {
                      "$schema" : "http://forgerock.org/json-schema#",
                      "type" : "object",
                      "title" : "Test",
                      "description" : null,
                      "icon" : "fa-database",
                      "properties" : {
                          "userName" : {
                              "title" : null,
                              "type" : "string",
                              "viewable" : true,
                              "searchable" : true,
                              "userEditable" : true
                          },
                          "managerUsername" : {
                              "title" : null,
                              "type" : "string",
                              "viewable" : true,
                              "searchable" : true,
                              "userEditable" : true
                          }
                      },
                      "order" : [
                          "userName",
                          "managerUsername"
                      ],
                      "required" : [ ]
                  }
              }
      

      2) The default managed/user schema, with one exception: "manager" has "returnByDefault": true

      3) A sync entry that looks like so:

                  "target" : "managed/test",
                  "source" : "managed/user",
                  "name" : "managedUser_managedTest",
                  "properties" : [
                      {
                          "target" : "userName",
                          "source" : "userName"
                      },
                      {
                          "target" : "managerUsername",
                          "transform" : {
                              "type" : "text/javascript",
                              "globals" : { },
                              "source" : "source.manager ? openidm.read(source.manager._ref).userName : \"No Manager\""
                          },
                          "source" : ""
                      }
      

      With this setup, you would expect that every request to a managed/user would result in an implicit sync to managed/test, and you would expect that if that managed/user has a manager, that it would reliably be defined as source.manager.

      Consider the following curl commands:
      1) Create a base user (no manager):

      curl -u openidm-admin:openidm-admin -X PUT -H 'If-None-Match: *' --data '{"userName":"jfeasel", "givenName": "Jake", "sn": "Feasel", "mail": "jfeasel@gmail.com"}' http://localhost:8080/openidm/managed/user/jake -H "Content-type: application/json" | jq .
      
      {
        "_id": "jake",
        "_rev": "2",
        "userName": "jfeasel",
        "givenName": "Jake",
        "sn": "Feasel",
        "mail": "jfeasel@gmail.com",
        "accountStatus": "active",
        "effectiveRoles": [],
        "effectiveAssignments": [],
        "manager": null
      }
      

      2) Create a user which reports to the above:

      curl -u openidm-admin:openidm-admin -X PUT -H 'If-None-Match: *' --data '{"userName":"egarner", "givenName": "Eliza", "sn": "Garner", "mail": "egarner@gmail.com", "manager": {"_ref": "managed/user/jake"}}' http://localhost:8080/openidm/managed/user/eliza -H "Content-type: application/json" | jq .
      
      {
        "_id": "eliza",
        "_rev": "2",
        "userName": "egarner",
        "givenName": "Eliza",
        "sn": "Garner",
        "mail": "egarner@gmail.com",
        "accountStatus": "active",
        "effectiveRoles": [],
        "effectiveAssignments": [],
        "manager": {
          "_ref": "managed/user/jake",
          "_refResourceCollection": "managed/user",
          "_refResourceId": "jake",
          "_refProperties": {
            "_id": "ccdb0ddc-2b0b-40b8-9f56-47c06dc6601a",
            "_rev": "0"
          }
        }
      }
      

      3) Note the correct resulting managed/test entries:

      curl -u openidm-admin:openidm-admin  http://localhost:8080/openidm/managed/test?_queryFilter=true | jq .
      
      {
        "result": [
          {
            "_id": "429ecea4-e5db-4677-892c-f0c4a2cb9f10",
            "_rev": "0",
            "userName": "egarner",
            "managerUsername": "jfeasel"
          },
          {
            "_id": "637457a5-27ca-4645-8ae3-eab6817aa97b",
            "_rev": "0",
            "userName": "jfeasel",
            "managerUsername": "No Manager"
          }
        ],
        "resultCount": 2,
        "pagedResultsCookie": null,
        "totalPagedResultsPolicy": "NONE",
        "totalPagedResults": -1,
        "remainingPagedResults": -1
      }
      

      4) Create a new role

      curl --location --request PUT 'http://localhost:8080/openidm/managed/role/role1' \
      --header 'X-OpenIDM-username: openidm-admin' \
      --header 'X-OpenIDM-password: openidm-admin' \
      --header 'Content-Type: application/json' \
      --header 'If-None-Match: *' \
      --data-raw '{  
         "name":"role1",
         "description":"number ONE role"
      }'
      

       

      5) Add a new role to Eliza

      curl --location --request POST 'http://localhost:8080/openidm/managed/user/eliza/roles?_action=create' \
      --header 'X-OpenIDM-username: openidm-admin' \
      --header 'X-OpenIDM-password: openidm-admin' \
      --header 'Content-Type: application/json' \
      --data-raw '{"_ref":"managed/role/role1","_refProperties":{}}'
      

       

      5) Check again the managed/test entries again. You'll see that the managerUsername for egarner is now No Manager.

      curl -u openidm-admin:openidm-admin  http://localhost:8080/openidm/managed/test?_queryFilter=true | jq . 
      
      {
        "result": [
          {
            "_id": "429ecea4-e5db-4677-892c-f0c4a2cb9f10",
            "_rev": "0",
            "userName": "egarner",
            "managerUsername": "No Manager"
          },
          {
            "_id": "637457a5-27ca-4645-8ae3-eab6817aa97b",
            "_rev": "0",
            "userName": "jfeasel",
            "managerUsername": "No Manager"
          }
        ],
        "resultCount": 2,
        "pagedResultsCookie": null,
        "totalPagedResultsPolicy": "NONE",
        "totalPagedResults": -1,
        "remainingPagedResults": -1
      }
      

       

       

        Attachments

        1. managed.json
          49 kB
          Jake Feasel
        2. sync.json
          2 kB
          Jake Feasel

          Issue Links

            Activity

              People

              • Assignee:
                alin Alin Brici
                Reporter:
                jake.feasel Jake Feasel
                QA Assignee:
                Julian Keller
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: