Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14475

PATCH replace with empty array on managed object relationship property syncs incorrectly to system resource

    XMLWordPrintable

    Details

    • Target Version/s:
    • Verified Version/s:
    • Support Ticket IDs:

      Description

      IDM 6.5.0.2.

      The documented way to delete a relationship is by doing DELETE of that relationship _ref ID, e.g.
      /openidm/managed/user/scarter/wyObject1Owned/053705c1-1759-4776-80de-3af89fe7b107

      However, if a REST PATCH is used to delete all relationships:

      $ curl -u openidm-admin:openidm-admin "http://localhost:8080/openidm/managed/user/338fba3b-d155-4364-a065-b1411bce814c" -X PATCH -H "Content-Type: application/json" -d '[
       {
         "operation": "replace",
         "field": "/wyObject1Owned",
         "value": []
       }]'

      This works:

      • REST GET of the managed object shows the relationship property is "[ ]".
      • the relationships are actually deleted in the repository.

      But... if a mapping is configured to sync that relationship property to an external resource (e.g. DS):

      • expected behaviour: sync "newObject" should have 0 items in the relationship property.
      • current behaviour: sync "newObject" has one item (one relationship).

      TEST CASE:
      ~~~~~~~~~

      1. IDM 6.5.0.2, default embedded-DS repo.
      2. Configure managed object type "wyObject1".
      3. Configure relationship (many:one) between managed user and wyObject1.
      4. On the managed user, set the relationship property to notifySelf.

      5. Configure LDAP provisioner, with attribute mapping from wyObject1Owned to "description", to be used for the relationship property:

      "wyObject1Owned" : {
         "type" : "array",
         "items" : {
           "type" : "string",
           "nativeType" : "string"
         },
         "nativeName" : "description",
         "nativeType" : "string"
       },

      6. Configure mapping, with a transform for the relationship property:

      {
         "target" : "wyObject1Owned",
         "transform" : {
         "type" : "text/javascript",
         "globals" : { },
         "source" : "var out = JSON.stringify(source.wyObject1Owned);\nout;"
         },
         "source" : ""
      },

      7. Create three "wyObject1" managed objects.
      8. Create managed user "user.0".
      9. On the managed user, add relationships to the three wyObject1 managed objects.

      10. REST PATCH of managed user, replacing the relationship property with empty array:

      # curl -u openidm-admin:openidm-admin "http://localhost:8080/openidm/managed/user/338fba3b-d155-4364-a065-b1411bce814c" -X PATCH -H "Content-Type: application/json" -d '[
       {
         "operation": "replace",
         "field": "/wyObject1Owned",
         "value": []
       }]'
      • REST GET managed user:
         # curl -u openidm-admin:openidm-admin "http://localhost:8080/openidm/managed/user/338fba3b-d155-4364-a065-b1411bce814c?_fields=userName,wyObject1Owned/*&_prettyPrint=true"
        {
           "_id" : "338fba3b-d155-4364-a065-b1411bce814c",
           "_rev" : "00000000cd64d538",
           "userName" : "user.0",
           "wyObject1Owned" : [ ]
        }
      • Ldapsearch DS user:
         # bin/ldapsearch -p 389 -D "cn=directory manager" -w password -b "dc=example,dc=com" "uid=user.0" description
        dn: uid=user.0,ou=People,dc=example,dc=com
        description: {"0":{"_ref":"managed/wyObject1/2ce1641a-e990-4e19-aaf4-d18066952633","_refResourceCollection":"managed/wyObject1","_refResourceId":"2ce1641a-e990-4e19-aaf4-d18066952633","_refProperties":{"_id":"f771b388-4108-4109-be15-18bb9f0ca447","_rev":"000000000bfea6d2"}}}
      • openidm0.log.0 with FINE logging for sync, shows that the newObject still has one remaining relationship:
        [173] Mar 03, 2020 4:20:26.992 PM org.forgerock.openidm.sync.SynchronizationServicelambda$handleSynchronizationEvents$4
        FINE: SynchronizationEvent: { "_id": null, "_rev": null, "context": 
        ...
        "newObject": { "userName": "user.0", ..., "wyObject1Owned": [ { "_ref": "managed/wyObject1/2ce1641a-e990-4e19-aaf4-d18066952633", "_refResourceCollection": "managed/wyObject1", "_refResourceId": "2ce1641a-e990-4e19-aaf4-d18066952633", "_refProperties": { "_id": "f771b388-4108-4109-be15-18bb9f0ca447", "_rev": "000000000bfea6d2" } } ] }, 
        ...
        "oldObject": { "userName": "user.0", ..., "wyObject1Owned": [ { "_ref": "managed/wyObject1/04bf7a41-6b6d-4e29-87cc-bac3805304e4", "_refResourceCollection": "managed/wyObject1", "_refResourceId": "04bf7a41-6b6d-4e29-87cc-bac3805304e4", "_refProperties": { "_id": "1e209d89-7395-4a3d-aa1c-38bcd44d5a09", "_rev": "00000000acd4a7a4" } }, { "_ref": "managed/wyObject1/2ce1641a-e990-4e19-aaf4-d18066952633", "_refResourceCollection": "managed/wy
        Object1", "_refResourceId": "2ce1641a-e990-4e19-aaf4-d18066952633", "_refProperties": { "_id": "f771b388-4108-4109-be15-18bb9f0ca447", "_rev": "000000000bfea6d2" } }, { "_ref": "managed/wyObject1/9b72a2e8-1c7d-476c-a32f-94a7440ddd46", "_refResourceCollection": "managed/wyObject1", "_refResourceId": "9b72a2e8-1c7d-476c-a32f-94a7440ddd46", "_refProperties": { "_id": "604c20c8-c033-407c-a064-21646c76eba8", "_rev": "000000005de0a69a" } } ] },

         

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              matthias.grabiak Matthias Grabiak
              Reporter:
              wei-yee.lum Wei-Yee Lum
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: