Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14534

Fix exception in delegated admin code

    XMLWordPrintable

    Details

    • Target Version/s:
    • Verified Version/s:
    • Support Ticket IDs:

      Description

      Steps to recreate:

      1. Install IDM
      2. Create a managed user with userName demo and password Password1.
      3. Run the test curl statement (result: 403)
      4. curl --location --request GET 'http://localhost:8080/openidm/managed/user?_queryFilter=true' \ --header 'X-OpenIDM-Username: demo' \ --header 'X-OpenIDM-Password: Password1'
      5. Go into the console, to manage internal roles.
      6. Select openidm-authorized and add a privilege for the user above.
      7. Select User and enter a demo, hit save.
      8. Repeat the test curl (result: 200 with user info)
      9. Change the mail attribute on the managed user to allow null values.
      10. Repeat the test curl (result: 500)

      Error seen in logs:

      SEVERE: RuntimeException caughtSEVERE: RuntimeException caughtorg.forgerock.json.JsonValueException: /objects/0/schema/properties/mail/type: Expecting a java.lang.String at org.forgerock.json.JsonValue.expect(JsonValue.java:762)

      Area of interest:
      at org.forgerock.openidm.authz.DelegatedAdminFilter.attributeIsRelationship(DelegatedAdminFilter.java:371)
      if (attrSchema.isDefined("type") && attrSchema.get("type").asString().equals("array")
      && attrSchema.isDefined("items") && attrSchema.get("items").isDefined("type")
      && attrSchema.get("items").get("type").asString().equals("relationship"))

      { return true; }

       
       

       

        Attachments

          Activity

            People

            Assignee:
            matthias.grabiak Matthias Grabiak
            Reporter:
            jesse.ontiveros Jesse Ontiveros
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: