Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-15871

Policy validation fails for nested attributes in managed.json

    XMLWordPrintable

    Details

    • Target Version/s:
    • Verified Version/s:
    • Story Points:
      2
    • Sprint:
      2021.1 - IDM, IDM - 2021.2
    • Support Ticket IDs:

      Description

      When using nested attributes which have a 'types' value of '["string", "null"]', policy validation errors are thrown when trying to create a managed object.

      To reproduce:

      • Install IDM 7.0.1
      • Copy the attached managed.json file to the conf directory
      • Use the following cURL request to cause the error:
      $ curl -k --location --request POST 'https://localhost:8443/openidm/managed/user' \
      --header 'Content-Type: application/json' \
      --header 'X-OpenIDM-Username: openidm-admin' \
      --header 'X-OpenIDM-Password: openidm-admin' \
      --data-raw '{
          "userName": "zzz128",
          "givenName": "foo",
          "sn": "bar",
          "mail": "foo@example.com",
          "nullable": "null",
          "updateTaskState": {
              "lastStartedDate": "foo",
              "lastCompletedDate": "foo"
          }
      }'

      This will return:

      {"code":403,"reason":"Forbidden","message":"Policy validation failed","detail":{"result":false,"failedPolicyRequirements":[{"policyRequirements":[{"property":"updateTaskState/lastCompletedDate","params":{"invalidType":"string","validTypes":[["string","null"]]},"policyRequirement":"VALID_TYPE"}],"property":"updateTaskState"}]}} 

      Where the string provided in the request for updateTaskState/lastCompletedData is marked as not matching the allowed types (string, null)

       

      This seems to be caused by the following line in policy.js (279):

      var validTypes = [schema.properties[property].properties[propertyName].type]; 

      Which returns the allowed types as an object. For non-nested attributes, this value looks like:

      [string, null]

      Whereas with the nested attributes, this is:

       [[string, null]]

      Which causes the check on line 307 to return true instead of false and throw the validTypes policy response.

        Attachments

          Activity

            People

            Assignee:
            krismy.alfaro Krismy Alfaro
            Reporter:
            tom.wood Tom Wood
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: