syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SYNCOPE-1102) Unique attribute update inserts additional value
Date Tue, 06 Jun 2017 11:57:18 GMT

    [ https://issues.apache.org/jira/browse/SYNCOPE-1102?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16038722#comment-16038722
] 

ASF subversion and git services commented on SYNCOPE-1102:
----------------------------------------------------------

Commit 53dfa40883653a4bc621f5586a98c23efe9ea761 in syncope's branch refs/heads/1_1_X from
[~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=53dfa40 ]

[SYNCOPE-1102] Minimum Viable Fix


> Unique attribute update inserts additional value
> ------------------------------------------------
>
>                 Key: SYNCOPE-1102
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1102
>             Project: Syncope
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.2.10
>         Environment: MySQL
>            Reporter: Laszlo Miklosik
>            Assignee: Francesco Chicchiriccò
>             Fix For: 1.1.9, 1.2.11
>
>         Attachments: SYNCOPE-1102.diff
>
>
> To reproduce:
> - make sure you have a unique attribute in the Syncope schema (e.g. called privateEmailAddress)
> - create a user via POST and use value 'a@gmail.com' for this unique attribute
> - then try to update this via the Syncope REST API and to change it into 'b@gmail.com'
(by using the below POST payload):
> {code}
> {
>   "attributesToBeUpdated": [
>     {
>       "schema": "privateEmailAddress",
>       "valuesToBeAdded": [
>         "b@gmail.com"
>       ],
>       "valuesToBeRemoved": [
>         "a@gmail.com"
>       ]
>     }
>   ]
> }
> {code}
> - after this the Syncope MySQL data gets incorrect (the unique attribute will have 2
values in table UAttrUniqueValue) and you cannot e.g. delete anymore the user.
> - You then can find the old unique attribute value using query:
> {code}
> select min(id) from UAttrUniqueValue group by ATTRIBUTE_ID having count(stringValue)
> 1
> {code}
> and you can fix the Syncope data inconsistency by deleting the related row from UAttrUniqueValue.
> - Root cause comes from line 467:
> {code}
>                 for (Long attributeValueId : valuesToBeRemoved) {
>                     attributeValueDAO.delete(attributeValueId, attrUtil.attrValueClass());
>                 }
> {code}
> where the delete call uses the same argument values in case of both the non-unique and
unique attributes, this in fact a non-unique attributes is tried to be deleted.
> Note: as UserMod payloads are not used anymore in Syncope 2 REST API, it's likely that
this issue is not happening on Syncope 2, but might reproduce on Syncope 1.1.6-1.2.10.
> Note: I have a patch I applied in our overlay and can provide it if necessary.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message