Bug 42267 - Integrate self service into 4.2 web structure + improve usability
Integrate self service into 4.2 web structure + improve usability
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Self Service
UCS 4.2
Other Linux
: P5 enhancement (vote)
: UCS 4.2
Assigned To: Jürn Brodersen
Daniel Tröder
: interim-2
: 40614 40615 (view as bug list)
Depends on: 36215 43486
Blocks: 43565 43964 44189 44221
  Show dependency treegraph
 
Reported: 2016-09-05 18:08 CEST by Alexander Kläser
Modified: 2017-04-04 18:28 CEST (History)
6 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Release Goal
Max CVSS v3 score:


Attachments
Alex Kramer's changes (114.79 KB, patch)
2016-09-06 16:22 CEST, Florian Best
Details | Diff
Screenshot (28.25 KB, image/png)
2017-03-20 16:45 CET, Florian Best
Details
handle no password file (1.63 KB, patch)
2017-03-27 15:26 CEST, Daniel Tröder
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Kläser univentionstaff 2016-09-05 18:08:43 CEST
The self service will be integrated into the main menu of the UCS 4.2 portal and UMC. For this, we will also improve some usability aspects as suggested by Alex Kramer.

Screenshots can be found at:
https://mail.univention.de/appsuite/#!&app=io.ox/files&folder=1206&id=1206/1396
Comment 1 Florian Best univentionstaff 2016-09-06 16:22:53 CEST
Created attachment 7983 [details]
Alex Kramer's changes
Comment 2 Florian Best univentionstaff 2016-09-13 13:59:55 CEST
*** Bug 40614 has been marked as a duplicate of this bug. ***
Comment 3 Florian Best univentionstaff 2016-09-13 14:00:56 CEST
*** Bug 40615 has been marked as a duplicate of this bug. ***
Comment 4 Eduard Mai univentionstaff 2017-02-02 22:31:55 CET
r76337: merges the fork Alexander Kramer did as a final project. The service now runs as a UMC module instead of a stand alone web service (done via Bug #42132).

r76338: adds old frontend JS file tree for testing during transition to univention-web.

r76339: core functionality was reestablished, unfinished port to univention-web.
Comment 5 Eduard Mai univentionstaff 2017-02-07 14:44:31 CET
Revision 76495: Most of the CSS was removed. The design was changed to reflect the changes proposed for 4.2. Duplicate JS modules also found in univention-web were removed.

UCS 4.2:
Package: univention-self-service
Version: 2.0.2-3A~4.2.0.201702071439
Comment 6 Alexander Kläser univentionstaff 2017-02-16 17:40:48 CET
Looks good so far. I spotted the following points that need some tuning:

(a) JavaScript traceback, it seems that lib.js is not working as it should:
* Uninstall univention-self-service-passwordreset-umc to provoke an error. 
* Choose "Protect account access"
* After entering username + password, there will be a traceback in 
  ProtectAccountAccess.js, line 179 ("lib.showMessage()"), it seems that the 
  node handling is not correct here.
* All form fields stay gray.

This can also be provoked with require('selfservice/lib').showMessage('test') on the JS console.

(b) When I enter my email address only once on "Protect Account Access", there is no hint that I have to enter it twice when I press on "Save"

(c) When pressing "Save" (with email address entered two times), I get errors on the JavaScript console (similar to (a)).

(d) As the WSGI code has been removed, the Self Service cannot be installed anymore on a DC slave, see Bug 43565.

(e) The input fields should have a slight grey background.

(f) German translations are missing.

(g) I cannot submit the values by pressing the "enter" key.
Comment 7 Alexander Kläser univentionstaff 2017-02-16 17:46:07 CET
(In reply to Alexander Kläser from comment #6)
> [...]
> (c) When pressing "Save" (with email address entered two times), I get
> errors on the JavaScript console (similar to (a)).

In fact when changing the password successfully, there is no information that everything went fine + the form fields are not cleared.
Comment 8 Alexander Kläser univentionstaff 2017-02-16 17:49:45 CET
(h) When I request a token to reset the password, the form fields + button are disabled and nothing else happens (no message etc.) → probably similar to (a) ?
Comment 9 Jürn Brodersen univentionstaff 2017-02-21 11:16:58 CET
(In reply to Alexander Kläser from comment #6)
> Looks good so far. I spotted the following points that need some tuning:
> 
> (a) JavaScript traceback, it seems that lib.js is not working as it should:
> * Uninstall univention-self-service-passwordreset-umc to provoke an error. 
> * Choose "Protect account access"
> * After entering username + password, there will be a traceback in 
>   ProtectAccountAccess.js, line 179 ("lib.showMessage()"), it seems that the 
>   node handling is not correct here.
> * All form fields stay gray.
> 
> This can also be provoked with
> require('selfservice/lib').showMessage('test') on the JS console.
> 
> (b) When I enter my email address only once on "Protect Account Access",
> there is no hint that I have to enter it twice when I press on "Save"
> 
> (c) When pressing "Save" (with email address entered two times), I get
> errors on the JavaScript console (similar to (a)).
> 
> (d) As the WSGI code has been removed, the Self Service cannot be installed
> anymore on a DC slave, see Bug 43565.
> 
> (e) The input fields should have a slight grey background.

Will be done via Bug 43528.
 
> (f) German translations are missing.

Will be done via Bug 43594.

> (g) I cannot submit the values by pressing the "enter" key.
Comment 10 Alexander Kläser univentionstaff 2017-02-23 14:37:04 CET
At one point, I have been redirected to:

  /univention/self-service/#newpassword?username=test

This is incorrect, the format should be:

  /univention/self-service/?username=test#newpassword
Comment 11 Jürn Brodersen univentionstaff 2017-02-23 16:33:21 CET
(In reply to Alexander Kläser from comment #10)
> At one point, I have been redirected to:
> 
>   /univention/self-service/#newpassword?username=test
> 
> This is incorrect, the format should be:
> 
>   /univention/self-service/?username=test#newpassword

I changed the behavior to /univention/self-service/#page=newpassword&username=test

Which seems the most common way of doing this:
https://dojotoolkit.org/reference-guide/1.10/dojo/hash.html#examples
https://en.wikipedia.org/wiki/Fragment_identifier#Examples

Package: univention-self-service
Version: 2.0.4-10A~4.2.0.201702231623

TODO:
Menu entries
Comment 12 Alexander Kläser univentionstaff 2017-02-23 17:27:37 CET
(In reply to Jürn Brodersen from comment #11)
> [...]
> TODO:
> Menu entries

As discussed, I migrated the menu entries. The react dynamically on the login state.

univention-self-service (2.0.5-1):
r77073 | Bug #42267: move menu entries into JavaScript hook module
Comment 13 Alexander Kläser univentionstaff 2017-03-04 18:28:55 CET
I fixed the translation of previously untranslated parts. The web interface is now installed to /usr/share/univention-self-service/www as opposed to /var/www/univention/self-service in order to comply with the behaviour of other packages.

NOTE: As there has been a file /var/www/univention/self-service/entries.json in some previous package version, make sure to delete this file prior to updating. Otherwise the symbolic link /var/www/univention/self-service → /usr/share/univention-self-service/www will not be created. With a fresh installation everything should be fine.

univention-self-service (2.0.5-4):
r77353 | Bug #42267: Fix l10n integration
Comment 14 Erik Damrose univentionstaff 2017-03-06 14:31:05 CET
Reopen:

The latest package version was not build, which was done now: univention-self-service 2.0.5-4A~4.2.0.201703061414

There is a new link on the portal page, which was previously not there: "Passwort settings", is this intended?

When clicking on that link or choosing any of the self-service links from the side menu, an error appears:

Webfrontend-Fehler: Die angegebene Anfrage ist nicht bekannt.
The path '/self-service/index.html' was not found.
Comment 15 Alexander Kläser univentionstaff 2017-03-06 14:35:50 CET
(In reply to Erik Damrose from comment #14)
> Reopen:
> 
> The latest package version was not build, which was done now:
> univention-self-service 2.0.5-4A~4.2.0.201703061414
> 
> There is a new link on the portal page, which was previously not there:
> "Passwort settings", is this intended?
> 
> When clicking on that link or choosing any of the self-service links from
> the side menu, an error appears:
> 
> Webfrontend-Fehler: Die angegebene Anfrage ist nicht bekannt.
> The path '/self-service/index.html' was not found.

Yep, exactly what I have written above ;) ... the behaviour is fine as this affects only an interim version:

(In reply to Alexander Kläser from comment #13)
> [...]
> NOTE: As there has been a file /var/www/univention/self-service/entries.json
> in some previous package version, make sure to delete this file prior to
> updating. Otherwise the symbolic link /var/www/univention/self-service →
> /usr/share/univention-self-service/www will not be created. With a fresh
> installation everything should be fine.
Comment 16 Alexander Kläser univentionstaff 2017-03-10 12:03:23 CET
Please re-add the option for a redirect URL. The function _getUrlForRedirect() already exists, but it is not used. I would suggest to support url=... via the query string as well as url=... via the hash part of the URL. This should work for resetting the password as well as protecting the account.

We then need to add the url option to the menu entries in order to be redirected correctly after resetting the password or adding the contact data. 

Please also add the url option to the email address.
Comment 17 Alexander Kläser univentionstaff 2017-03-10 13:24:31 CET
FYI, I adjusted some styling issues.

univention-self-service (2.0.9-3):
r77574 | Bug #43528: Adjust styling of elements + fix typo
Comment 18 Alexander Kläser univentionstaff 2017-03-10 16:04:22 CET
(In reply to Alexander Kläser from comment #16)
> Please re-add the option for a redirect URL. The function
> _getUrlForRedirect() already exists, but it is not used. I would suggest to
> support url=... via the query string as well as url=... via the hash part of
> the URL. This should work for resetting the password as well as protecting
> the account.

If url ist not given, please redirect to "/univention".

> We then need to add the url option to the menu entries in order to be
> redirected correctly after resetting the password or adding the contact
> data. 

I think if the "/univention" is used here, this would be fine.

> Please also add the url option to the email address.

Forget this point.
Comment 19 Jürn Brodersen univentionstaff 2017-03-10 16:48:59 CET
(In reply to Alexander Kläser from comment #18)
> (In reply to Alexander Kläser from comment #16)
> > Please re-add the option for a redirect URL. The function
> > _getUrlForRedirect() already exists, but it is not used. I would suggest to
> > support url=... via the query string as well as url=... via the hash part of
> > the URL. This should work for resetting the password as well as protecting
> > the account.
> 
> If url ist not given, please redirect to "/univention".
> 
> > We then need to add the url option to the menu entries in order to be
> > redirected correctly after resetting the password or adding the contact
> > data. 
> 
> I think if the "/univention" is used here, this would be fine.
> 
> > Please also add the url option to the email address.
> 
> Forget this point.

r77596: Redirect after password reset and account protection
Package: univention-self-service
Version: 2.0.9-4A~4.2.0.201703101642
Branch: ucs_4.2-0
Comment 20 Florian Best univentionstaff 2017-03-10 17:39:38 CET
(In reply to Alexander Kläser from comment #18)
> (In reply to Alexander Kläser from comment #16)
> > Please re-add the option for a redirect URL. The function
> > _getUrlForRedirect() already exists, but it is not used. I would suggest to
> > support url=... via the query string as well as url=... via the hash part of
> > the URL. This should work for resetting the password as well as protecting
> > the account.
> 
> If url ist not given, please redirect to "/univention".
No, please redirect to /univention/ !
Comment 21 Jürn Brodersen univentionstaff 2017-03-13 10:07:12 CET
(In reply to Florian Best from comment #20)
> (In reply to Alexander Kläser from comment #18)
> > (In reply to Alexander Kläser from comment #16)
> > > Please re-add the option for a redirect URL. The function
> > > _getUrlForRedirect() already exists, but it is not used. I would suggest to
> > > support url=... via the query string as well as url=... via the hash part of
> > > the URL. This should work for resetting the password as well as protecting
> > > the account.
> > 
> > If url ist not given, please redirect to "/univention".
> No, please redirect to /univention/ !
Changed
Comment 22 Erik Damrose univentionstaff 2017-03-15 13:41:35 CET
Reopen
Comment 23 Erik Damrose univentionstaff 2017-03-15 13:44:40 CET
Sorry for last comment
Reopen: There is no input validation when sending the form. When entering different phone numbers or email adresses, there are JS warnings about that, but i can click 'save' (or press enter) and the wizard will close, redirect me to /univention/, and the values will be set at the user object.

I also think that the UMC always has the 'save' button on the lower right, not the cancel button.
Comment 24 Jürn Brodersen univentionstaff 2017-03-15 15:31:04 CET
(In reply to Erik Damrose from comment #23)
> Sorry for last comment
> Reopen: There is no input validation when sending the form. When entering
> different phone numbers or email adresses, there are JS warnings about that,
> but i can click 'save' (or press enter) and the wizard will close, redirect
> me to /univention/, and the values will be set at the user object.
> 
> I also think that the UMC always has the 'save' button on the lower right,
> not the cancel button.

Both fixed:
r77738: switch save/cancel button; fix input validation
Package: univention-self-service
Version: 2.0.10-2A~4.2.0.201703151523
Branch: ucs_4.2-0
Comment 25 Florian Best univentionstaff 2017-03-20 16:45:32 CET
Created attachment 8595 [details]
Screenshot

The label for "E-Mail" is missing and the label for "E-Mail (wiederholen)" is at the wrong place.
Comment 26 Florian Best univentionstaff 2017-03-20 16:47:27 CET
The input fields aren't reset after e.g. requesting a token.
Comment 27 Jürn Brodersen univentionstaff 2017-03-21 10:49:24 CET
(In reply to Florian Best from comment #26)
> The input fields aren't reset after e.g. requesting a token.

I don't know which fields you mean? After entering your request token you should be redirected. Did that not work? The back and cancel buttons clean reset the fields for me.
Comment 28 Jürn Brodersen univentionstaff 2017-03-21 11:51:18 CET
(In reply to Florian Best from comment #25)
> Created attachment 8595 [details]
> Screenshot
> 
> The label for "E-Mail" is missing and the label for "E-Mail (wiederholen)"
> is at the wrong place.

I think the idea was that the label is for both fields. But afaik we are not using a design like that anywhere else. I changed it.

r78028: separate labels for first input and retype input
Package: univention-self-service
Version: 2.0.10-5A~4.2.0.201703211148
Branch: ucs_4.2-0
Comment 29 Florian Best univentionstaff 2017-03-21 11:59:23 CET
(In reply to Jürn Brodersen from comment #27)
> (In reply to Florian Best from comment #26)
> > The input fields aren't reset after e.g. requesting a token.
> 
> I don't know which fields you mean? After entering your request token you
> should be redirected. Did that not work? The back and cancel buttons clean
> reset the fields for me.

There was no redirection because the request failed. Then I switched to "forgot password" and switched back.
Comment 30 Jürn Brodersen univentionstaff 2017-03-22 10:16:03 CET
(In reply to Florian Best from comment #29)
> (In reply to Jürn Brodersen from comment #27)
> > (In reply to Florian Best from comment #26)
> > > The input fields aren't reset after e.g. requesting a token.
> > 
> > I don't know which fields you mean? After entering your request token you
> > should be redirected. Did that not work? The back and cancel buttons clean
> > reset the fields for me.
> 
> There was no redirection because the request failed. Then I switched to
> "forgot password" and switched back.

I don't see a quick way to fix that. Moved to bug 44021.
Comment 31 Daniel Tröder univentionstaff 2017-03-24 13:48:09 CET
I installed the App on a UCS@school edu-slave and had to follow the link in the app center to find the password-reset module.

When I enter any username I get a window that says "Verboten".

In /var/log/univention/management-console-web-server.log:

24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand (10.205.1.238:59296) response status code: 403
24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand (10.205.1.238:59296) response message: Verboten
24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand (10.205.1.238:59296) response result: None

You can see it in 10.200.3.121
Comment 32 Florian Best univentionstaff 2017-03-24 14:11:27 CET
(In reply to Daniel Tröder from comment #31)
> I installed the App on a UCS@school edu-slave and had to follow the link in
> the app center to find the password-reset module.
> 
> When I enter any username I get a window that says "Verboten".
> 
> In /var/log/univention/management-console-web-server.log:
> 
> 24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand
> (10.205.1.238:59296) response status code: 403
> 24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand
> (10.205.1.238:59296) response message: Verboten
> 24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand
> (10.205.1.238:59296) response result: None
> 
> You can see it in 10.200.3.121

You need to install univention-self-service-passwordreset-umc on your DC Master.
Comment 33 Daniel Tröder univentionstaff 2017-03-24 15:14:55 CET
(In reply to Florian Best from comment #32)
> (In reply to Daniel Tröder from comment #31)
> > I installed the App on a UCS@school edu-slave and had to follow the link in
> > the app center to find the password-reset module.
> > 
> > When I enter any username I get a window that says "Verboten".
> > 
> > In /var/log/univention/management-console-web-server.log:
> > 
> > 24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand
> > (10.205.1.238:59296) response status code: 403
> > 24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand
> > (10.205.1.238:59296) response message: Verboten
> > 24.03.17 13:07:28.392  MAIN        ( PROCESS ) : CPCommand
> > (10.205.1.238:59296) response result: None
> > 
> > You can see it in 10.200.3.121
> 
> You need to install univention-self-service-passwordreset-umc on your DC
> Master.
Fixed in https://forge.univention.org/bugzilla/show_bug.cgi?id=43899#c11
Comment 34 Daniel Tröder univentionstaff 2017-03-27 15:08:40 CEST
When I want to set my contact information I have to enter my username. That seems unnecessary, as I am already logged in.

That the provide-contact-page is outside the UMC is not obvious (or interesting) to the user and there is no navigation to it except from inside the UMC (side bar).

Please at least pre-fill the username.
If possible provide a session key, so that not even a password is needed.
Comment 35 Daniel Tröder univentionstaff 2017-03-27 15:25:55 CEST
When UCRV umc/self-service/passwordreset/sms/password_file is not set, a TypeError is not caught:

Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/management/console/protocol/modserver.py", line 178, in _recv
    self.handle(msg)
  File "/usr/lib/pymodules/python2.7/univention/management/console/protocol/modserver.py", line 178, in _recv
    self.handle(msg)
  File "/usr/lib/pymodules/python2.7/univention/management/console/protocol/modserver.py", line 286, in handle
    self.__handler.init()
  File "/usr/lib/pymodules/python2.7/univention/management/console/modules/passwordreset/__init__.py", line 226, in init
    self.send_plugins = get_sending_plugins(MODULE.process)
  File "/usr/lib/pymodules/python2.7/univention/management/console/modules/passwordreset/sending/__init__.py", line 33, in get_plugins
    plugins[plugin_class.send_method()] = plugin_class(log)
  File "/usr/lib/pymodules/python2.7/univention/management/console/modules/passwordreset/sending/send_sms.py", line 72, in __init__
    with open(self.password_file) as pw_file:
TypeError: Die Initialisierung des Moduls ist fehlgeschlagen: Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.7/univention/management/console/protocol/modserver.py", line 178, in _recv
    self.handle(msg)
  File "/usr/lib/pymodules/python2.7/univention/management/console/protocol/modserver.py", line 286, in handle
    self.__handler.init()
  File "/usr/lib/pymodules/python2.7/univention/management/console/modules/passwordreset/__init__.py", line 226, in init
    self.send_plugins = get_sending_plugins(MODULE.process)
  File "/usr/lib/pymodules/python2.7/univention/management/console/modules/passwordreset/sending/__init__.py", line 33, in get_plugins
    plugins[plugin_class.send_method()] = plugin_class(log)
  File "/usr/lib/pymodules/python2.7/univention/management/console/modules/passwordreset/sending/send_sms.py", line 72, in __init__
    with open(self.password_file) as pw_file:
TypeError: coercing to Unicode: need string or buffer, NoneType found
Comment 36 Daniel Tröder univentionstaff 2017-03-27 15:26:53 CEST
Created attachment 8657 [details]
handle no password file

Either allow "no password file" as in attached patch, or catch and raise on TypeError.
Comment 37 Daniel Tröder univentionstaff 2017-03-27 15:50:58 CEST
(In reply to Daniel Tröder from comment #34)
> there is no navigation to it except from inside
> the UMC (side bar).
Not true: just found it in the hamburger menu.
Comment 38 Daniel Tröder univentionstaff 2017-03-27 16:51:34 CEST
Whitelist-checks are not correct:

When a whitelist is set, but a user that is in not on any blacklist or whitelist, he should be rejected, but is not.
Fix:

Index: umc/python/passwordreset/__init__.py
===================================================================
--- umc/python/passwordreset/__init__.py	(Revision 78343)
+++ umc/python/passwordreset/__init__.py	(Arbeitskopie)
@@ -519,7 +519,7 @@
 
 		# not on either black or white list -> not allowed if whitelist exists, else OK
 		MODULE.info("is_blacklisted({}): neither black nor white listed".format(username))
-		return not (wh_users or wh_groups)
+		return bool(wh_users or wh_groups)
Comment 39 Jürn Brodersen univentionstaff 2017-03-27 18:36:38 CEST
(In reply to Daniel Tröder from comment #34)
> If possible provide a session key, so that not even a password is needed.

If no password is asked an attacker could just enter his own mail address and reset the the user password (if the user was already logged in)
Comment 40 Jürn Brodersen univentionstaff 2017-03-27 18:37:08 CEST
r78373: fix whitelist check; prefill username; allow unset sms secret
Comment 41 Daniel Tröder univentionstaff 2017-03-28 08:52:40 CEST
(In reply to Jürn Brodersen from comment #39)
> (In reply to Daniel Tröder from comment #34)
> > If possible provide a session key, so that not even a password is needed.
> 
> If no password is asked an attacker could just enter his own mail address
> and reset the the user password (if the user was already logged in)
Where would the attacker get the session key from?
Comment 42 Jürn Brodersen univentionstaff 2017-03-28 10:03:57 CEST
(In reply to Daniel Tröder from comment #41)
> (In reply to Jürn Brodersen from comment #39)
> > (In reply to Daniel Tröder from comment #34)
> > > If possible provide a session key, so that not even a password is needed.
> > 
> > If no password is asked an attacker could just enter his own mail address
> > and reset the the user password (if the user was already logged in)
> Where would the attacker get the session key from?

If a user forgets to log out or is away from his keyboard in a public environment (schools etc.).

Also everybody does it ;) See for example passwd on linux.
Comment 43 Daniel Tröder univentionstaff 2017-03-28 10:41:43 CEST
(In reply to Jürn Brodersen from comment #40)
> r78373: fix whitelist check; prefill username; allow unset sms secret
OK: r78373: fix whitelist check; prefill username; allow unset sms secret

(In reply to Jürn Brodersen from comment #42)
> (In reply to Daniel Tröder from comment #41)
> > (In reply to Jürn Brodersen from comment #39)
> > > (In reply to Daniel Tröder from comment #34)
> > > > If possible provide a session key, so that not even a password is needed.
> > > 
> > > If no password is asked an attacker could just enter his own mail address
> > > and reset the the user password (if the user was already logged in)
> > Where would the attacker get the session key from?
> 
> If a user forgets to log out or is away from his keyboard in a public
> environment (schools etc.).
True - you're right - it's better this way.
Comment 44 Stefan Gohmann univentionstaff 2017-03-29 07:06:29 CEST
I've added a changelog entry: r78452.
Comment 45 Stefan Gohmann univentionstaff 2017-04-04 18:28:37 CEST
UCS 4.2 has been released:
 https://docs.software-univention.de/release-notes-4.2-0-en.html
 https://docs.software-univention.de/release-notes-4.2-0-de.html

If this error occurs again, please use "Clone This Bug".