First Last Prev Next    This bug is not in your last search results.
Bug 43170 - Removing user from school doesn't work if located under a different OU
Removing user from school doesn't work if located under a different OU
Status: CLOSED FIXED
Product: UCS@school
Classification: Unclassified
Component: UMC - Wizards
UCS@school 4.1 R2
Other Linux
: P5 normal (vote)
: UCS@school 4.1 R2 v10
Assigned To: Daniel Tröder
Sönke Schwardt-Krummrich
:
Depends on:
Blocks: 44537 44588
  Show dependency treegraph
 
Reported: 2016-12-12 14:29 CET by Florian Best
Modified: 2017-05-12 13:36 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.091
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2016-12-12 14:29:07 CET 
If a user which is located under schoolA and should be removed from schoolA a error message in UMC pops up "Failed to remove user from school.".

The logfile contains:
Student(name='elsabe', school='schoolA', dn='uid=elsabe,cn=schueler,cn=users,ou=schoolA,dc=school,dc=local') wants to move to its own DN!

The reason is that the UMC-frontend sends a request ala:
{$dn$: dn, school: 'schoolA'}
And the code does the following:
ucs-school-umc-wizards/umc/python/schoolwizards/__init__.py
104 »   »   if require_dn:
105 »   »   »   try:
106 »   »   »   »   obj = klass.from_dn(dn, obj_props.get('school'), lo)
107 »   »   »   except noObject:
108 »   »   »   »   raise UMC_Error(_('The %s %r does not exists or might have been removed in the meanwhile.') % (getattr(klass, 'type_name', klass.__name__), obj_props['name']))
109 »   »   »   for key, value in obj_props.iteritems():
110 »   »   »   »   if key in obj._attributes:
111 »   »   »   »   »   setattr(obj, key, value)

→ So it sets every value of the request i.e.
obj.school = 'schoolA'

In ucs-school-lib/python/models/user.py remove_from_school() then the following if-case is wrong:
398 »   »   if self.school == school:
399 »   »   »   if not self.change_school(self.schools[0], lo):
Comment 1 Florian Best univentionstaff 2016-12-12 14:29:49 CET 
(In reply to Florian Best from comment #0)
> In ucs-school-lib/python/models/user.py remove_from_school() then the
> following if-case is wrong:
> 398 »   »   if self.school == school:
> 399 »   »   »   if not self.change_school(self.schools[0], lo):

→ The if case is true while it should be false.
Comment 2 Florian Best univentionstaff 2016-12-12 15:41:31 CET 
Maybe caused by Bug #42863 ?
Comment 3 Sönke Schwardt-Krummrich univentionstaff 2016-12-16 01:07:37 CET 
This is a regression compared to 4.1 R2 v8.
Comment 4 Daniel Tröder univentionstaff 2017-02-12 18:06:17 CET 
On a single server it works for me:

root@m90s4:~# udm users/user list --filter uid=stud1 | egrep 'DN:|school:'
DN: uid=stud1,cn=schueler,cn=users,ou=SchuleEinz,dc=uni,dc=dtr
  school: SchuleZwei
  school: SchuleEinz

→ Open "Users (schools): Schule Einz" and delete stud1.

root@m90s4:~# udm users/user list --filter uid=stud1 | egrep 'DN:|school:'
DN: uid=stud1,cn=schueler,cn=users,ou=SchuleZwei,dc=uni,dc=dtr
  school: SchuleZwei

No error in UMC or logfiles management-console-{server, module-udm.log, module-schoolwizards.log}.


python-ucs-school         9.0.30-1.273.201611251450
ucs-school-umc-wizards    8.0.0-14.149.201611171707


Please check if the problem can be reproduced on your system.
Comment 5 Florian Best univentionstaff 2017-02-13 11:39:04 CET 
I don't think this is working. Did you test both, singleserver and multiserver?
Comment 6 Daniel Tröder univentionstaff 2017-02-14 10:26:46 CET 
I could reproduce the error now. The description in Comment #1 is wrong: To trigger the bug, the user must be removed from its secondary school.
Comment 7 Daniel Tröder univentionstaff 2017-02-16 16:12:10 CET 
r76772: fix wrong DN and school attribute in user, when deleting it from a secondary OU

Package: ucs-school-umc-wizards
Version: 8.0.0-15.151.201702161609
Branch: ucs_4.1-0
Scope: ucs-school-4.1r2
Comment 8 Sönke Schwardt-Krummrich univentionstaff 2017-03-04 21:15:28 CET 
# univention-ldapsearch -LLL uid=eanton1 dn ucsschoolSchool
dn: uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local
ucsschoolSchool: 100
ucsschoolSchool: gsmitte

# univention-ldapsearch -LLL memberUid=eanton1 dn | grep ^dn
dn: cn=schueler-gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local
dn: cn=Domain Users gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local
dn: cn=gsmitte-1A,cn=klassen,cn=schueler,cn=groups,ou=gsmitte,dc=nstx,dc=local
dn: cn=schueler-100,cn=groups,ou=100,dc=nstx,dc=local
dn: cn=Domain Users 100,cn=groups,ou=100,dc=nstx,dc=local
dn: cn=100-1A,cn=klassen,cn=schueler,cn=groups,ou=100,dc=nstx,dc=local

Log of OLD version of ucs-school-umc-wizards when trying to remove uid=eanton1 from secondary school "gsmitte":
02.03.17 17:59:24.928  MODULE      ( PROCESS ) : UDM object uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local is not User, but actually Student
02.03.17 17:59:24.958  MODULE      ( PROCESS ) : Moving 'uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local' to Student(name='eanton1', school='100', dn='uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local')
02.03.17 17:59:24.959  MODULE      ( WARN    ) : Student(name='eanton1', school='100', dn='uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local') wants to move to its own DN!
02.03.17 17:59:25.040  MODULE      ( PROCESS ) : UDM object uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local is not User, but actually Student

→ No LDAP changes

Log of NEW version of ucs-school-umc-wizards when trying to remove uid=eanton1 from secondary school "gsmitte":
02.03.17 18:23:13.452  MODULE      ( PROCESS ) : UDM object uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local is not User, but actually Student
02.03.17 18:23:13.509  MODULE      ( PROCESS ) : Removing 'uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local' from group 'cn=gsmitte-1A,cn=klassen,cn=schueler,cn=groups,ou=gsmitte,dc=nstx,dc=local' of old school.
02.03.17 18:23:13.524  MODULE      ( PROCESS ) : Modifying SchoolClass(name='gsmitte-1A', school='gsmitte', dn='cn=gsmitte-1A,cn=klassen,cn=schueler,cn=groups,ou=gsmitte,dc=nstx,dc=local')
02.03.17 18:23:13.693  MODULE      ( PROCESS ) : SchoolClass(name='gsmitte-1A', school='gsmitte', dn='cn=gsmitte-1A,cn=klassen,cn=schueler,cn=groups,ou=gsmitte,dc=nstx,dc=local') successfully modified
02.03.17 18:23:13.798  MODULE      ( PROCESS ) : Modifying ClassShare(name='gsmitte-1A', school='gsmitte', dn='cn=gsmitte-1A,cn=klassen,cn=shares,ou=gsmitte,dc=nstx,dc=local')
02.03.17 18:23:13.821  MODULE      ( PROCESS ) : ClassShare(name='gsmitte-1A', school='gsmitte', dn='cn=gsmitte-1A,cn=klassen,cn=shares,ou=gsmitte,dc=nstx,dc=local') not modified. Nothing changed
02.03.17 18:23:13.881  MODULE      ( PROCESS ) : Removing 'uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local' from group 'cn=schueler-gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local' of old school.
02.03.17 18:23:13.881  MODULE      ( PROCESS ) : Modifying SchoolGroup(name='schueler-gsmitte', school='gsmitte', dn='cn=schueler-gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local')
02.03.17 18:23:14.185  MODULE      ( PROCESS ) : SchoolGroup(name='schueler-gsmitte', school='gsmitte', dn='cn=schueler-gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local') successfully modified
02.03.17 18:23:14.186  MODULE      ( PROCESS ) : Removing 'uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local' from group 'cn=Domain Users gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local' of old school.
02.03.17 18:23:14.186  MODULE      ( PROCESS ) : Modifying SchoolGroup(name='Domain Users gsmitte', school='gsmitte', dn='cn=Domain Users gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local')
02.03.17 18:23:14.446  MODULE      ( PROCESS ) : SchoolGroup(name='Domain Users gsmitte', school='gsmitte', dn='cn=Domain Users gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local') successfully modified
02.03.17 18:23:14.462  MODULE      ( PROCESS ) : Modifying Student(name='eanton1', school='100', dn='uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local')
02.03.17 18:23:14.612  MODULE      ( PROCESS ) : Student(name='eanton1', school='100', dn='uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local') successfully modified
02.03.17 18:23:14.614  MODULE      ( PROCESS ) : Modifying Student(name='eanton1', school='100', dn='uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local')
02.03.17 18:23:14.652  MODULE      ( PROCESS ) : Student(name='eanton1', school='100', dn='uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local') successfully modified

LDAP changes:
 dn: cn=schueler-gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local
-uniqueMember: uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local
-memberUid: eanton1

 dn: cn=gsmitte-1A,cn=klassen,cn=schueler,cn=groups,ou=gsmitte,dc=nstx,dc=local
-uniqueMember: uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local
-memberUid: eanton1

 dn: cn=Domain Users gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local
-uniqueMember: uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local
-memberUid: eanton1

 dn: uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local
-ucsschoolSchool: gsmitte

Log of NEW version of ucs-school-umc-wizards when trying to remove uid=eanton1 from primary school "100":
02.03.17 18:31:22.427  MODULE      ( PROCESS ) : UDM object uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local is not User, but actually Student
02.03.17 18:31:22.443  MODULE      ( PROCESS ) : Moving 'uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local' to Student(name='eanton1', school='gsmitte', dn='uid=eanton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local', old_dn='uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local')
02.03.17 18:31:22.605  MODULE      ( PROCESS ) : No exam user for 'uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local' found: No such object
02.03.17 18:31:22.605  MODULE      ( PROCESS ) : Going to move 'uid=eanton1,cn=schueler,cn=users,ou=100,dc=nstx,dc=local' from school '100' to 'gsmitte'
02.03.17 18:31:22.605  MODULE      ( PROCESS ) : User is part of the following groups: ['cn=schueler-gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local', 'cn=Domain Users gsmitte,cn=groups,ou=gsmitte,dc=nstx,dc=local', 'cn=gsmitte-1A,cn=klassen,cn=schueler,cn=groups,ou=gsmitte,dc=nstx,dc=local', 'cn=schueler-100,cn=groups,ou=100,dc=nstx,dc=local', 'cn=Domain Users 100,cn=groups,ou=100,dc=nstx,dc=local', 'cn=100-1A,cn=klassen,cn=schueler,cn=groups,ou=100,dc=nstx,dc=local']
02.03.17 18:31:22.615  MODULE      ( PROCESS ) : Removing 'uid=eanton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local' from group 'cn=100-1A,cn=klassen,cn=schueler,cn=groups,ou=100,dc=nstx,dc=local' of old school.
02.03.17 18:31:22.616  MODULE      ( PROCESS ) : Modifying SchoolClass(name='100-1A', school='100', dn='cn=100-1A,cn=klassen,cn=schueler,cn=groups,ou=100,dc=nstx,dc=local')
02.03.17 18:31:22.648  MODULE      ( PROCESS ) : SchoolClass(name='100-1A', school='100', dn='cn=100-1A,cn=klassen,cn=schueler,cn=groups,ou=100,dc=nstx,dc=local') successfully modified
02.03.17 18:31:22.675  MODULE      ( PROCESS ) : Modifying ClassShare(name='100-1A', school='100', dn='cn=100-1A,cn=klassen,cn=shares,ou=100,dc=nstx,dc=local')
02.03.17 18:31:22.691  MODULE      ( PROCESS ) : ClassShare(name='100-1A', school='100', dn='cn=100-1A,cn=klassen,cn=shares,ou=100,dc=nstx,dc=local') not modified. Nothing changed
02.03.17 18:31:22.716  MODULE      ( PROCESS ) : Removing 'uid=eanton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local' from group 'cn=schueler-100,cn=groups,ou=100,dc=nstx,dc=local' of old school.
02.03.17 18:31:22.716  MODULE      ( PROCESS ) : Modifying SchoolGroup(name='schueler-100', school='100', dn='cn=schueler-100,cn=groups,ou=100,dc=nstx,dc=local')
02.03.17 18:31:22.861  MODULE      ( PROCESS ) : SchoolGroup(name='schueler-100', school='100', dn='cn=schueler-100,cn=groups,ou=100,dc=nstx,dc=local') successfully modified
02.03.17 18:31:22.862  MODULE      ( PROCESS ) : Removing 'uid=eanton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local' from group 'cn=Domain Users 100,cn=groups,ou=100,dc=nstx,dc=local' of old school.
02.03.17 18:31:22.862  MODULE      ( PROCESS ) : Modifying SchoolGroup(name='Domain Users 100', school='100', dn='cn=Domain Users 100,cn=groups,ou=100,dc=nstx,dc=local')
02.03.17 18:31:23.069  MODULE      ( PROCESS ) : SchoolGroup(name='Domain Users 100', school='100', dn='cn=Domain Users 100,cn=groups,ou=100,dc=nstx,dc=local') successfully modified
02.03.17 18:31:23.324  MODULE      ( PROCESS ) : Modifying Student(name='eanton1', school='gsmitte', dn='uid=eanton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local')
02.03.17 18:31:23.356  MODULE      ( PROCESS ) : Student(name='eanton1', school='gsmitte', dn='uid=eanton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local') successfully modified
02.03.17 18:31:23.356  MODULE      ( PROCESS ) : Modifying Student(name='eanton1', school='gsmitte', dn='uid=eanton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local')
02.03.17 18:31:23.379  MODULE      ( PROCESS ) : Student(name='eanton1', school='gsmitte', dn='uid=eanton1,cn=schueler,cn=users,ou=gsmitte,dc=nstx,dc=local') successfully modified

→ user has been moved correctly from OU "100" to OU "gsmitte"
→ groups have been updated accordingly
(sorry, lost LDAP diff)

OK: code change
OK: functional test
OK: YAML
Comment 9 Sönke Schwardt-Krummrich univentionstaff 2017-03-21 12:35:55 CET 
UCS@school 4.1 R2 v10 has been released.

http://docs.software-univention.de/changelog-ucsschool-4.1R2v10-de.html

If this error occurs again, please clone this bug.
First Last Prev Next    This bug is not in your last search results.