Bug 50525 - POST to users/self leads to HTTP 500 - KeyError: 'primaryGroup'
POST to users/self leads to HTTP 500 - KeyError: 'primaryGroup'
Status: RESOLVED WORKSFORME
Product: UCS
Classification: Unclassified
Component: UDM - REST API
UCS 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: UMC maintainers
UMC maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-11-20 20:23 CET by Daniel Tröder
Modified: 2022-11-07 09:16 CET (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.034
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments
fix[udm]: Fix users/self (34 bytes, patch)
2021-05-11 18:16 CEST, Philipp Hahn
Details | Diff
fix[udm]: Fix users/self (1.55 KB, patch)
2021-05-12 13:44 CEST, Philipp Hahn
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Tröder univentionstaff 2019-11-20 20:23:00 CET
$ curl -i -k -X POST -H "Accept: application/json" -H "Content-Type: application/json" -u Administrator:univention https://m66.uni.dtr/univention/udm/users/self/ --data '{"properties": {"username": "test02"}}'
HTTP/1.1 500 Internal Server Error
[..]

/var/log/univention/directory-manager-rest.log
--------------------------------------------------------------
20.11.19 20:21:50       ERROR      (    22834) : Uncaught exception POST /udm/users/self/ (0.0.0.0)
    HTTPServerRequest(protocol='http', host='m66.uni.dtr', method='POST', uri='/udm/users/self/', version='HTTP/1.1', remote_ip='0.0.0.0', headers={'X-Umc-Https': 'on', 'Content-Length': '38', 'Via': '1.1 m66.uni.dtr', 'Accept-Encoding': 'gzip,deflate', 'X-Forwarded-Host': 'm66.uni.dtr', 'X-Forwarded-For': '10.205.2.33', 'Host': 'm66.uni.dtr', 'Accept': 'application/json', 'User-Agent': 'curl/7.64.0', 'Connection': 'close', 'X-Forwarded-Proto': 'https', 'X-Forwarded-Server': 'm66.uni.dtr', 'Content-Type': 'application/json', 'X-Forwarded-Ssl': 'on', 'Authorization': 'Basic QWRtaW5pc3RyYXRvcjp1bml2ZW50aW9u'})
    Traceback (most recent call last):
      File "/usr/lib/python2.7/dist-packages/tornado/web.py", line 1469, in _execute
        result = yield result
      File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 1015, in run
        value = future.result()
      File "/usr/lib/python2.7/dist-packages/tornado/concurrent.py", line 237, in result
        raise_exc_info(self._exc_info)
      File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 1021, in run
        yielded = self.gen.throw(*exc_info)
      File "/usr/lib/python2.7/dist-packages/univention/admin/rest/module.py", line 2511, in post
        obj = yield obj.create(object_type)
      File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 1015, in run
        value = future.result()
      File "/usr/lib/python2.7/dist-packages/tornado/concurrent.py", line 237, in result
        raise_exc_info(self._exc_info)
      File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 285, in wrapper
        yielded = next(result)
      File "/usr/lib/python2.7/dist-packages/univention/admin/rest/module.py", line 2866, in create
        obj.open()
      File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/users/user.py", line 1311, in open
        self._set_default_group()
      File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/users/user.py", line 1347, in _set_default_group
        primary_group_from_template = self['primaryGroup']
      File "/usr/lib/python2.7/dist-packages/univention/admin/handlers/__init__.py", line 479, in __getitem__
        elif key not in self.__no_default and self.descriptions[key].editable:
    KeyError: 'primaryGroup'
Comment 1 Philipp Hahn univentionstaff 2021-05-11 18:16:48 CEST
Created attachment 10720 [details]
fix[udm]: Fix users/self

UDM modules "users/self" is broken:

pdb2 /usr/lib/python2.7/dist-packages/univention/admincli/admin.py users/self list  --binddn "uid=Administrator,cn=users,$(ucr get ldap/base)" --bindpwd univention

pdb3 /usr/lib/python3/dist-packages/univention/admincli/admin.py users/self list --binddn "uid=Administrator,cn=users,$(ucr get ldap/base)" --bindpwd univention

Traceback (most recent call last):
  File "/usr/lib/python3.7/pdb.py", line 1701, in main
    pdb._runscript(mainpyfile)
  File "/usr/lib/python3.7/pdb.py", line 1570, in _runscript
    self.run(statement)
  File "/usr/lib/python3.7/bdb.py", line 585, in run
    exec(cmd, globals, locals)
  File "<string>", line 1, in <module>
  File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 1079, in <module>
    print('\n'.join(doit(sys.argv)))
  File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 379, in doit
    out = _doit(arglist)
  File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 656, in _doit
    out.extend(cli.list(list_policies, filter, superordinate_dn, policyOptions, policies_with_DN))
  File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 688, in list
    return self._list(self.module_name, self.module, self.dn, self.lo, self.position, self.superordinate, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 956, in _list
    s = module.property_descriptions[key].syntax
KeyError: 'birthday'


The problem here is that "users/self" re-uses "users/user" for the lookup and returns an "univention.admin.handlers.users.user.object" instance.
But "univention.admincli.admin._list()" uses "univention.admin.handlers.users.self" to process the "property_description", which is empty.


(Pdb) p module_name
'users/self'
(Pdb) p module
<module 'univention.admin.handlers.users.self' from '/usr/lib/python3/dist-packages/univention/admin/handlers/users/self.py'>
                                         ^^^^
(Pdb) p object
<univention.admin.handlers.users.user.object object at 0x7fa8a8e1a898>
                                 ^^^^
Comment 2 Philipp Hahn univentionstaff 2021-05-12 13:44:57 CEST
Created attachment 10721 [details]
fix[udm]: Fix users/self
Comment 3 Florian Best univentionstaff 2022-11-04 14:12:58 CET
Works now:

udm users/user create --set username=test2 --set password=univention --set lastname=foo --append groups='cn=Domain Admins,cn=groups,l=school,l=dev'
curl -i -k -X PATCH -H "Accept: application/json" -H "Content-Type: application/json" -u test2:univention "http://localhost/univention/udm/users/self/uid=test2,$ldap_base" --data '{"properties": {"firstname": "test02"}}'

(In reply to Philipp Hahn from comment #2)
> Created attachment 10721 [details]
> fix[udm]: Fix users/self

The first hunks are already applied. The last hunk is incorrect as it ignores the given `base` argument, so that a users/self lookup with base='cn=computers,$ldap_base` would also find that object.
Comment 4 Daniel Tröder univentionstaff 2022-11-07 09:14:50 CET
I haven't looked at the solution, just at the comment:

(In reply to Florian Best from comment #3)
> .. PATCH ..

The problem was found using POST. Don't know if that's fixed as well.
Comment 5 Florian Best univentionstaff 2022-11-07 09:16:44 CET
(In reply to Daniel Tröder from comment #4)
> I haven't looked at the solution, just at the comment:
> 
> (In reply to Florian Best from comment #3)
> > .. PATCH ..
> 
> The problem was found using POST. Don't know if that's fixed as well.

the POST command doesn't raise that exception anymore but tells you that you cannot create a users/self object.