Univention Bugzilla – Bug 55226
UDM REST API returns None if value is False for pwdChangeNextLogin
Last modified: 2022-09-29 12:38:54 CEST
`pwdChangeNextLogin` is set to null if set to false from UDM REST API. This behavior is confusing and prevents the variable from being modeled as a boolean variable. The bug can be replicated with the following script (adapt the fqdn and user_dn). You will see that after setting it to false you get null. When setting it to true you get true (as expected). ```bash #!/usr/bin/env /usr/bin/bash fqdn=ucs-5989.skurup-68-5.intranet credentials=Administrator:univention user_dn='uid=demo_student,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=skurup-68-5,dc=intranet' new_value=false # get the user curl -X GET -H "Accept: application/json" --dump-header user.headers https://$credentials@$fqdn/univention/udm/users/user/$user_dn | python3 -m json.tool > user.json # display current value jq '.properties.pwdChangeNextLogin' user.json sed -i "s/\"pwdChangeNextLogin\": .*,/\"pwdChangeNextLogin\": $new_value,/" user.json # display changed value jq '.properties.pwdChangeNextLogin' user.json # post changes etag="$(grep -oP "(?<=Etag: \").*(?=\")" user.headers)" curl -X PUT -H "Accept: application/json" -H "Content-Type: application/json" -H "If-Match: \"$etag\"" "https://$credentials@$fqdn/univention/udm/users/user/$user_dn" --data @user.json # get the user curl -X GET -H "Accept: application/json" --dump-header user.headers https://$credentials@$fqdn/univention/udm/users/user/$user_dn | python3 -m json.tool > user.json # display changed value jq '.properties.pwdChangeNextLogin' user.json ```
Patch in https://git.knut.univention.de/univention/ucs/-/merge_requests/518 users/user:pwdChangeNextLogin has syntax `boolean` which has type `BooleanType`. That only evaluates `"0"` to `False`. But users/user doesn't set `"0"' when unmapping the value from LDAP. Simply unmapping that falsy default will fix the problem.
Reproduced and verified via: curl -s http://Administrator:univention@localhost/univention/udm/users/user/uid=Administrator,cn=users,$(ucr get ldap/base) -H "Accept: application/json" | python -m json.tool | grep pwdChangeNextLogin "pwdChangeNextLogin": false, Fixed in: univention-directory-manager-modules.yaml 9121a8de53a6 | Bug #55226: unmap False for users/user:pwdChangeNextLogin univention-directory-manager-modules (15.0.13-8) 9121a8de53a6 | Bug #55226: unmap False for users/user:pwdChangeNextLogin
OK: Code, no regressions found OK: Changelog OK: Yaml OK: Problem reproduced OK: Package Built OK: Problem fixed in Patch and delivered in built Package OK: Test case fixed
<https://errata.software-univention.de/#/?erratum=5.0x439>