First Last Prev Next    This bug is not in your last search results.
Bug 55226 - UDM REST API returns None if value is False for pwdChangeNextLogin
UDM REST API returns None if value is False for pwdChangeNextLogin
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UDM - REST API
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-2-errata
Assigned To: Florian Best
Johannes Lohmer
https://git.knut.univention.de/univen...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-09-26 19:31 CEST by Carlos García-Mauriño
Modified: 2022-09-29 12:38 CEST (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): API change
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos García-Mauriño univentionstaff 2022-09-26 19:31:25 CEST 
`pwdChangeNextLogin` is set to null if set to false from UDM REST API. This behavior is confusing and prevents the variable from being modeled as a boolean variable.

The bug can be replicated with the following script (adapt the fqdn and user_dn). You will see that after setting it to false you get null. When setting it to true you get true (as expected).


```bash
#!/usr/bin/env /usr/bin/bash

fqdn=ucs-5989.skurup-68-5.intranet
credentials=Administrator:univention
user_dn='uid=demo_student,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=skurup-68-5,dc=intranet'
new_value=false

# get the user
curl -X GET -H "Accept: application/json" --dump-header user.headers   https://$credentials@$fqdn/univention/udm/users/user/$user_dn | python3 -m json.tool > user.json

# display current value
jq '.properties.pwdChangeNextLogin' user.json
sed -i "s/\"pwdChangeNextLogin\": .*,/\"pwdChangeNextLogin\": $new_value,/" user.json
# display changed value
jq '.properties.pwdChangeNextLogin' user.json

# post changes
etag="$(grep -oP "(?<=Etag: \").*(?=\")" user.headers)"
curl -X PUT -H "Accept: application/json"   -H "Content-Type: application/json"   -H "If-Match: \"$etag\""   "https://$credentials@$fqdn/univention/udm/users/user/$user_dn" --data @user.json

# get the user
curl -X GET -H "Accept: application/json" --dump-header user.headers   https://$credentials@$fqdn/univention/udm/users/user/$user_dn | python3 -m json.tool > user.json

# display changed value
jq '.properties.pwdChangeNextLogin' user.json
```
Comment 1 Florian Best univentionstaff 2022-09-27 10:33:32 CEST 
Patch in https://git.knut.univention.de/univention/ucs/-/merge_requests/518

users/user:pwdChangeNextLogin has syntax `boolean` which has type `BooleanType`. That only evaluates `"0"` to `False`. But users/user doesn't set `"0"' when unmapping the value from LDAP.
Simply unmapping that falsy default will fix the problem.
Comment 2 Florian Best univentionstaff 2022-09-27 12:56:30 CEST 
Reproduced and verified via:
curl -s http://Administrator:univention@localhost/univention/udm/users/user/uid=Administrator,cn=users,$(ucr get ldap/base) -H "Accept: application/json" | python -m json.tool | grep pwdChangeNextLogin
        "pwdChangeNextLogin": false,

Fixed in:

univention-directory-manager-modules.yaml
9121a8de53a6 | Bug #55226: unmap False for users/user:pwdChangeNextLogin

univention-directory-manager-modules (15.0.13-8)
9121a8de53a6 | Bug #55226: unmap False for users/user:pwdChangeNextLogin
Comment 3 Johannes Lohmer univentionstaff 2022-09-27 14:09:47 CEST 
OK: Code, no regressions found
OK: Changelog
OK: Yaml
OK: Problem reproduced
OK: Package Built
OK: Problem fixed in Patch and delivered in built Package
OK: Test case fixed
First Last Prev Next    This bug is not in your last search results.