First Last Prev Next    This bug is not in your last search results.
Bug 55394 - Error response when providing an invalid mailPrimaryAddress is incomplete
Error response when providing an invalid mailPrimaryAddress is incomplete
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UDM - REST API
UCS 5.0
Other Linux
: P5 enhancement (vote)
: UCS 5.0-2-errata
Assigned To: Florian Best
Iván.Delgado
https://git.knut.univention.de/univen...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-11-07 16:03 CET by Johannes Königer
Modified: 2022-11-22 11:36 CET (History)
2 users (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): API change
Max CVSS v3 score:
best: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Königer univentionstaff 2022-11-07 16:03:57 CET 
When changing the property "mailPrimaryAddress" via the UDM rest API to one which is not in the configured mail domains, the returned json content in the HTTP response body looks like this:

{
  "error": {
    "title": "Unprocessable Entity",
    "code": 422,
    "message": "1 error(s) occurred:\nRequest argument \"None\"  The domain part of the primary mail address is not in list of configured mail domains: abc@abc.com\n",
    "traceback": null,
    "error": {
      "null": " The domain part of the primary mail address is not in list of configured mail domains: abc@abc.com"
    }
  },
  ...
}

Instead of "null", the expected key should be "mailPrimaryAddress".
Comment 1 Florian Best univentionstaff 2022-11-07 16:07:40 CET 
Can you test this?:

diff --git management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py
index 334469f677..5609ea7890 100644
--- management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py
+++ management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py
@@ -1720,7 +1720,7 @@ class simpleLdap(object):
                for pname, prop in properties.items():
                        if hasattr(prop.syntax, 'checkLdap'):
                                if not self.exists() or self.hasChanged(pname):
-                                       prop.syntax.checkLdap(self.lo, self.info.get(pname))
+                                       prop.syntax.checkLdap(self.lo, self.info.get(pname), pname)
 
        def __prevent_ad_property_change(self):  # type: () -> None
                if not _prevent_to_change_ad_properties or not self._is_synced_object():
diff --git management/univention-directory-manager-modules/modules/univention/admin/syntax.py management/univention-directory-manager-modules/modules/univention/admin/syntax.py
index 18f4e5c25d..9b3de99621 100644
--- management/univention-directory-manager-modules/modules/univention/admin/syntax.py
+++ management/univention-directory-manager-modules/modules/univention/admin/syntax.py
@@ -2645,7 +2645,7 @@ class emailAddressValidDomain(UDM_Objects, emailAddress):
                return 'MailBox'
 
        @classmethod
-       def checkLdap(self, lo, mailaddresses):
+       def checkLdap(self, lo, mailaddresses, property='mailPrimaryAddress'):
                # convert mailaddresses to array if necessary
                mailaddresses = copy.deepcopy(mailaddresses)
                if isinstance(mailaddresses, str):
@@ -2669,7 +2669,7 @@ class emailAddressValidDomain(UDM_Objects, emailAddress):
                                        ud.debug(ud.ADMIN, ud.INFO, 'admin.syntax.%s: address=%r   domain=%r' % (self.name, mailaddress, domain))
 
                if faillist:
-                       raise univention.admin.uexceptions.valueError(self.errMsgDomain % (', '.join(faillist),))
+                       raise univention.admin.uexceptions.valueError(self.errMsgDomain % (', '.join(faillist),), property=property)
 
 
 class primaryEmailAddressValidDomain(emailAddressValidDomain):
Comment 2 Johannes Königer univentionstaff 2022-11-07 17:07:50 CET 
This works, but I had to add the property keyword argument to the other 'checkLdap' method in the 'simple' class:

diff --git a/management/univention-directory-manager-modules/modules/univention/admin/syntax.py b/management/univention-directory-manager-modules/modules/univention/admin/syntax.py
index c578342e96..ed180abd3e 100644
--- a/management/univention-directory-manager-modules/modules/univention/admin/syntax.py
+++ b/management/univention-directory-manager-modules/modules/univention/admin/syntax.py
@@ -370,7 +370,7 @@ class simple(ISyntax):
                        raise univention.admin.uexceptions.valueError(self.error_message)
 
        @classmethod
-       def checkLdap(self, lo, value):
+       def checkLdap(self, lo, value, property=None):
                # type: (access, Any) -> Any
                """
                Check the given value against the current LDAP state by
Comment 4 Florian Best univentionstaff 2022-11-10 09:32:36 CET 
The "checkLdap" method has been adapted to get the related property, so it can use this when raising exceptions.
The "checkLdap" method has been deprecated - we should replace this special case somewhen.

univention-directory-manager-modules.yaml
9c2ebf2f7284 | fix(udm): add property information to email address validation

univention-directory-manager-modules (15.0.13-14)
9c2ebf2f7284 | fix(udm): add property information to email address validation
Comment 5 Iván.Delgado univentionstaff 2022-11-11 13:53:25 CET 
Verified:
 * Advisory
 * ucs-test-udm-rest
 * PATCH request to modify mailPrimaryAddress works as expected.

curl -X PATCH "http://Administrator:univention@localhost/univention/udm/users/user/uid%3Dayolda10.spi%2Ccn%3Dschueler%2Ccn%3Dusers%2Cou%3Dschool1%2Cdc%3Ducs%2Cdc%3Dlocal" -H  "accept: application/json" -H  "Content-Type: application/json" -d "{\"properties\":{\"mailPrimaryAddress\":\"example@example.com\"}}"
First Last Prev Next    This bug is not in your last search results.