Bug 55684 – Password forgotten page broken after UCS 5.0-3 upgrade

Bug 55684 - Password forgotten page broken after UCS 5.0-3 upgrade


Summary:	Password forgotten page broken after UCS 5.0-3 upgrade

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Self Service
Version:	UCS 5.0
Hardware:	Other other

Importance:	P5 major (vote)
Target Milestone:	UCS 5.0-3-errata
Assigned To:	Maximilian Janßen
QA Contact:	Florian Best

URL:
Keywords:

Depends on:	55346
Blocks:
	Show dependency tree / graph

Reported:	2023-02-15 18:09 CET by Seb
Modified:	2023-02-22 13:03 CET (History)
CC List:	3 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	5: Will affect all installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.286
Enterprise Customer affected?:	Yes
School Customer affected?:
ISV affected?:
Waiting Support:	Yes
Flags outvoted (downgraded) after PO Review:
Ticket number:	2023021521000387, 2023021421000683, 2023021421000834, 2023021421000843, 2023021621000787, 2023021721000196, 2023021821000327, 2023022021000251, 2023022021000948, 2023022121000517
Bug group (optional):	Regression
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Seb 2023-02-15 18:09:02 CET

After the upgrade to 5.0-3 upgrade we receive this error when trying the password reset for a user on "/univention/self-service/#page=passwordreset":

Internal server error during "passwordreset/get_reset_methods".
Request: passwordreset/get_reset_methods

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/univention/management/console/base.py", line 351, in __error_handling
    six.reraise(etype, exc, etraceback)
  File "/usr/lib/python3/dist-packages/six.py", line 693, in reraise
    raise value
  File "/usr/lib/python3/dist-packages/univention/management/console/base.py", line 254, in execute
    function.__func__(self, request, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/passwordreset/__init__.py", line 109, in _decorator
    return func(self, request, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/passwordreset/__init__.py", line 169, in _decorated
    username = args[0].options["username"]
KeyError: 'username'


Checking the browser, it seems that the request to /univention/command/passwordreset/get_reset_methods 
is sent with an empty payload:
{"options":{}}

When modifying the request with
{"options":{"username":"foo123"}}
we get a 200 as expected. So it seems the frontend is not submitting the form field correctly.

Comment 1 Florian Best

2023-02-20 14:27:27 CET

Is this a DC Master/Primary which you are accessing via the browser?

In Bug #55346 we changed that "username" doesn't need to be set anymore in the request. That should be correct.

Comment 2 Seb 2023-02-20 14:40:55 CET

Unfortunately i cannot access Bug #55346, but our setup is a Master/Slave setup and the site is accessed on the master instance.

Comment 3 Mirac Erdemiroglu

2023-02-21 13:48:12 CET

Customer effected Ticket#2023021521000387

Interner Server-Fehler in "passwordreset/get_reset_methods".
KeyError: 'username'
    username = args[0].options["username"]
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/passwordreset/__init__.py", line 169, in _decorated

    return func(self, request, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/management/console/modules/passwordreset/__init__.py", line 109, in _decorator

    function.__func__(self, request, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/univention/management/console/base.py", line 254, in execute
    raise value
  File "/usr/lib/python3/dist-packages/six.py", line 693, in reraise
    six.reraise(etype, exc, etraceback)
  File "/usr/lib/python3/dist-packages/univention/management/console/base.py", line 351, in __error_handling
Traceback (most recent call last):

Request: passwordreset/get_reset_methods
Interner Server-Fehler in "passwordreset/get_reset_methods".
 

------------------------------------------------------------

12.02.23 13:27:42.398  MODULE      ( PROCESS ) : Loading Python module.

12.02.23 13:27:42.584  MODULE      ( PROCESS ) : Imported Python module.

12.02.23 13:27:42.584  MODULE      ( PROCESS ) : Module instance created.

12.02.23 13:27:42.584  MODULE      ( PROCESS ) : Module socket initialized.

12.02.23 13:27:42.636  MODULE      ( PROCESS ) : Setting user LDAP DN None

12.02.23 13:27:42.636  MODULE      ( PROCESS ) : Setting auth type to None

12.02.23 13:27:42.636  MODULE      ( PROCESS ) : Initializing module.

12.02.23 13:27:42.647  MODULE      ( PROCESS ) : get_plugins(): Loaded sending plugin class 'VerifyEmail' for sending method 'verify_email'.

12.02.23 13:27:42.652  MODULE      ( PROCESS ) : get_plugins(): Plugin class 'SendSMS' for sending method 'mobile' is disabled.

12.02.23 13:27:42.658  MODULE      ( PROCESS ) : get_plugins(): Plugin class 'SendWithExternal' for sending method 'None' is disabled.

12.02.23 13:27:42.661  MODULE      ( PROCESS ) : get_plugins(): Loaded sending plugin class 'SendEmail' for sending method 'email'.

12.02.23 13:27:42.663  MODULE      ( PROCESS ) : get_plugins(): plugin class 'VerifyEmail' for sending method 'verify_email': udm_property: 'PasswordRecoveryEmailVerified' token_length: '64'

12.02.23 13:27:42.663  MODULE      ( PROCESS ) : get_plugins(): plugin class 'SendEmail' for sending method 'email': udm_property: 'PasswordRecoveryEmail' token_length: '64'

12.02.23 13:27:42.666  MODULE      ( ERROR   ) : prevent_denial_of_service() could not find username argument. self: <univention.management.console.modules.passwordreset.Instance object at 0x7f222ef7c550> args: (<univention.manageme

  File "/usr/lib/python3/dist-packages/univention/management/console/modules/passwordreset/__init__.py", line 169, in _decorated

    username = args[0].options["username"]

KeyError: 'username'

 

12.02.23 13:27:42.667  MODULE      ( PROCESS ) : Interner Server-Fehler in "passwordreset/get_reset_methods".

12.02.23 13:28:06.199  MAIN        ( WARN    ) : Shutting down all open connections

12.02.23 13:28:06.199  MAIN        ( WARN    ) : Shutting down all open connections

Comment 4 Mirac Erdemiroglu

2023-02-21 13:53:18 CET

Ticket#2023021521000387 
since the update to
UCS 5.0-3 errata572

Comment 5 Florian Best

2023-02-21 18:35:09 CET

Reported another 9 times.

Comment 6 Florian Best

2023-02-22 10:51:51 CET

Max merged the changes in:
univention-self-service.yaml
b84fa09356b3 | Bug #55684: fix accessing self-service password reset methods

univention-self-service (5.0.6-2)
b84fa09356b3 | Bug #55684: fix accessing self-service password reset methods

Comment 7 Florian Best

2023-02-22 11:08:31 CET

OK: removal of DDoS protection for the get-reset-methods endpoint.
OK: YAML

Comment 8 Philipp Hahn

2023-02-22 13:03:40 CET

<https://errata.software-univention.de/#/?erratum=5.0x585>