First Last Prev Next    This bug is not in your last search results.
Bug 56335 - Self-Service forwarding to Primary doesn't work
Self-Service forwarding to Primary doesn't work
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UMC (Generic)
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-4-errata
Assigned To: Florian Best
Christian Castens
https://git.knut.univention.de/univen...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2023-07-18 16:02 CEST by Florian Best
Modified: 2024-02-23 13:48 CET (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 3: Will affect average number of installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.171
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): External feedback, Regression
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2023-07-18 16:02:16 CEST 
Since UCS 5.0-4 the forwarding of self-service requests from DC Backups to DC Primary doesn't work anymore due to a error in the matched request path.

The requests from DC backup to DC Primary are done with the URL: "/univention/command//univention/command/"….

==> /var/log/apache2/access.log <==
10.0.215.100 - - [18/Jul/2023:15:40:35 +0200] "POST /univention/command//univention/command/passwordreset/get_user_attributes_descriptions HTTP/1.1" 403 4569 "-" "UCS/5.0 (univention.lib.umc/4-errata726)"

The symtpoms are error messages with HTTP 403 Forbidden errors saying:
{
    "status": 403,
    "message": "Es wurde kein Modul für diese Anfrage gefunden.",
}

Patch:
--- /usr/lib/python3/dist-packages/univention/management/console/modserver.py	2023-07-18 15:57:01.761613961 +0200
+++ /usr/lib/python3/dist-packages/univention/management/console/modserver.pyfixed	2023-07-18 15:56:46.829549015 +0200
@@ -130,7 +130,7 @@
         routes = self.__handler.tornado_routes if self.__handler else []
         application = Application(routes + [
             (r'/exit', Exit),
-            (r'(.*)', Handler, {'server': self, 'handler': self.__handler}),
+            (r'/univention/(?:command|upload)/(.*)', Handler, {'server': self, 'handler': self.__handler}),
         ], serve_traceback=ucr.is_true('umc/http/show_tracebacks', True))
 
         signal.signal(signal.SIGALRM, self.signal_handler_alarm)
Comment 2 Florian Best univentionstaff 2023-07-18 16:05:19 CEST 
The whole request path was part of request.arguments[0] which is used here:

management/univention-self-service/umc/python/passwordreset/__init__.py
 100                 client = Client(SELFSERVICE_MASTER, language=language)                                                                                                                                                                    
 101                 client.authenticate_with_machine_account()                                                                                                                                                                                
 102                 response = client.umc_command(request.arguments[0], request.options)
Comment 3 Florian Best univentionstaff 2023-07-18 16:55:24 CEST 
Reported in Forum: https://help.univention.com/t/problem-with-self-service-after-update-5-0-4/21677
Comment 4 Florian Best univentionstaff 2023-07-18 17:34:12 CEST 
Patch applied.

univention-management-console.yaml
607496b76420 | fix(umc-modules): fix HTTP path in request.arguments

univention-management-console (12.0.31-8)
607496b76420 | fix(umc-modules): fix HTTP path in request.arguments
Comment 5 Christian Castens univentionstaff 2023-07-19 13:38:34 CEST 
QA:
  request paths are fixed:  OK
  advisories:  OK
  no related traceback/errors in logfiles:  OK
First Last Prev Next    This bug is not in your last search results.