First Last Prev Next    This bug is not in your last search results.
Bug 56589 - Saving changes in Administrative workgroups removes mail address
Saving changes in Administrative workgroups removes mail address
Status: CLOSED FIXED
Product: UCS@school
Classification: Unclassified
Component: UMC - Classes / Teachers / Workgroup assignment
UCS@school 5.0
Other Linux
: P5 normal (vote)
: UCS@school 5.0 v4-errata
Assigned To: Johannes Keiser
Tobias Wenzel
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2023-09-14 13:04 CEST by Wolfgang Bayrhof
Modified: 2023-11-16 14:21 CET (History)
8 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 5: Blocking further progress on the daily work
User Pain: 0.114
Enterprise Customer affected?:
School Customer affected?: Yes
ISV affected?:
Waiting Support: Yes
Flags outvoted (downgraded) after PO Review:
Ticket number: 2023090621000391
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Wolfgang Bayrhof univentionstaff 2023-09-14 13:04:19 CEST 
This behavior is reproducible and was tested with:

UCS: 5.0-4 errata794
ucsschool=5.0 v4


The "mail address" of a group, which was set via "Groups" -> "Advanced Settings" is deleted after saving changes or editing the group via "Administrative workgroups".

This happens even without any changes just by pressing the button "save changes".

BTW: The mail address is in the module "Administrative workgroups" not visible in any case. There is a greyed out field "Email address" seemingly without any content. The next time (after the above bug happened) the lower email part in the regarding workgroup is gone.

There is no useful workaround or recommendation for the customer.

snip from management-console-module-schoolgroups.log (debug-level 4)

14.09.23 12:59:29.102  MODULE      ( PROCESS ) : Received request 'schoolgroups/put': ('hugoschooladmin', 'workgroup-admin', None, 'en_US.UTF-8')
14.09.23 12:59:29.119  LDAP        ( ALL     ) : establishing new connection with retry_max=11
14.09.23 12:59:29.130  LDAP        ( ALL     ) : bind binddn=cn=ms1-primary,cn=dc,cn=computers,dc=musterschule1,dc=intranet
14.09.23 12:59:29.146  LDAP        ( ALL     ) : uldap.search filter=(&(cn=*)(|(&(objectClass=univentionGroup))(&(objectClass=sambaGroupMapping)))) base=cn=DEMOSCHOOL-workgroup1,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.150  ADMIN       ( ALL     ) : admin.hook.schoolAdminGroup: _open called
14.09.23 12:59:29.150  LDAP        ( ALL     ) : uldap.search filter=(&(objectClass=posixGroup)(uniqueMember=cn=DEMOSCHOOL-workgroup1,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet)) base= scope=sub attr=['dn'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.152  ADMIN       ( INFO    ) : groups/group: open(): member check duration: 0.00s
14.09.23 12:59:29.153  LDAP        ( ALL     ) : uldap.search filter=(&(univentionObjectType=users/user)(!(uidNumber=0))(!(univentionObjectFlag=functional))) base=uid=vschueler1,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*', 'pwdAccountLockedTime', 'memberOf'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.179  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _open called
14.09.23 12:59:29.179  LDAP        ( ALL     ) : uldap.search filter=(&(|(objectClass=posixGroup)(objectClass=sambaGroupMapping))(gidNumber=5025)) base= scope=sub attr=['dn'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.186  LDAP        ( ALL     ) : uldap.search filter=(&(univentionObjectType=users/user)(!(uidNumber=0))(!(univentionObjectFlag=functional))) base=uid=vschueler2,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*', 'pwdAccountLockedTime', 'memberOf'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.206  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _open called
14.09.23 12:59:29.208  MODULE      ( INFO    ) : Modifying group "cn=DEMOSCHOOL-workgroup1,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet" with members: ['uid=vschueler1,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet', 'uid=vschueler2,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet']
14.09.23 12:59:29.208  MODULE      ( INFO    ) : New members: ['uid=vschueler1,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet', 'uid=vschueler2,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet']
14.09.23 12:59:29.208  MODULE      ( INFO    ) : Removed members: set()
14.09.23 12:59:29.208  LDAP        ( ALL     ) : uldap.search filter=(&(univentionObjectType=users/user)(!(uidNumber=0))(!(univentionObjectFlag=functional))) base=uid=vschueler1,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*', 'pwdAccountLockedTime', 'memberOf'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.212  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _open called
14.09.23 12:59:29.212  LDAP        ( ALL     ) : uldap.search filter=(&(|(objectClass=posixGroup)(objectClass=sambaGroupMapping))(gidNumber=5025)) base= scope=sub attr=['dn'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.215  LDAP        ( ALL     ) : uldap.search filter=(&(univentionObjectType=users/user)(!(uidNumber=0))(!(univentionObjectFlag=functional))) base=uid=vschueler2,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*', 'pwdAccountLockedTime', 'memberOf'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.219  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _open called
14.09.23 12:59:29.220  LDAP        ( ALL     ) : uldap.search filter=(&(univentionObjectType=users/user)(!(uidNumber=0))(!(univentionObjectFlag=functional))) base=uid=vschueler1,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*', 'pwdAccountLockedTime', 'memberOf'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.223  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _open called
14.09.23 12:59:29.225  LDAP        ( ALL     ) : uldap.search filter=(&(univentionObjectType=users/user)(!(uidNumber=0))(!(univentionObjectFlag=functional))) base=uid=vschueler2,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*', 'pwdAccountLockedTime', 'memberOf'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.228  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _open called
14.09.23 12:59:29.231  LDAP        ( ALL     ) : uldap.search filter=(&(objectClass=organizationalUnit)(!(objectClass=univentionBase))) base=ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.232  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _open called
14.09.23 12:59:29.232  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _open called
14.09.23 12:59:29.237  ADMIN       ( ALL     ) : admin.hook.schoolAdminGroup: _open called
14.09.23 12:59:29.237  LDAP        ( ALL     ) : uldap.search filter=(&(objectClass=posixGroup)(uniqueMember=cn=DEMOSCHOOL-workgroup1,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet)) base= scope=sub attr=['dn'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : values are identical: memberOf:[]
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : values are identical: hosts:[]
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : values are identical: nestedGroup:[]
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : groups/group: open(): member check duration: 0.00s
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : values are identical: ucsschoolRole:['workgroup:school:DEMOSCHOOL']
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : values are identical: description:
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : values are identical: name:DEMOSCHOOL-workgroup1
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : values are identical: allowedEmailUsers:['uid=vschueler1,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet', 'uid=vschueler2,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet']
14.09.23 12:59:29.238  ADMIN       ( INFO    ) : values are identical: allowedEmailGroups:[]
14.09.23 12:59:29.239  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _ldap_pre_modify called
14.09.23 12:59:29.239  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _ldap_modlist called
14.09.23 12:59:29.239  ADMIN       ( INFO    ) : simpleLdap._modify: extended attribute='objectFlag'  oc='univentionObject'
14.09.23 12:59:29.239  ADMIN       ( INFO    ) : simpleLdap._modify: extended attribute='serviceprovidergroup'  oc='univentionSAMLEnabledGroup'
14.09.23 12:59:29.239  ADMIN       ( INFO    ) : simpleLdap._modify: extended attribute='school'  oc='ucsschoolAdministratorGroup'
14.09.23 12:59:29.239  ADMIN       ( INFO    ) : simpleLdap._modify: extended attribute='ucsschoolRole'  oc='ucsschoolGroup'
14.09.23 12:59:29.239  ADMIN       ( INFO    ) : simpleLdap._modify: extended attribute='ucsschoolImportSchool'  oc='ucsschoolImportGroup'
14.09.23 12:59:29.239  ADMIN       ( INFO    ) : simpleLdap._modify: extended attribute='ucsschoolImportRole'  oc='ucsschoolImportGroup'
14.09.23 12:59:29.239  LDAP        ( ALL     ) : mod dn=cn=DEMOSCHOOL-workgroup1,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet ml=[('mailPrimaryAddress', b'workgroup1@demoschool.example.com', b'')]
14.09.23 12:59:29.239  LDAP        ( ALL     ) : uldap.modify cn=DEMOSCHOOL-workgroup1,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet
14.09.23 12:59:29.261  ADMIN       ( INFO    ) : admin.syntax.hook.simpleHook: _ldap_post_modify called
14.09.23 12:59:29.265  LDAP        ( ALL     ) : uldap.search filter=(&(cn=*)(|(&(objectClass=univentionGroup))(&(objectClass=sambaGroupMapping)))(cn=DEMOSCHOOL-workgroup1)) base=dc=musterschule1,dc=intranet scope=sub attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.269  ADMIN       ( ALL     ) : admin.hook.schoolAdminGroup: _open called
14.09.23 12:59:29.269  LDAP        ( ALL     ) : uldap.search filter=(&(objectClass=posixGroup)(uniqueMember=cn=DEMOSCHOOL-workgroup1,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet)) base= scope=sub attr=['dn'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.270  ADMIN       ( INFO    ) : groups/group: open(): member check duration: 0.00s
14.09.23 12:59:29.284  LDAP        ( ALL     ) : establishing new connection with retry_max=11
14.09.23 12:59:29.289  LDAP        ( ALL     ) : bind binddn=cn=ms1-primary,cn=dc,cn=computers,dc=musterschule1,dc=intranet
14.09.23 12:59:29.316  LDAP        ( ALL     ) : uldap.search filter=(&(objectClass=univentionShare)) base=cn=DEMOSCHOOL-workgroup1,cn=shares,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.321  ADMIN       ( INFO    ) : values are identical: printablename:DEMOSCHOOL-workgroup1 (DEMOSCHOOL.musterschule1.intranet)
14.09.23 12:59:29.322  ADMIN       ( INFO    ) : values are identical: name:DEMOSCHOOL-workgroup1
14.09.23 12:59:29.322  ADMIN       ( INFO    ) : values are identical: ucsschoolRole:['workgroup_share:school:DEMOSCHOOL']
14.09.23 12:59:29.322  ADMIN       ( INFO    ) : simpleLdap._modify: extended attribute='ucsschoolRole'  oc='ucsschoolShare'
14.09.23 12:59:29.323  LDAP        ( ALL     ) : mod dn=cn=DEMOSCHOOL-workgroup1,cn=shares,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet ml=[]
14.09.23 12:59:29.323  LDAP        ( ALL     ) : uldap.modify cn=DEMOSCHOOL-workgroup1,cn=shares,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet
14.09.23 12:59:29.323  LDAP        ( ALL     ) : uldap.search filter=(&(objectClass=univentionShare)) base=cn=DEMOSCHOOL-workgroup1,cn=shares,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=base attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.327  MODULE      ( INFO    ) : Modified, group has now members: ['uid=vschueler2,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet', 'uid=vschueler1,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet']
14.09.23 12:59:29.327  MODULE      ( ALL     ) : Executed handler
14.09.23 12:59:29.398  MODULE      ( PROCESS ) : Received request 'schoolgroups/query': ('hugoschooladmin', 'workgroup-admin', None, 'en_US.UTF-8')
14.09.23 12:59:29.400  LDAP        ( ALL     ) : uldap.search filter=(&(cn=*)(|(&(objectClass=univentionGroup))(&(objectClass=sambaGroupMapping)))(|(cn=DEMOSCHOOL-*)(description=DEMOSCHOOL-*)(mailPrimaryAddress=DEMOSCHOOL-*))) base=cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet scope=sub attr=['entryCSN', 'entryUUID', 'modifyTimestamp', '*'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.431  ADMIN       ( ALL     ) : admin.hook.schoolAdminGroup: _open called
14.09.23 12:59:29.432  LDAP        ( ALL     ) : uldap.search filter=(&(objectClass=posixGroup)(uniqueMember=cn=DEMOSCHOOL-workgroup1,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=musterschule1,dc=intranet)) base= scope=sub attr=['dn'] unique=0 required=0 timeout=-1 sizelimit=0
14.09.23 12:59:29.433  ADMIN       ( INFO    ) : groups/group: open(): member check duration: 0.00s
14.09.23 12:59:29.434  MODULE      ( ALL     ) : Executed handler
Comment 1 Wolfgang Bayrhof univentionstaff 2023-09-14 13:17:18 CEST 
Additional info:
If the error occurred and the email address is gone, and then the administrative workgroup is changed again, the “users allowed to send emails to the group” will also disappear.
Comment 2 Wolfgang Bayrhof univentionstaff 2023-09-27 11:18:55 CEST 
Customer wrote to us, that he had to repair dozens of groups again by hand. They don't notice when a user is added to a group at a school.

I've changed cfprio to 5, because we DON'T have a workaround for the customer!
Comment 3 Johannes Königer univentionstaff 2023-10-06 12:19:17 CEST 
Seems like it is a frontend bug.

On a GET request we receive the email address, but we neither show the email in the frontend, nor send it back via the PUT:

GET

```json
{
  "result":[
    {
      "$dn$":"cn=DEMOSCHOOL-example_group,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=school,dc=test",
      "objectType":"groups/group",
      "school":"DEMOSCHOOL",
      "ucsschool_roles":[
        "workgroup:school:DEMOSCHOOL"
      ],
      "description":"An example group.",
      "name":"example_group",
      "email":"demo@demoschool.example.com",
      "allowed_email_senders_users":[ ],
      "allowed_email_senders_groups":[ ],
      "create_share":true,
      "create_email":true,
      "email_exists":true,
      "members":[
        {
          "id":"uid=demo_teacher,cn=lehrer,cn=users,ou=DEMOSCHOOL,dc=school,dc=test",
          "label":"Teacher, Demo (demo_teacher)"
        },
        {
          "id":"uid=demo_student,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=school,dc=test",
          "label":"Student, Demo (demo_student)"
        },
        {
          "id":"uid=demo_staff,cn=mitarbeiter,cn=users,ou=DEMOSCHOOL,dc=school,dc=test",
          "label":"Staff, Demo (demo_staff)"
        }
      ]
    }
  ],
  "error":null,
  "reason":null,
  "status":200
}

```


PUT

```json
{
  "options":[
    {
      "object":{
        "school":"DEMOSCHOOL",
        "name":"example_group",
        "description":"An example group.",
        "members":[
          "uid=demo_staff,cn=mitarbeiter,cn=users,ou=DEMOSCHOOL,dc=school,dc=test",
          "uid=demo_student,cn=schueler,cn=users,ou=DEMOSCHOOL,dc=school,dc=test",
          "uid=demo_teacher,cn=lehrer,cn=users,ou=DEMOSCHOOL,dc=school,dc=test"
        ],
        "create_share":true,
        "email_exists":true,
        "create_email":true,
        "email":"",
        "allowed_email_senders_users":[ ],
        "allowed_email_senders_groups":[ ],
        "$dn$":"cn=DEMOSCHOOL-example_group,cn=schueler,cn=groups,ou=DEMOSCHOOL,dc=school,dc=test"
      },
      "options":null
    }
  ],
  "flavor":"workgroup-admin"
}
```
Comment 7 Johannes Keiser univentionstaff 2023-11-14 15:56:34 CET 
83182c7e8 Bug #56589: advisory
d5d7b06f0 Bug #56589: fix "Administrate workgroups" module not showing set emai

Successful build
Package: ucs-school-umc-groups
Version: 10.0.10
Branch: ucs_5.0-0
Scope: ucs-school-5.0

Successful build
Package: ucs-test-ucsschool
Version: 7.3.151
Branch: ucs_5.0-0
Scope: ucs-school-5.0
Comment 8 Tobias Wenzel univentionstaff 2023-11-15 16:01:59 CET 
Code Review: OK
Reproduce problem: OK
Changes fix problem: OK
Comment 9 J Leadbetter univentionstaff 2023-11-16 14:21:07 CET 
Errata updates for UCS@school 5.0 v4 have been released.

https://docs.software-univention.de/ucsschool-changelog/5.0v4/en/changelog.html
https://docs.software-univention.de/ucsschool-changelog/5.0v4/de/changelog.html

If this error occurs again, please clone this bug.
First Last Prev Next    This bug is not in your last search results.