Univention Bugzilla – Bug 48047
Regression: Extended attributes on users/self not savable
Last modified: 2018-12-05 14:39:23 CET
Following this cool solution (https://wiki.univention.de/index.php/Cool_Solution_-_User_Self-Service_with_extended_Attributes) a user can edit properties of his own user account via UMC. Bug 46529 fixed that properties that have a default value but were previously empty would by ignored when saving (and therefore the default value not getting set) Due to bug 46529 being fixed, an attempt is now made to save these empty properties with default values but since they are not present on the users/self module this error is raised: raise UMC_OptionMissing(_('Property %s not found') % property_name)
d99eccb798 Bug #48047: ignore default values for props not in the form f2b1ace7e6 Bug #48047: properly reload object when saving in users/self module 193b04fe7d Bug #48047: Debian changelog 70751e73c0 Bug #48047: YAML - add entry 2e3ca3e4c8 Bug #48047: Merge branch 'jkeiser/4.3-2/48047/users_self_default_values' into 4.3-2 dece9180a5 Bug #48047: YAML - update version Successful build Package: univention-management-console-module-udm Version: 8.0.5-25A~4.3.0.201811191824
After following the cool solution and upgrading to the latest packages from the testing Repo I got these results from using the self service as Administrator or my test user: With Administrator 20.11.18 09:13:34.399 DEBUG_INIT 20.11.18 09:13:35.759 MODULE ( PROCESS ) : Loading python module. 20.11.18 09:13:36.340 MODULE ( PROCESS ) : Imported python module. 20.11.18 09:13:36.345 MODULE ( PROCESS ) : Module instance created. 20.11.18 09:13:36.352 MODULE ( PROCESS ) : Module socket initialized. 20.11.18 09:13:36.404 MODULE ( PROCESS ) : Setting user LDAP DN 'uid=Administrator,cn=users,dc=realm2,dc=intranet' 20.11.18 09:13:36.404 MODULE ( PROCESS ) : Setting auth type to None 20.11.18 09:13:36.405 MODULE ( PROCESS ) : Initializing module. 20.11.18 09:13:36.431 MAIN ( PROCESS ) : LDAP bind for user 'uid=Administrator,cn=users,dc=realm2,dc=intranet'. 20.11.18 09:13:40.566 MODULE ( ERROR ) : Identified module policies/admin_user for cn=default-admins,cn=admin-settings,cn=users,cn=policies,dc=realm2,dc=intranet (flavor=None) does not have a relating UDM module. 20.11.18 09:13:59.365 MODULE ( PROCESS ) : Property homeSharePath not found With test user: 20.11.18 09:14:50.503 DEBUG_INIT 20.11.18 09:14:51.379 MODULE ( PROCESS ) : Loading python module. 20.11.18 09:14:51.620 MODULE ( PROCESS ) : Imported python module. 20.11.18 09:14:51.620 MODULE ( PROCESS ) : Module instance created. 20.11.18 09:14:51.620 MODULE ( PROCESS ) : Module socket initialized. 20.11.18 09:14:51.623 MODULE ( PROCESS ) : Setting user LDAP DN 'uid=mm,cn=users,dc=realm2,dc=intranet' 20.11.18 09:14:51.623 MODULE ( PROCESS ) : Setting auth type to None 20.11.18 09:14:51.623 MODULE ( PROCESS ) : Initializing module. 20.11.18 09:14:51.701 MAIN ( PROCESS ) : LDAP bind for user 'uid=mm,cn=users,dc=realm2,dc=intranet'. 20.11.18 09:14:55.725 MODULE ( WARN ) : Failed to modify LDAP object uid=mm,cn=users,dc=realm2,dc=intranet: permissionDenied: To avoid any problems in that regard I restarted all services and even tried a reboot of the machine. The ACL code from the cool solution is in the slapd.conf and the test user is part of the group Domain Users, which has the UMC policy default-umc-users which contains the operation set udm-self. I also tried to give the test user the umc policy udm-self directly. No change. The test user had the error described in this ticket (property disabled not found) before upgrading to test packages.
I have a snapshot of that state if needed.
"Property .+ not found" is from: ----------------- def validate(self, request): for property_name, value in request.options.get('properties').items(): property_obj = module.get_property(property_name) if property_obj is None: raise UMC_OptionMissing(_('Property %s not found') % property_name) ----------------- def get_property(self, property_name): return getattr(self.module, 'property_descriptions', {}).get(property_name, None) ----------------- But in handlers/users/self.py: ----------------- property_descriptions = {} ----------------- So this can never work.
(In reply to Ole Schwiegert from comment #2) > After following the cool solution and upgrading to the latest packages from > the testing Repo I got these results from using the self service as > Administrator or my test user: > > With Administrator > > 20.11.18 09:13:34.399 DEBUG_INIT > 20.11.18 09:13:35.759 MODULE ( PROCESS ) : Loading python module. > 20.11.18 09:13:36.340 MODULE ( PROCESS ) : Imported python module. > 20.11.18 09:13:36.345 MODULE ( PROCESS ) : Module instance created. > 20.11.18 09:13:36.352 MODULE ( PROCESS ) : Module socket initialized. > 20.11.18 09:13:36.404 MODULE ( PROCESS ) : Setting user LDAP DN > 'uid=Administrator,cn=users,dc=realm2,dc=intranet' > 20.11.18 09:13:36.404 MODULE ( PROCESS ) : Setting auth type to None > 20.11.18 09:13:36.405 MODULE ( PROCESS ) : Initializing module. > 20.11.18 09:13:36.431 MAIN ( PROCESS ) : LDAP bind for user > 'uid=Administrator,cn=users,dc=realm2,dc=intranet'. > 20.11.18 09:13:40.566 MODULE ( ERROR ) : Identified module > policies/admin_user for > cn=default-admins,cn=admin-settings,cn=users,cn=policies,dc=realm2, > dc=intranet (flavor=None) does not have a relating UDM module. > 20.11.18 09:13:59.365 MODULE ( PROCESS ) : Property homeSharePath not > found As discussed this was a caching problem > With test user: > > 20.11.18 09:14:50.503 DEBUG_INIT > 20.11.18 09:14:51.379 MODULE ( PROCESS ) : Loading python module. > 20.11.18 09:14:51.620 MODULE ( PROCESS ) : Imported python module. > 20.11.18 09:14:51.620 MODULE ( PROCESS ) : Module instance created. > 20.11.18 09:14:51.620 MODULE ( PROCESS ) : Module socket initialized. > 20.11.18 09:14:51.623 MODULE ( PROCESS ) : Setting user LDAP DN > 'uid=mm,cn=users,dc=realm2,dc=intranet' > 20.11.18 09:14:51.623 MODULE ( PROCESS ) : Setting auth type to None > 20.11.18 09:14:51.623 MODULE ( PROCESS ) : Initializing module. > 20.11.18 09:14:51.701 MAIN ( PROCESS ) : LDAP bind for user > 'uid=mm,cn=users,dc=realm2,dc=intranet'. > 20.11.18 09:14:55.725 MODULE ( WARN ) : Failed to modify LDAP > object uid=mm,cn=users,dc=realm2,dc=intranet: permissionDenied: > I don't think that the ACL part of the article not working is part of this Bug
Agreed. Changelog & Advisories: OK After installing the testing packages the users/self module no longer tries to save values that are not in the form: OK The ACL problem should be addressed separately.
<http://errata.software-univention.de/ucs/4.3/351.html>