Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[1.3 beta] Regression: no users list #1608

Closed
pdepaepe opened this issue Dec 4, 2015 · 4 comments
Closed

[1.3 beta] Regression: no users list #1608

pdepaepe opened this issue Dec 4, 2015 · 4 comments
Assignees
Labels
P1 S1
Milestone

Comments

@pdepaepe
Copy link
Contributor

@pdepaepe pdepaepe commented Dec 4, 2015

Hello,

Currently testing 1.3 beta, i'm not able to get users list page.
On log side, i see:

2015-12-04T15:35:13.134Z ERROR [RestResource] Unable to load role names for role IDs [563c874ee4b001c07c5f02a9, 563c87fae4b001c07c5f0364] for user UserImpl{fields={_id=5640d260e4b02855eda908f6, username=pdepaepe, email=pdepaepe@localhost.com, permissions=[ "users:edit:pdepaepe"], password=xxxxxxxxxx, full_name=pdepaepe's account, roles=[ { "$oid" : "563c874ee4b001c07c5f02a9"} , { "$oid" : "563c87fae4b001c07c5f0364"}]}, id=5640d260e4b02855eda908f6}

When i call GET roles, i don't see 563c874ee4b001c07c5f02a9 and 563c87fae4b001c07c5f0364, so i guess, theses references are stuck in user object ?

PS: roll-backed to 1.2, users are back again

@kroepke kroepke added S1 P1 labels Dec 4, 2015
@kroepke kroepke added this to the 1.3.0 milestone Dec 4, 2015
@kroepke
Copy link
Member

@kroepke kroepke commented Dec 4, 2015

Those IDs should be resolved to proper role names, so the roles call won't show them.

Still the user loading should not fail.

I'll investigate.

@bernd bernd assigned bernd and kroepke and unassigned bernd Dec 6, 2015
@bernd
Copy link
Member

@bernd bernd commented Dec 6, 2015

There is a regression that the role in the user object does not get deleted when a role is removed via the REST API. This will be fixed.

I can reproduce it with the following steps:

  1. Create new role "Test"
  2. Assign "Test" role to user
  3. Remove "Reader" role from user (only works via API request)
  4. Delete "Test" role via API
  5. Open "System/Users" to reproduce the error
@bernd
Copy link
Member

@bernd bernd commented Dec 6, 2015

The commands to reproduce the problem.

  1. Create role "Test"
  2. Create user "john" with "Test" as only role
  3. Delete role "Test"
  4. Check "System/Users"

Commands

$ curl -sni -XPOST -d @role-create.json -H Content-Type:application/json localhost:12900/roles
HTTP/1.1 201 Created
Location: http://127.0.0.1:12900/roles/Test
Content-Type: application/json
Transfer-Encoding: chunked

{"name":"Test","description":"A test role","permissions":["*"],"read_only":false}

$ curl -sni -XPOST -d @user-create.json -H Content-Type:application/json localhost:12900/users
HTTP/1.1 201 Created
Location: http://127.0.0.1:12900/users/john
Transfer-Encoding: chunked

$ curl -sni -XDELETE localhost:12900/roles/Test
HTTP/1.1 204 No Content
Transfer-Encoding: chunked

Log

2015-12-06 17:25:02,569 ERROR: org.graylog2.shared.rest.resources.RestResource - Unable to load role names for role IDs [56646137c8309bc1950de228] for user UserImpl{fields={_id=56646153c8309bc1950de247, password=058b45b3403041e0fffb78a5eda83e5b4f6555c7, full_name=John Doe, session_timeout_ms=-1, startpage={ }, permissions=[ "users:edit:john" , "users:passwordchange:john" , "indexercluster:read" , "messagecount:read" , "journal:read" , "inputs:read" , "metrics:read" , "savedsearches:edit" , "fieldnames:read" , "buffers:read" , "system:read" , "savedsearches:create" , "jvmstats:read" , "throughput:read" , "savedsearches:read" , "messages:read"], timezone=Europe/Berlin, roles=[ { "$oid" : "56646137c8309bc1950de228"}], email=john@example.com, username=john}, id=56646153c8309bc1950de247}

role-create.json

{
  "name": "Test",
  "description": "A test role",
  "permissions": ["*"]
}

user-create.json

{
  "username": "john",
  "email": "john@example.com",
  "full_name": "John Doe",
  "password": "123456",
  "permissions": [
    "users:edit:john",
    "users:passwordchange:john",
    "indexercluster:read",
    "messagecount:read",
    "journal:read",
    "inputs:read",
    "metrics:read",
    "savedsearches:edit",
    "fieldnames:read",
    "buffers:read",
    "system:read",
    "savedsearches:create",
    "jvmstats:read",
    "throughput:read",
    "savedsearches:read",
    "messages:read"
  ],
  "timezone": "Europe/Berlin",
  "session_timeout_ms": -1,
  "startpage": {},
  "roles": [
    "Test"
  ]
}
kroepke added a commit that referenced this issue Dec 7, 2015
 - local admin users are not touched
 - when resolving roles of a user do not throw an exception for missing roles, it prevented the user from being editable
 - integration tests for role removal

fixes #1608
kroepke added a commit that referenced this issue Dec 8, 2015
fixes #1608
@bernd bernd closed this in 6bab850 Dec 8, 2015
@bernd
Copy link
Member

@bernd bernd commented Dec 8, 2015

This will be fixed in the upcoming Graylog 1.3 release. Thank you for the report!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants