Editing entities that were created with a no longer existing user leads to a server error
Created by: Alexander Schlemmer
At least that is my best guess after some time of debugging.
I had created a long series of entities using the caosdb crawler and the default user "admin". Afterwards I deleted the admin user (and created another admin). Now I cannot any longer edit the old entites, leading to a server side error:
linkahead | RESPONSE: HTTPS/1.1 - Internal Server Error (500) - The server encountered an unexpected condition which prevented it from fulfilling the request
linkahead | RESPONSE ENTITY:<?xml version="1.0" encoding="UTF-8"?>
linkahead | <?xml-stylesheet type="text/xsl" href="https://localhost:10443/webinterface/1613984106/webcaosdb.xsl" ?>
linkahead | <Response username="salexan" realm="CaosDB" srid="2bdc10f0-e03a-4f94-aa89-53becff95f4f" timestamp="1613984769686" baseuri="https://localhost:10443">
linkahead | <UserInfo username="salexan" realm="CaosDB">
linkahead | <Roles>
linkahead | <Role>administration</Role>
linkahead | </Roles>
linkahead | </UserInfo>
linkahead | <Error code="500" description="An unexpected server error has occurred.">SRID = 2bdc10f0-e03a-4f94-aa89-53becff95f4f
linkahead |
linkahead | Please report this server error to and include the SRID into your report.</Error>
linkahead | </Response>
linkahead |
linkahead | java.lang.NullPointerException: null
linkahead | at org.caosdb.server.accessControl.UserSources.isUserExisting(UserSources.java:83) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.accessControl.AuthenticationUtils.isResponsibleAgentExistent(AuthenticationUtils.java:157) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.jobs.core.CheckEntityACLRoles.run(CheckEntityACLRoles.java:44) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.jobs.ScheduledJob.run(Schedule.java:42) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.jobs.Schedule.runJob(Schedule.java:122) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.jobs.Schedule.runJobs(Schedule.java:104) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.transaction.Transaction.check(Transaction.java:248) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.transaction.Transaction.execute(Transaction.java:147) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.resource.transaction.EntityResource.httpPutInChildClass(EntityResource.java:190) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at org.caosdb.server.resource.AbstractCaosDBServerResource.httpPut(AbstractCaosDBServerResource.java:265) ~[caosdb-server-0.4.0-SNAPSHOT-jar-with-dependencies.jar:?]
linkahead | at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
linkahead | at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
linkahead | at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
linkahead | at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
I was using the edit mode of caosdb-webui.
This is kind of critical and I don't know how to proceed:
- Can the old entities' ACL be overwritten to get a new "owner"?
- The error message is not specific enough... Something like "user does no longer exist" would be more expressive.
- Can the ACL be set (maybe by default) to the whole group of administrators instead of a single user?
Imported comments:
By Timm Fitschen on 2021-02-25T10:30:36.480Z
mentioned in commit cb4e837f
By Timm Fitschen on 2021-02-23T09:24:10.336Z
mentioned in merge request !79 (merged)
By Timm Fitschen on 2021-02-22T14:07:39.840Z
mentioned in commit 4150717ddf37cda6f09beb0a6b3fdefe0060edce
By Alexander Schlemmer on 2021-02-22T10:28:10.848Z
I have added a due date, because I have a small presentation on Wed. If it's not possible to fix it until then, I might look for a workaround.
By Alexander Schlemmer on 2021-02-22T10:27:27.910Z
changed due date to February 24, 2021