Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Robust access handling in ServiceInstanceAuthService #48

Closed
1 task
darenegade opened this issue Nov 9, 2022 · 2 comments · Fixed by #1082
Closed
1 task

Robust access handling in ServiceInstanceAuthService #48

darenegade opened this issue Nov 9, 2022 · 2 comments · Fixed by #1082
Assignees
@lmoesle
Labels
enhancement New feature or request Technical Debt

Comments

@darenegade
Copy link
Member

darenegade commented Nov 9, 2022
edited
Loading

Describe the bug
At the moment the hasAccess Method in ServiceInstanceAuthService expects none or only one entry in the database per user. If there are multiple entries in the database the function throws an exception

ServiceInstanceAuthService#hasAccess

To Reproduce
Steps to reproduce the behavior:

  1. Create multiple entries in database per user and process
  2. check if person has access -> error

Expected behavior
Method is robust and accepts multiple entries (hasEntry / findFirst / findOne)

Acceptance Criteria

  • ServiceInstanceAuthService kann mit mehreren Einträgen umgehen
@darenegade darenegade added enhancement New feature or request refinement labels Nov 9, 2022
@StephanStrehlerCGI
Copy link
Contributor

Hallo,
ich habe gerade den Bug versucht zu reproduzieren. hat nicht geklappt.
Dafür habe ich mir das aber mal angeschaut und frage mich, ob da nicht eher ein unique contraint in der DB auf die Kombination aus User id und process instance id sinn ergibt.
Rein fachlich (zumindestens laut createAuthorization) sollte das ja eigentlich unique sein.

Wie siehst du das?

@lmoesle lmoesle self-assigned this Dec 6, 2023
lmoesle added a commit that referenced this issue Dec 6, 2023
@lmoesle
bugfix(#48): fix access handling in ServiceInstanceAuthService
ade351b
@lmoesle lmoesle mentioned this issue Dec 6, 2023
Merged
8 tasks
@lmoesle
Copy link
Contributor

lmoesle commented Dec 6, 2023

Ich habe den Fehler behoben, in dem ich den jpa query von find auf exists geändert habe (see #1082). @StephanStrehlerCGI hat aber recht, dass der Fehler in der Praxis nicht auftreten darf. Um den Fehler provozieren, muss man die DB direkt manipulieren, wir checken vor dem erstellen einer ServiceInstanceAuth, ob es sie schon gibt.

lmoesle added a commit that referenced this issue Dec 7, 2023
@lmoesle
bugfix(#48): fix access handling in ServiceInstanceAuthService
4c673e8
lmoesle added a commit that referenced this issue Dec 7, 2023
@lmoesle
bugfix(#48): fix access handling in ServiceInstanceAuthService (#1082)
d37c14c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lmoesle lmoesle

Labels
enhancement New feature or request Technical Debt
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

bugfix(#48): fix access handling in ServiceInstanceAuthService it-at-m/digiwf-core
3 participants
@darenegade @lmoesle @StephanStrehlerCGI