Actions
Defect #1099
open
Missing data integrity between identity and reset requests
Status:
New
Priority:
High
Assignee:
Peter Štrunc
Target version:
-
Start date:
05/17/2018
Due date:
% Done:
0%
Estimated time:
Affected versions:
Owner:
Description
Affected version: 1.1 (at least)
I founded the problem on project.
After identity create new request for password reset and admin remove the identity, in table still exists request for the identity.
The identity can still shows the request and receive INTERNAL_SERVER_ERROR 500. Please add check for data integrity between identity and reset requests
Error:
org.springframework.orm.jpa.JpaObjectRetrievalFailureException: Unable to find eu.bcvsolutions.idm.core.model.entity.IdmIdentity with id c6aa4e9e-36e6-4830-99e8-53dabc5b3fd4; nested exception is javax.persistence.EntityNotFoundException: Unable to find eu.bcvsolutions.idm.core.model.entity.IdmIdentity with id c6aa4e9e-36e6-4830-99e8-53dabc5b3fd4
at org.springframework.orm.jpa.EntityManagerFactoryUtils.convertJpaAccessExceptionIfPossible(EntityManagerFactoryUtils.java:389)
at org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:227)
at org.springframework.orm.jpa.AbstractEntityManagerFactoryBean.translateExceptionIfPossible(AbstractEntityManagerFactoryBean.java:436)
at org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:59)
at org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:213)
at org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:147)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:131)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208)
at com.sun.proxy.$Proxy242.findAll(Unknown Source)
at eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService.findEntities(AbstractReadDtoService.java:249)
at eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService.find(AbstractReadDtoService.java:176)
at eu.bcvsolutions.idm.pwdreset.service.impl.DefaultPasswordResetRequestService.changePassword(DefaultPasswordResetRequestService.java:128)
at eu.bcvsolutions.idm.pwdreset.service.impl.DefaultPasswordResetRequestService$$FastClassBySpringCGLIB$$530df959.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:720)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:281)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:655)
at eu.bcvsolutions.idm.pwdreset.service.impl.DefaultPasswordResetRequestService$$EnhancerBySpringCGLIB$$a8797bd3.changePassword(<generated>)
at eu.bcvsolutions.idm.pwdreset.rest.PasswordResetRestController.changePasswordAfterVerification(PasswordResetRestController.java:79)
at eu.bcvsolutions.idm.pwdreset.rest.PasswordResetRestController$$FastClassBySpringCGLIB$$2163611f.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:720)
Updated by Peter Štrunc almost 6 years ago
Isnt there a LRT to delete those old requests? I remember implementing it at some point.
Updated by Ondřej Kopr almost 6 years ago
I didn't find any LRT for remove old request. But even if some LRT exists, isn't nice when I try show some password request and I receive 500 internal server error. The data integrity check is probably necessary.
Updated by Radek Tomiška over 4 years ago
- Assignee set to Peter Štrunc
- Priority changed from Normal to High
Actions