Project

General

Profile

Actions
Copy link

Defect #3364

open

Automatic role wasn't provisioned when other automatic role was deleted

Added by Alena Peterová 12 months ago.

Status:
New
Priority:
Normal
Assignee:
Peter Štrunc
Category:
Account managment
Target version:
-
Start date:
05/10/2023
Due date:
% Done:

0%

Estimated time:
Affected versions:
13.0.4
Owner:

Description

This happened in our customer's environment running on 13.0.4
  • Starting point: several automatic roles for AD group "SCM Dispo" were on the leaves of the organization structure
  • 1) Admin created a new definition of automatic role for the group "SCM Dispo" on the parent node with recursion Down
  • 2) Admin created a new definition of automatic role for the group "Supply chain management" on the parent node with recursion Down
  • 3) Admin deleted original automatic role definitions of the "SCM Dispo" group from the leaves

The result is that the roles are correctly assigned to the user in IdM, but the "Supply chain management" wasn't provisioned to AD (its AccIdentityAccount was missing). The role request which added this role ended with the following exception:

According to the IDs in the exception, just when computing ACM for the role "Supply chain management" (step 2), it failed on just-deleted automatic role for "SCM Dispo" (step 3).

org.springframework.orm.jpa.JpaObjectRetrievalFailureException: Unable to find eu.bcvsolutions.idm.core.model.entity.IdmAutomaticRole with id cb7443ea-2021-4e01-95e7-6fda7a02321b; nested exception is javax.persistence.EntityNotFoundException: Unable to find eu.bcvsolutions.idm.core.model.entity.IdmAutomaticRole with id cb7443ea-2021-4e01-95e7-6fda7a02321b
    at org.springframework.orm.jpa.EntityManagerFactoryUtils.convertJpaAccessExceptionIfPossible(EntityManagerFactoryUtils.java:379)
    at org.springframework.orm.jpa.vendor.HibernateJpaDialect.translateExceptionIfPossible(HibernateJpaDialect.java:256)
    at org.springframework.orm.jpa.AbstractEntityManagerFactoryBean.translateExceptionIfPossible(AbstractEntityManagerFactoryBean.java:528)
    at org.springframework.dao.support.ChainedPersistenceExceptionTranslator.translateExceptionIfPossible(ChainedPersistenceExceptionTranslator.java:61)
    at org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:242)
    at org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:154)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$CrudMethodMetadataPopulatingMethodInterceptor.invoke(CrudMethodMetadataPostProcessor.java:144)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.data.jpa.repository.support.CrudMethodMetadataPostProcessor$ExposeRepositoryInvocationInterceptor.invoke(CrudMethodMetadataPostProcessor.java:364)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.data.repository.core.support.SurroundingTransactionDetectorMethodInterceptor.invoke(SurroundingTransactionDetectorMethodInterceptor.java:61)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
    at com.sun.proxy.$Proxy232.findAll(Unknown Source)
    at eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService.findEntities(AbstractReadDtoService.java:432)
    at eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService.find(AbstractReadDtoService.java:244)
    at eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService$$FastClassBySpringCGLIB$$120a9283.invoke(<generated>)
    at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
    at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:752)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
    at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:295)
    at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:691)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultIdmIdentityRoleService$$EnhancerBySpringCGLIB$$66d0020f.find(<generated>)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultIdmRoleAssignmentManager.lambda$find$4(DefaultIdmRoleAssignmentManager.java:83)
    at java.base/java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271)
    at java.base/java.util.HashMap$ValueSpliterator.forEachRemaining(HashMap.java:1693)
    at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
    at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
    at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
    at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
    at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultIdmRoleAssignmentManager.find(DefaultIdmRoleAssignmentManager.java:87)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultIdmRoleAssignmentManager$$FastClassBySpringCGLIB$$dffe1651.invoke(<generated>)
    at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
    at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:687)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultIdmRoleAssignmentManager$$EnhancerBySpringCGLIB$$9784e00a.find(<generated>)
    at eu.bcvsolutions.idm.acc.service.impl.DefaultAccAccountManagementService.createIdentityAccountIfNotExists(DefaultAccAccountManagementService.java:821)
    at eu.bcvsolutions.idm.acc.service.impl.DefaultAccAccountManagementService.lambda$resolveNewIdentityRoles$5(DefaultAccAccountManagementService.java:220)
    at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
    at eu.bcvsolutions.idm.acc.service.impl.DefaultAccAccountManagementService.resolveNewIdentityRoles(DefaultAccAccountManagementService.java:217)
    at eu.bcvsolutions.idm.acc.service.impl.DefaultAccAccountManagementService$$FastClassBySpringCGLIB$$7078bda6.invoke(<generated>)
    at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
    at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:687)
    at eu.bcvsolutions.idm.acc.service.impl.DefaultAccAccountManagementService$$EnhancerBySpringCGLIB$$5df99329.resolveNewIdentityRoles(<generated>)
    at eu.bcvsolutions.idm.acc.event.processor.RoleRequestRealizationProcessor.process(RoleRequestRealizationProcessor.java:103)
    at eu.bcvsolutions.idm.core.api.event.AbstractEntityEventProcessor.onApplicationEvent(AbstractEntityEventProcessor.java:244)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:403)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:373)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager.process(DefaultEntityEventManager.java:253)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager.process(DefaultEntityEventManager.java:180)
    at eu.bcvsolutions.idm.core.model.event.processor.event.EntityEventExecuteProcessor.process(EntityEventExecuteProcessor.java:52)
    at eu.bcvsolutions.idm.core.api.event.AbstractEntityEventProcessor.onApplicationEvent(AbstractEntityEventProcessor.java:244)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165)
    at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:403)
    at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:373)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager.process(DefaultEntityEventManager.java:253)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager.process(DefaultEntityEventManager.java:180)
    at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager$2.run(DefaultEntityEventManager.java:655)
    at eu.bcvsolutions.idm.core.config.DelegatingTransactionContextRunnable.run(DelegatingTransactionContextRunnable.java:39)
    at org.springframework.security.concurrent.DelegatingSecurityContextRunnable.run(DelegatingSecurityContextRunnable.java:84)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: javax.persistence.EntityNotFoundException: Unable to find eu.bcvsolutions.idm.core.model.entity.IdmAutomaticRole with id cb7443ea-2021-4e01-95e7-6fda7a02321b
    at org.hibernate.jpa.boot.internal.EntityManagerFactoryBuilderImpl$JpaEntityNotFoundDelegate.handleEntityNotFound(EntityManagerFactoryBuilderImpl.java:163)
    at org.hibernate.event.internal.DefaultLoadEventListener.load(DefaultLoadEventListener.java:234)
    at org.hibernate.event.internal.DefaultLoadEventListener.proxyOrLoad(DefaultLoadEventListener.java:350)
    at org.hibernate.event.internal.DefaultLoadEventListener.doOnLoad(DefaultLoadEventListener.java:127)
    at org.hibernate.event.internal.DefaultLoadEventListener.onLoad(DefaultLoadEventListener.java:93)
    at org.hibernate.internal.SessionImpl.fireLoadNoChecks(SessionImpl.java:1277)
    at org.hibernate.internal.SessionImpl.internalLoad(SessionImpl.java:1149)
    at org.hibernate.type.EntityType.resolveIdentifier(EntityType.java:682)
    at org.hibernate.type.EntityType.resolve(EntityType.java:464)
    at org.hibernate.type.ManyToOneType.resolve(ManyToOneType.java:239)
    at org.hibernate.engine.internal.TwoPhaseLoad.doInitializeEntity(TwoPhaseLoad.java:205)
    at org.hibernate.engine.internal.TwoPhaseLoad.initializeEntity(TwoPhaseLoad.java:160)
    at org.hibernate.loader.Loader.initializeEntitiesAndCollections(Loader.java:1172)
    at org.hibernate.loader.Loader.processResultSet(Loader.java:1022)
    at org.hibernate.loader.Loader.doQuery(Loader.java:960)
    at org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:351)
    at org.hibernate.loader.Loader.doList(Loader.java:2787)
    at org.hibernate.loader.Loader.doList(Loader.java:2770)
    at org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2604)
    at org.hibernate.loader.Loader.list(Loader.java:2599)
    at org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:505)
    at org.hibernate.hql.internal.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:395)
    at org.hibernate.engine.query.spi.HQLQueryPlan.performList(HQLQueryPlan.java:220)
    at org.hibernate.internal.SessionImpl.list(SessionImpl.java:1526)
    at org.hibernate.query.internal.AbstractProducedQuery.doList(AbstractProducedQuery.java:1538)
    at org.hibernate.query.internal.AbstractProducedQuery.list(AbstractProducedQuery.java:1506)
    at org.hibernate.query.Query.getResultList(Query.java:132)
    at org.hibernate.query.criteria.internal.compile.CriteriaQueryTypeQueryAdapter.getResultList(CriteriaQueryTypeQueryAdapter.java:74)
    at org.springframework.data.jpa.repository.support.SimpleJpaRepository.readPage(SimpleJpaRepository.java:615)
    at org.springframework.data.jpa.repository.support.SimpleJpaRepository.findAll(SimpleJpaRepository.java:430)
    at jdk.internal.reflect.GeneratedMethodAccessor353.invoke(Unknown Source)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.springframework.data.repository.core.support.RepositoryComposition$RepositoryFragments.invoke(RepositoryComposition.java:359)
    at org.springframework.data.repository.core.support.RepositoryComposition.invoke(RepositoryComposition.java:200)
    at org.springframework.data.repository.core.support.RepositoryFactorySupport$ImplementationMethodExecutionInterceptor.invoke(RepositoryFactorySupport.java:645)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.doInvoke(RepositoryFactorySupport.java:609)
    at org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.lambda$invoke$3(RepositoryFactorySupport.java:596)
    at org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.invoke(RepositoryFactorySupport.java:596)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.data.projection.DefaultMethodInvokingMethodInterceptor.invoke(DefaultMethodInvokingMethodInterceptor.java:59)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:295)
    at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
    at org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.java:139)
    ... 67 more

Files

Download all files
tasks.png (69.3 KB) tasks.png Alena Peterová, 05/10/2023 07:24 PM
entity_event_fail.png (122 KB) entity_event_fail.png Alena Peterová, 05/10/2023 07:24 PM
audit_roles.png (57.4 KB) audit_roles.png Alena Peterová, 05/10/2023 07:29 PM

No data to display

Actions
Copy link

Also available in: Atom PDF