Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • fusiondirectory-plugins fusiondirectory-plugins
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 53
    • Issues 53
    • List
    • Boards
    • Service Desk
    • Milestones
  • Deployments
    • Deployments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • Value stream
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • fusiondirectory
  • fusiondirectory-pluginsfusiondirectory-plugins
  • Issues
  • #5793

Closed
Open
Created Mar 13, 2018 by Krügl Matthias@kmatthiasReporter

Giving an array as base stalls the webservice

Description

Distribution Name and Version

Debian Stretch

FusionDirectory Version

1.0.19-1-debian, 1.2

Plugin with the defect

webservice

PHP version used

7.0-49

Origin of php packages

Debian stretch

Steps to Reproduce

We are not sure which steps are needed.

  1. Create a department, /test.
  2. Create a template within this department.
  3. Create an user for the api, e.g. api.
  4. Give the api user manager rights on the department.
  5. From within a JSON-RPC client log in and
  6. Issue a usetemplate with e.g. the following params:
'params': [session_id,
'user',
templatedn,
{'user': {
  'base': {'ou=test,dc=example,dc=org':'/test'},
  'uid': 'uid',
  'sn': 'name',
  'givenName': 'givenname',
 },
}

Expected behavior:

Creation of new user object based on template and submitted values OR error message.

Actual behavior:

Failed request to ldap, Apache process stalls for ~30sec, empty 200 response

(login) apache2: FusionDirectory [api-user]: (debug) Method getId of type JSON-RPC : Params:Array#012(#012)
(template) apache2: FusionDirectory [api-user]: (debug) Method usetemplate of type JSON-RPC : Params:Array#012(#012    [0] => user#012    [1] =>  cn=template_id,ou=templates,ou=people,ou=test,dc=example,dc=org#012    [2] => Array#012        (#012            [user] => Array#012                (#012                    [base] => Array#012                        (#012                            [ou=test,dc=example,dc=org] => /test#012                        )#012#012                    [sn] => name#012                    [uid] => 03test#012                    [givenName] => givennname#012                )#012#012        )#012#012)
slapd[633]: conn=1014 op=2 do_search: invalid dn: "new"

Reproduces how often:

100% (5/5)

Additional Information

Both exists in 1.0.19 and after upgrading to 1.2 from the repo.

We are not sure if we use the api correctly regarding the base, the issue does not reproduce when omitting the attribute base. However when omitting the base we receive the error You have no permission to modify the field "sn" of object "new", as fusiondirectory seems to create and modify a temporary(?) account at dn=new.

Edited Mar 28, 2018 by Côme Chilliet
Assignee
Assign to
Time tracking