UID can be changed from the API

Description

A user's UID can be changed via the API. This is not allowed in the GUI, and the API should reflect it.

Distribution Name and Version

Whatever is on demo.fusiondirectory.org

FusionDirectory Version

1.2

PHP version used

Whatever is on demo.fusiondirectory.org

Origin of php packages

Whatever is on demo.fusiondirectory.org

Steps to Reproduce

1. use setfields() method in the API to set field 'uid'
2. Observe user now has a new UID.

Expected behavior:

UID should not be changed, and FD should warn the user that changing the field is not allowed.

Actual behavior:

The UID of a user can be changed without warning (or error).

Reproduces how often:

100%

Additional Information

Example of JSON changing the uid of user uid=newuid,ou=people,dc=fusiondirectory,dc=org from 'newuid' (back) to 'user':

DEBUG:root:Posting this JSON:

{'params': ['aucqmpj43inps9e7e8elljc6r0', 'USER', 'uid=newuid,ou=people,dc=fusiondirectory,dc=org', 
  
  {'reference': 
    {'refs': None}, 
    'userRoles': {'groupsMembership': ['cn=ogroup-test,ou=groups,dc=fusiondirectory,dc=org']}, 
    'user': {'uid': 'user', 'base': 'dc=fusiondirectory,dc=org', 'givenName': 'antoine', 'description': 'Some description', 'cn': 'antoine foobar', 'sn': 'foobar', 'userPassword': '{SSHA}+fxT2utzO5JGkfgeHxIxdqQE3hTsUjtN'},
    'ldapDump': 
      {'dump': None}, 
    'personalInfo': 
      {'fdPhotoVisible': True, 'fdPrivateMail': ['private1@se.se', 'private2@se.se', 'private3@se.se', 'private4@se.se']}, 
    'posixAccount': {'gecos': 'antoine foobar', 'groupMembership': ['cn=posixgroup-test,ou=groups,dc=fusiondirectory,dc=org'], 'force_ids': False, 'gidNumber': 1103, 'homeDirectory': '/hjhj', 'loginShell': '/bin/ash', 'posixStatus': 'active', 'mustchangepassword': False, 'shadowLastChange': 17625, 'uidNumber': 1102, 'primaryGroup': 1103}
  }], 'id': '123', 'method': 'setfields'
}

assigned to @MCMic

By Côme Chilliet on 2018-04-04T11:46:28 (imported from GitLab)

changed milestone to %FusionDirectory 1.3

By Côme Chilliet on 2018-04-04T11:46:33 (imported from GitLab)

added PJ1802-0188 label

By bmortier on 2018-04-05T08:53:46 (imported from GitLab)

changed the description

By bmortier on 2018-04-09T16:30:15 (imported from GitLab)

created branch 5811-uid-can-be-changed-from-the-api

By Côme Chilliet on 2018-04-17T13:41:31 (imported from GitLab)

mentioned in merge request !236

By Côme Chilliet on 2018-04-17T13:41:32 (imported from GitLab)

mentioned in commit ef77ec85

By Côme Chilliet on 2018-04-17T13:44:51 (imported from GitLab)

added 1h of time spent at 2018-04-17

By Côme Chilliet on 2018-04-17T14:14:10 (imported from GitLab)

added To Be Tested ~590 simple-plugin labels

By Côme Chilliet on 2018-04-17T14:14:10 (imported from GitLab)

created branch 5811-uid-can-be-changed-from-the-api

By Côme Chilliet on 2018-04-18T11:52:08 (imported from GitLab)

mentioned in merge request !238

By Côme Chilliet on 2018-04-18T11:52:09 (imported from GitLab)

mentioned in commit 4f4991e8

By Côme Chilliet on 2018-04-18T11:54:23 (imported from GitLab)

When trying to set uid through webservice on demo-dev I now get the error "Attribute uid is disabled, its value could not be set".

By Côme Chilliet on 2018-04-23T13:47:07 (imported from GitLab)

closed

By Côme Chilliet on 2018-04-23T13:47:07 (imported from GitLab)

added 20m of time spent at 2018-04-23

By Côme Chilliet on 2018-04-23T13:47:09 (imported from GitLab)

added Fixed and removed Bugs To Be Tested labels

By Côme Chilliet on 2018-04-23T13:47:09 (imported from GitLab)