Servoy Forum

Discuss Servoy here!
https://forum.servoy.com/

Bug in svySecurity

https://forum.servoy.com/viewtopic.php?f=22&t=23316

Page 1 of 1

Bug in svySecurity

PostPosted: Wed Sep 01, 2021 4:58 pm
by omar
Hi,

I am having trouble with svySecurity (version 1.6.0) on a Mac. First I retrieve an object for a specific role:

Code: Select all
var role = scopes.svySecurity.getRole('DA')


That works. Then I ask for the users that are members of this role:

Code: Select all
var users = role.getUsers()


Then I get an error: org.mozilla.javascript.JavaScriptException: Error: User record is not specified (/Users/Omar/WorkspaceHis/svySecurity/svySecurity.js#1348)

Apparently it expects a record context in the underlying code (line 1908) and does not have one. Does anybody have a solution or a workaround for this?

Re: Bug in svySecurity

PostPosted: Wed Sep 01, 2021 5:15 pm
by paronne
Hi Omar,

The function scopes.svySecurity.getRole(roleName, tenantName) has a second param tenantName.
tenantName is optional since it can use the tenantName of the currently logged user. It may fail if tenant is not specified and the user is not logged in.

In detail, as specified in the JSDoc for the getRole function:

* Gets a role by the specified role name and tenant name.
* If tenant name is not specified will use the tenant of the user currently logged in the application, if available.
* @note Will fail if tenant is not specified and user is not logged in and multiple roles are found with the specified role name but associated with different tenants.
*
* @public
* @param {String} roleName The name of the role to get.
* @param {String} [tenantName] If not specified will use the tenant of the current logged in user (if user is not currently logged in
* @return {Role} The specified role or null if not found.

How do you get in the scenario you describe ?
Are you actually logged in as an user when getting the roles via getRoles() ?
Can you provide a full stack of the error ?

Regards,
Paolo

Re: Bug in svySecurity

PostPosted: Wed Sep 01, 2021 9:49 pm
by omar
Hi Paolo,

Thanks for your swift reply :D . Including the tenant does not make a difference. Getting a role object works fine. The problem is the getUsers() method (which has no parameters).
The easiest way for me to reproduce the problem is to log into the application and from the command line retrieve the role object and call the getUsers() method on it. It has worked in a previous version.

The problem appears to be in this line of code of svySecurity (1908):

Code: Select all
var user = record.roles_to_user_roles.getRecord(i).user_roles_to_users.getSelectedRecord();


This is the error stack:

Code: Select all
2021-09-01 16:27:00,783 ERROR [Executor,uuid:277BCC4:2] com.servoy.j2db.util.Debug - Error: User record is not specified (/Users/Omar/WorkspaceHis/svySecurity/svySecurity.js#1348) (Form Context: rolesEdit), JSEvent(type = form, source = FormController[form: rolesEdit, fs size:6,visible: true, selected record: Record[DATA:Row(db:/svy_security/roles)[DATA:role_name=DA,display_name=Data administratie,creation_datetime=2017-08-24 23:45:48.0,modification_datetime=2018-10-10 15:45:35.0,tenant_name=LRC,creation_user_name=system_user,modification_user_name=admin,  CALCULATIONS: {}]]  COLUMS: role_name,display_name,creation_datetime,modification_datetime,tenant_name,creation_user_name,modification_user_name,,destroyed:false], formName = rolesEdit, elementName = <no name>, timestamp = Wed Sep 01 16:26:58 CEST 2021,modifiers = 0,x =0,y = 0,data = null) Error: User record is not specified

   at /Users/Omar/WorkspaceHis/svySecurity/svySecurity.js:1348 (User)
   at /Users/Omar/WorkspaceHis/svySecurity/svySecurity.js:1910
   at /Users/Omar/WorkspaceHis/his/security.js:68 (getRoleMembers)
   at /Users/Omar/WorkspaceHis/his/forms/rolesEdit.js:44 (onShow)
   at /Users/Omar/WorkspaceHis/his/forms/base.js:256 (openModal)
   at /Users/Omar/WorkspaceHis/his/forms/gridRoles.js:54 (onCellDoubleClick)
[AFD1C54E-8C8C-4E55-8FA7-D81089C29262 his]

Re: Bug in svySecurity

PostPosted: Tue Sep 07, 2021 9:02 am
by paronne
Hi Omar,

thank you for the stack.
Looks like in your database there is at least one orphan "user_roles" record which is missing the related "users" record.
When deleting a user record, the relation users_to_user_roles would normally delete cascade all related "user_roles".
I could only get in such state my tampering with the database and manually delete the user record.
Any idea how that happened for you ?
For now you can clear your database by removing the orphan records.

If using the svySecurity APIs you get again orphan records, please create a case at support.servoy.com with steps to reproduce.

Regards,
Paolo
All times are UTC + 1 hour [ DST ]
Page 1 of 1