Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix server error for admin user password change #2440

Merged
merged 2 commits into from
Dec 20, 2021
Merged

Fix server error for admin user password change #2440

merged 2 commits into from
Dec 20, 2021

Conversation

john-odonnell
Copy link
Contributor

@john-odonnell john-odonnell commented Dec 10, 2021
edited
Loading

Desired Outcome

Addresses #2438.

When changing a role's password, a check was recently added so that the operation would be refused for host roles.
This check breaks when changing the password for user:admin, resulting in the following server error:

RuntimeError (Resource not found for dev:user:admin)
app/models/role.rb:126:in `resource'
app/controllers/credentials_controller.rb:41:in `update_password'
app/controllers/application_controller.rb:79:in `run_with_transaction'

Implemented Changes

  • Added a cucumber test case to confirm the password change failure for user admin

  • Updated the host check:

    - raise Exceptions::Forbidden if @role.resource.kind == "host"
+ raise Exceptions::Forbidden if @role.login.start_with?("host/")

Connected Issue/Story

Resolves #2438

Definition of Done

At least 1 todo must be completed in the sections below for the PR to be
merged.

Changelog

  • The CHANGELOG has been updated, or
  • This PR does not include user-facing changes and doesn't require a
    CHANGELOG update

Test coverage

  • This PR includes new unit and integration tests to go with the code
    changes, or
  • The changes in this PR do not require tests

Documentation

  • Docs (e.g. READMEs) were updated in this PR
  • A follow-up issue to update official docs has been filed here: insert issue ID
  • This PR does not require updating any documentation

Behavior

  • This PR changes product behavior and has been reviewed by a PO, or
  • These changes are part of a larger initiative that will be reviewed later, or
  • No behavior was changed with this PR

Security

  • Security architect has reviewed the changes in this PR,
  • These changes are part of a larger initiative with a separate security review, or
  • There are no security aspects to these changes

@telday
Copy link
Contributor

telday commented Dec 15, 2021

@john-odonnell This issue is causing issues downstream with the Java SDK so I would like to get it merged in. Is this PR ready to go?

@john-odonnell
Copy link
Contributor Author

@telday I figured that would probably happen - broke CI for the OpenAPI spec repo too.

It should be ready, thought I'm not sure if the fix I added only treats a symptom instead of curing the cause.
I'm curious why the password-change flow only affected admin, and not other user roles.

That said - I've rebased and updated the Changelog. I'll mark this PR as Ready.

@john-odonnell john-odonnell marked this pull request as ready for review December 15, 2021 17:38
@john-odonnell john-odonnell requested a review from a team as a code owner December 15, 2021 17:38
@telday telday merged commit f1f2abc into master Dec 20, 2021
@telday telday deleted the fix-password-change branch December 20, 2021 15:14
@jtuttle jtuttle mentioned this pull request Jan 19, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@telday telday telday approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Admin password change results in server error
2 participants
@john-odonnell @telday