Details
-
Bug
-
Resolution: Fixed
-
Blocker
-
COmanage Registry 4.4.0 (Sparkling Summit)
Description
This issue affects 4.4.0-rc3.
Invoking the create action for the OrgIdentitySources controller with a configured OIS and key value, e.g.
/registry/org_identity_sources/create/1/key:000bab11-ab04-4e7c-a192-189d66f7830f
fails to create the OrgIdentity and associated CO Person record when the OIS is configured with a Pipeline and the Pipeline includes the configuration "Replace Record in COU", that is there is a value for the field sync_replace_cou_id.
Consider this code in the model file CoPipeline.php for the method execute():
if($syncAction == SyncActionEnum::Add || $syncAction == SyncActionEnum::Relink) { |
if(!empty($pipeline['CoPipeline']['sync_replace_cou_id'])) { |
// See if there is already a role in the specified COU for this CO Person, |
// and if so expire it. (This will typically only be useful with a Match Strategy.) |
|
try { |
$this->ReplaceCou->CoPersonRole->expire($targetIds['co_person_id'], |
$pipeline['CoPipeline']['sync_replace_cou_id'], |
$actorCoPersonId);
|
}
|
catch(Exception $e) { |
// For now ignore any failure |
}
|
}
|
|
if($coPersonId && !empty($pipeline['CoPipeline']['co_enrollment_flow_id'])) { |
$this->createPetition($pipeline['CoPipeline']['co_enrollment_flow_id'], |
$orgIdentity['OrgIdentity']['id'], |
$coPersonId);
|
}
|
}
|
Note that this code is called inside of a transaction that begins in the createOrgIdentity() method for the model OrgIdentitySource.
In that code block the call to the expire() method for CoPersonRole has as its first argument $targetIds['co_person_id']. That value, however, is always empty when a new OrgIdentity and CO Person record are being created.
That empty first argument to the execute() method results in a PDOException because the SQL sent to the database is
SELECT "CoPersonRole"."id" AS "CoPersonRole__id",
|
"CoPersonRole"."co_person_id" AS "CoPersonRole__co_person_id",
|
"CoPersonRole"."sponsor_co_person_id" AS "CoPersonRole__sponsor_co_person_id",
|
"CoPersonRole"."manager_co_person_id" AS "CoPersonRole__manager_co_person_id",
|
"CoPersonRole"."cou_id" AS "CoPersonRole__cou_id",
|
"CoPersonRole"."affiliation" AS "CoPersonRole__affiliation",
|
"CoPersonRole"."title" AS "CoPersonRole__title",
|
"CoPersonRole"."o" AS "CoPersonRole__o",
|
"CoPersonRole"."ou" AS "CoPersonRole__ou",
|
"CoPersonRole"."valid_from" AS "CoPersonRole__valid_from",
|
"CoPersonRole"."valid_through" AS "CoPersonRole__valid_through",
|
"CoPersonRole"."ordr" AS "CoPersonRole__ordr",
|
"CoPersonRole"."status" AS "CoPersonRole__status",
|
"CoPersonRole"."source_org_identity_id" AS "CoPersonRole__source_org_identity_id",
|
"CoPersonRole"."created" AS "CoPersonRole__created",
|
"CoPersonRole"."modified" AS "CoPersonRole__modified",
|
"CoPersonRole"."co_person_role_id" AS "CoPersonRole__co_person_role_id",
|
"CoPersonRole"."revision" AS "CoPersonRole__revision",
|
"CoPersonRole"."deleted" AS "CoPersonRole__deleted",
|
"CoPersonRole"."actor_identifier" AS "CoPersonRole__actor_identifier",
|
"Cou"."id" AS "Cou__id",
|
"Cou"."co_id" AS "Cou__co_id",
|
"Cou"."name" AS "Cou__name",
|
"Cou"."description" AS "Cou__description",
|
"Cou"."parent_id" AS "Cou__parent_id",
|
"Cou"."lft" AS "Cou__lft",
|
"Cou"."rght" AS "Cou__rght",
|
"Cou"."created" AS "Cou__created",
|
"Cou"."modified" AS "Cou__modified",
|
"Cou"."cou_id" AS "Cou__cou_id",
|
"Cou"."revision" AS "Cou__revision",
|
"Cou"."deleted" AS "Cou__deleted",
|
"Cou"."actor_identifier" AS "Cou__actor_identifier",
|
"Cou"."configuration_labels" AS "Cou__configuration_labels"
|
FROM "public"."cm_co_person_roles" AS "CoPersonRole" LEFT JOIN
|
"public"."cm_cous" AS "Cou" ON ("CoPersonRole"."cou_id" = "Cou"."id" AND "Cou"."cou_id" IS NULL AND "Cou"."deleted" IS NOT true)
|
WHERE "CoPersonRole"."co_person_id" = '' AND
|
"CoPersonRole"."cou_id" = 1 AND
|
"CoPersonRole"."co_person_role_id" IS NULL AND
|
"CoPersonRole"."deleted" IS NOT true
|
Note the WHERE condition and the test for co_person_id (empty string).
PostgreSQL 14.x logs at that point
ERROR: invalid input syntax for type integer: "" at character 1926 |
The PDOException is caught by the catch(Exception $e) in the code block above and processing continues with a successful call later to commit the transaction, but because of the bad SQL sent to the database the necessary rows are not actually saved for the new OrgIdentity or CO Person records.
The result is that the redirect to view the newly created OrgIdentity, which includes an ID value that would have (should have) been saved in the database, fails because that row simply does not exist. The logged exception is
Error: [InvalidArgumentException] No CO Specified
|
but that is a bit of a red herring–No CO can be found because there is no OrgIdentity row with that ID in the database.