search

OpenSlides / openslides-autoupdate-service

Autoupdate service for OpenSlides 4+
MIT License
2 stars 21 forks source link

AU-service stops connection caused by a not requested key #384

Closed GabrielInTheWorld closed 2 years ago

GabrielInTheWorld commented 2 years ago

I sent this request:

Detailed request

```js { "collection": "meeting", "ids": [ 8 ], "fields": { "conference_show": null, "conference_auto_connect": null, "conference_los_restriction": null, "conference_stream_url": null, "conference_open_microphone": null, "conference_open_video": null, "conference_auto_connect_next_speakers": null, "conference_stream_poster_url": null, "conference_enable_helpdesk": null, "applause_enable": null, "applause_type": null, "applause_show_level": null, "applause_min_amount": null, "applause_max_amount": null, "applause_timeout": null, "applause_particle_image_url": null, "projector_countdown_warning_time": null, "projector_countdown_default_time": null, "enable_anonymous": null, "export_csv_separator": null, "export_csv_encoding": null, "export_pdf_pagenumber_alignment": null, "export_pdf_fontsize": null, "export_pdf_pagesize": null, "agenda_enable_numbering": null, "agenda_number_prefix": null, "agenda_numeral_system": null, "agenda_item_creation": null, "agenda_new_items_default_visibility": null, "agenda_show_internal_items_on_projector": null, "agenda_show_subtitles": null, "list_of_speakers_amount_last_on_projector": null, "list_of_speakers_amount_next_on_projector": null, "list_of_speakers_couple_countdown": null, "list_of_speakers_enable_point_of_order_speakers": null, "list_of_speakers_speaker_note_for_everyone": null, "list_of_speakers_show_amount_of_speakers_on_slide": null, "list_of_speakers_present_users_only": null, "list_of_speakers_show_first_contribution": null, "list_of_speakers_initially_closed": null, "list_of_speakers_enable_pro_contra_speech": null, "list_of_speakers_can_set_contribution_self": null, "motions_default_workflow_id": null, "motions_default_amendment_workflow_id": null, "motions_default_statute_amendment_workflow_id": null, "motions_preamble": null, "motions_default_line_numbering": null, "motions_line_length": null, "motions_reason_required": null, "motions_enable_text_on_projector": null, "motions_enable_reason_on_projector": null, "motions_enable_recommendation_on_projector": null, "motions_show_referring_motions": null, "motions_enable_sidebox_on_projector": null, "motions_show_sequential_number": null, "motions_recommendations_by": null, "motions_statute_recommendations_by": null, "motions_recommendation_text_mode": null, "motions_default_sorting": null, "motions_number_type": null, "motions_number_min_digits": null, "motions_number_with_blank": null, "motions_amendments_enabled": null, "motions_statutes_enabled": null, "motions_amendments_in_main_list": null, "motions_amendments_prefix": null, "motions_amendments_text_mode": null, "motions_amendments_multiple_paragraphs": null, "motions_amendments_of_amendments": null, "motions_supporters_min_amount": null, "motion_poll_default_type": null, "motion_poll_default_100_percent_base": null, "motion_poll_default_group_ids": null, "motion_poll_ballot_paper_selection": null, "motion_poll_ballot_paper_number": null, "motion_poll_default_backend": null, "motions_export_title": null, "motions_export_preamble": null, "motions_export_submitter_recommendation": null, "motions_export_follow_recommendation": null, "assignment_poll_default_method": null, "assignment_poll_default_type": null, "assignment_poll_default_100_percent_base": null, "assignment_poll_default_group_ids": null, "assignment_poll_add_candidates_to_list_of_speakers": null, "assignment_poll_sort_poll_result_by_votes": null, "assignment_poll_default_backend": null, "assignment_poll_ballot_paper_selection": null, "assignment_poll_ballot_paper_number": null, "assignments_export_title": null, "assignments_export_preamble": null, "users_sort_by": null, "users_enable_presence_view": null, "users_allow_self_set_present": null, "users_enable_vote_weight": null, "users_pdf_welcometitle": null, "users_pdf_welcometext": null, "users_pdf_url": null, "users_pdf_wlan_ssid": null, "users_pdf_wlan_password": null, "users_pdf_wlan_encryption": null, "users_email_sender": null, "users_email_replyto": null, "users_email_subject": null, "users_email_body": null, "custom_translations": null, "jitsi_domain": null, "jitsi_room_name": null, "jitsi_room_password": null, "enable_chat": null, "id": null, "logo_$_id": { "type": "template" }, "font_$_id": { "type": "template" }, "reference_projector_id": null, "is_active_in_organization_id": null, "default_group_id": { "type": "relation", "collection": "group", "fields": { "name": null, "permissions": null, "admin_group_for_meeting_id": null, "default_group_for_meeting_id": null, "id": null } }, "admin_group_id": { "type": "relation", "collection": "group", "fields": { "name": null, "permissions": null, "admin_group_for_meeting_id": null, "default_group_for_meeting_id": null, "id": null } }, "projector_ids": { "type": "relation-list", "collection": "projector", "fields": { "name": null, "scale": null, "scroll": null, "width": null, "aspect_ratio_numerator": null, "aspect_ratio_denominator": null, "color": null, "background_color": null, "header_background_color": null, "header_font_color": null, "header_h1_color": null, "chyron_background_color": null, "chyron_font_color": null, "show_header_footer": null, "show_title": null, "show_logo": null, "show_clock": null, "used_as_reference_projector_meeting_id": null, "id": null, "current_projection_ids": { "type": "relation-list", "collection": "projection", "fields": { "stable": null, "type": null, "options": null, "weight": null, "id": null, "content_object_id": { "type": "generic-relation", "fields": { "title": null, "number": null, "created": null, "sequential_number": null, "text": null, "reason": null, "recommendation_id": null, "tag_ids": null, "personal_note_ids": null, "block_id": null, "category_id": null, "lead_motion_id": null, "comment_ids": null, "modified_final_version": null, "state_extension": null, "recommendation_extension": null, "agenda_item_id": null, "amendment_paragraph_$": { "type": "template" }, "poll_ids": null, "origin_id": null, "id": null, "is_directory": null, "parent_id": null, "child_ids": null, "mimetype": null, "filesize": null, "create_timestamp": null, "has_inherited_access_groups": null, "pdf_information": null, "closed": null, "content_object_id": null, "speaker_ids": null, "internal": null, "open_posts": null, "phase": null, "candidate_ids": null, "description": null, "default_poll_description": null, "number_poll_candidates": null, "item_number": null, "comment": null, "type": null, "is_hidden": null, "is_internal": null, "duration": null, "weight": null, "level": null, "meeting_id": null, "first_name": null, "last_name": null, "username": null, "vote_weight_$": { "type": "template" }, "structure_level_$": { "type": "template" }, "number_$": { "type": "template" }, "email": null, "gender": null, "is_active": null, "is_physical_person": null, "is_present_in_meeting_ids": null, "last_email_send": null, "default_number": null, "default_structure_level": null, "default_vote_weight": null, "comment_$": { "type": "template" }, "about_me_$": { "type": "template" }, "default_password": null, "entitled_group_ids": null, "state": null, "pollmethod": null, "voted_ids": null, "votescast": null, "votesinvalid": null, "votesvalid": null, "option_ids": null, "onehundred_percent_base": null, "global_option_id": null, "global_yes": null, "global_no": null, "global_abstain": null, "min_votes_amount": null, "max_votes_amount": null, "entitled_users_at_stop": null, "vote_count": null, "backend": null, "message": null, "default_time": null, "countdown_time": null, "running": null } } } }, "preview_projection_ids": { "type": "relation-list", "collection": "projection", "fields": { "stable": null, "type": null, "options": null, "weight": null, "id": null, "content_object_id": { "type": "generic-relation", "fields": { "title": null, "number": null, "created": null, "sequential_number": null, "text": null, "reason": null, "recommendation_id": null, "tag_ids": null, "personal_note_ids": null, "block_id": null, "category_id": null, "lead_motion_id": null, "comment_ids": null, "modified_final_version": null, "state_extension": null, "recommendation_extension": null, "agenda_item_id": null, "amendment_paragraph_$": { "type": "template" }, "poll_ids": null, "origin_id": null, "id": null, "is_directory": null, "parent_id": null, "child_ids": null, "mimetype": null, "filesize": null, "create_timestamp": null, "has_inherited_access_groups": null, "pdf_information": null, "closed": null, "content_object_id": null, "speaker_ids": null, "internal": null, "open_posts": null, "phase": null, "candidate_ids": null, "description": null, "default_poll_description": null, "number_poll_candidates": null, "item_number": null, "comment": null, "type": null, "is_hidden": null, "is_internal": null, "duration": null, "weight": null, "level": null, "meeting_id": null, "first_name": null, "last_name": null, "username": null, "vote_weight_$": { "type": "template" }, "structure_level_$": { "type": "template" }, "number_$": { "type": "template" }, "email": null, "gender": null, "is_active": null, "is_physical_person": null, "is_present_in_meeting_ids": null, "last_email_send": null, "default_number": null, "default_structure_level": null, "default_vote_weight": null, "comment_$": { "type": "template" }, "about_me_$": { "type": "template" }, "default_password": null, "entitled_group_ids": null, "state": null, "pollmethod": null, "voted_ids": null, "votescast": null, "votesinvalid": null, "votesvalid": null, "option_ids": null, "onehundred_percent_base": null, "global_option_id": null, "global_yes": null, "global_no": null, "global_abstain": null, "min_votes_amount": null, "max_votes_amount": null, "entitled_users_at_stop": null, "vote_count": null, "backend": null, "message": null, "default_time": null, "countdown_time": null, "running": null } } } } } }, "poll_ids": { "type": "relation-list", "collection": "poll", "fields": { "entitled_group_ids": null, "state": null, "title": null, "type": null, "pollmethod": null, "content_object_id": { "type": "generic-relation", "fields": { "title": null, "number": null, "created": null, "sequential_number": null, "text": null, "reason": null, "recommendation_id": null, "tag_ids": null, "personal_note_ids": null, "block_id": null, "category_id": null, "lead_motion_id": null, "comment_ids": null, "modified_final_version": null, "state_extension": null, "recommendation_extension": null, "agenda_item_id": null, "amendment_paragraph_$": { "type": "template" }, "poll_ids": null, "origin_id": null, "id": null, "open_posts": null, "phase": null, "candidate_ids": null, "description": null, "default_poll_description": null, "number_poll_candidates": null } }, "id": null, "voted_ids": null } }, "default_projector_$_id": { "type": "template", "values": { "type": "relation", "collection": "projector", "fields": { "name": null, "scale": null, "scroll": null, "width": null, "aspect_ratio_numerator": null, "aspect_ratio_denominator": null, "color": null, "background_color": null, "header_background_color": null, "header_font_color": null, "header_h1_color": null, "chyron_background_color": null, "chyron_font_color": null, "show_header_footer": null, "show_title": null, "show_logo": null, "show_clock": null, "used_as_reference_projector_meeting_id": null, "id": null } } }, "chat_group_ids": { "type": "relation-list", "collection": "chat_group", "fields": { "chat_message_ids": { "type": "relation-list", "collection": "chat_message", "fields": { "chat_group_id": null, "content": null, "created": null, "user_id": { "type": "relation", "collection": "user", "fields": { "title": null, "first_name": null, "last_name": null, "username": null, "vote_weight_$": { "type": "template" }, "structure_level_$": { "type": "template" }, "number_$": { "type": "template" }, "email": null, "gender": null, "is_active": null, "is_physical_person": null, "is_present_in_meeting_ids": null, "last_email_send": null, "default_number": null, "default_structure_level": null, "default_vote_weight": null, "comment_$": { "type": "template" }, "about_me_$": { "type": "template" }, "comment": null, "default_password": null, "id": null } }, "id": null } }, "name": null, "weight": null, "read_group_ids": { "type": "relation-list", "collection": "group", "fields": { "name": null, "permissions": null, "admin_group_for_meeting_id": null, "default_group_for_meeting_id": null, "id": null } }, "write_group_ids": { "type": "relation-list", "collection": "group", "fields": { "name": null, "permissions": null, "admin_group_for_meeting_id": null, "default_group_for_meeting_id": null, "id": null } }, "id": null } } } } ```

The AU-service stops then the connection and returns this as response:

the given keys/fqfields are invalid: [user/0/committee_$2_management_level user/0/id]

This fqfield is indeed invalid, but never requested. Can you tell me, what is going wrong here?

ostcar commented 2 years ago

This is a bug. Probably in the restrictor package. I guess, that the restrictor tries to fetch some permission condition. It tries to find out if the user has the committe management level in the meeting. The bug is, that it uses the user-id in the field without checking first, if the user is anonymous.

I guess you send this request with anonymous? If not, please tell me the user ID and which permissions this user has.

I realise now, that I did not think about the case, that anonymous sends a request. There are probably many cases with the anonymous user that result in a error message like this.

GabrielInTheWorld commented 2 years ago

I guess you send this request with anonymous? If not, please tell me the user ID and which permissions this user has.

Yes, as anonymous.