Ouranosinc / Magpie

AuthN/AuthZ services
https://pavics-magpie.readthedocs.io
Apache License 2.0
1 stars 5 forks source link

[BUG] Unable to add any new user #521

Closed tlvu closed 2 years ago

tlvu commented 2 years ago

Describe the bug

Unable to add any new user. Before I thought it was "unclear error when adding new user matching an already existing user name" but my collegue @tlogan2000 and @Zeitsperre told me they used new non-existing username and they still get the error:

image

[2022-08-31 18:50:02,141] INFO       [ThreadPoolExecutor-0_0][magpie.utils] Request: [POST pavics.ouranos.ca:443 /magpie/users]                          
[2022-08-31 18:50:02,154] ERROR      [ThreadPoolExecutor-0_0][magpie.ui.utils] Unexpected API error under UI operation. [{'code': 409, 'detail': 'User nam
e matches an already existing user name.', 'type': 'application/json', 'path': '/users', 'url': 'https://pavics.ouranos.ca/magpie/users', 'method': 'POST'
}]                                                                                                                                                       
[2022-08-31 18:50:02,154] INFO       [ThreadPoolExecutor-0_0][magpie.utils] Request: [POST pavics.ouranos.ca:443 /magpie/ui/error]                       
[2022-08-31 18:50:02,160] INFO       [ThreadPoolExecutor-0_0][magpie.api.requests] User 'logan' is authenticated                                         
[2022-08-31 18:50:02,161] ERROR      [ThreadPoolExecutor-0_0][magpie.ui.utils] Unexpected API error under UI operation. [TypeError: 'Response' object is n
ot subscriptable]                                                                                                                                        
Traceback (most recent call last):                                                                                                                       
  File "/opt/local/src/magpie/magpie/ui/utils.py", line 150, in wrap                                                                                     
    return func(*args, **kwargs)                                                                                                                         
  File "/usr/local/lib/python3.7/site-packages/pyramid/viewderivers.py", line 436, in rendered_view                                                      
    result = view(context, request)                                                                                                                      
  File "/usr/local/lib/python3.7/site-packages/pyramid/viewderivers.py", line 116, in _class_requestonly_view                                            
    response = getattr(inst, attr)()                                                                                                                     
  File "/opt/local/src/magpie/magpie/ui/management/views.py", line 107, in add_user                                                                      
    if return_data["is_error"]:                                                                                                                          
TypeError: 'Response' object is not subscriptable

To Reproduce Steps to reproduce the behavior:

  1. Deploy Magpie from this birdhouse-deploy commit https://github.com/Ouranosinc/birdhouse-deploy/commit/2ed45aac7e5442dc56298ca87e036b474f6c6528

Desktop (please complete the following information):

tlvu commented 2 years ago

@fmigneault this is urgent for us, we are not able to add new users anymore !

tlogan2000 commented 2 years ago

I believe I have figured this out. The provided email was already in the system so even with new usernames the account was not being created. What is strange is that I cannot find the preexisting account in the UI user list.

tlvu commented 2 years ago

I believe I have figured this out. The provided email was already in the system so even with new usernames the account was not being created. What is strange is that I cannot find the preexisting account in the UI user list.

In this case I think the error message should specify exactly which string was causing the duplicate error. This way we do not have to guess if it is the username or the email that is duplicated.

Back to the original cause: unclear error message

tlvu commented 2 years ago

The WebUI should also display the email, in addition to the username, on the page where all users are listed, since email is enforced to be unique so we can find out which email has been already in use.

My collegues also found out that email comparison was case-sensitive so they got around to create a new user with First.Last@example.com when first.last@example.com already exist in the DB. This should probably be case-insensitive.

fmigneault commented 2 years ago

I will look into it assuming it is related to email. When testing with a duplicate name, I get this answer instead of the error: image

tlvu commented 2 years ago

Email validation should also trim beginning and ending white spaces. I found some email with white spaces in our production DB. Probably fat finger typo when entering data in the add user form.

fmigneault commented 2 years ago

Email validation should also trim beginning and ending white spaces

This is done automatically by the field type validation that requires a valid email in the UI. It is also validated with a regex in the API. Maybe they have been inserted manually in the DB? Otherwise, provide an example.

tlvu commented 2 years ago

This is done automatically by the field type validation that requires a valid email in the UI. It is also validated with a regex in the API. Maybe they have been inserted manually in the DB? Otherwise, provide an example.

Our production DB started with a very old version of Magpie. Could it have happened since that time? In the very early days, those validation might possibly not exist?

The user with space in their is email is actually you :D I am guessing you must be one of the first users and your account most probably was created with the very first version of Magpie.

Anyways, it's good news that those validations are there now.