Check for null when retrieving user's accessGroups.
Summary
If a user has no access groups in the LDAP/Keycloak, the backend will crash trying to concat() its access groups with its email.
Steps to Reproduce
Add a user with no access groups and try to log into SciCat.
Current Behaviour
Backend crashes.
Expected Behaviour
Set the accessGroups to an empty array.
Extra Details
Here you should include details about the system (if it is unique) and possible information about a fix (feel free to link to code where relevant). Screenshots/GIFs are also fine here.
User without any access groups.
TypeError: Cannot read properties of undefined (reading 'concat')
at /home/node/app/server/boot/0-script.js:165:47
at /home/node/app/node_modules/loopback-datasource-juggler/lib/dao.js:1802:5
at /home/node/app/node_modules/loopback-datasource-juggler/lib/dao.js:1737:9
at /home/node/app/node_modules/async/dist/async.js:1143:9
at /home/node/app/node_modules/async/dist/async.js:473:16
at iteratorCallback (/home/node/app/node_modules/async/dist/async.js:1067:13)
at /home/node/app/node_modules/async/dist/async.js:972:16
at /home/node/app/node_modules/async/dist/async.js:1140:13
at buildResult (/home/node/app/node_modules/loopback-datasource-juggler/lib/dao.js:1703:11)
at /home/node/app/node_modules/loopback-datasource-juggler/lib/dao.js:1717:13
at doNotify (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:155:49)
at doNotify (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:155:49)
at doNotify (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:155:49)
at doNotify (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:155:49)
at Function.ObserverMixin._notifyBaseObservers (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:178:5)
at Function.ObserverMixin.notifyObserversOf (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:153:8)
at Function.ObserverMixin._notifyBaseObservers (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:176:15)
at Function.ObserverMixin.notifyObserversOf (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:153:8)
at Function.ObserverMixin._notifyBaseObservers (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:176:15)
at Function.ObserverMixin.notifyObserversOf (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:153:8)
at Function.ObserverMixin._notifyBaseObservers (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:176:15)
at Function.ObserverMixin.notifyObserversOf (/home/node/app/node_modules/loopback-datasource-juggler/lib/observer.js:153:8)
Possible fix in 0-script.js:165:
ctx.args.options.currentUserEmail =
u.profile.email;
- groups = u.profile.accessGroups.concat(u.profile.email);
+ if (u.profile.accessGroups) {
+ groups = u.profile.accessGroups.concat(u.profile.email);
+ }
// check if a normal user or an internal ROLE
if (typeof groups === "undefined") {
groups = [];
Issue Name
Check for
null
when retrieving user'saccessGroups
.Summary
If a user has no access groups in the LDAP/Keycloak, the backend will crash trying to
concat()
its access groups with its email.Steps to Reproduce
Add a user with no access groups and try to log into SciCat.
Current Behaviour
Backend crashes.
Expected Behaviour
Set the
accessGroups
to an empty array.Extra Details
Here you should include details about the system (if it is unique) and possible information about a fix (feel free to link to code where relevant). Screenshots/GIFs are also fine here.
User without any access groups.
Possible fix in
0-script.js:165
: