Closed ludoBarel closed 6 years ago
When i've tried to up to date the admin account, i've noticed than the admin field got a wrong value. In fact the connected user was admin but in http response i saw than admin field had 'false' as value.
Execution Traces :
$ curl -i --header "Content-Type: application/json" --request POST -k http://localhost:8080/eplmp-server-rest/api/auth/login --data '{"login":"master","password":"root"}'
HTTP/1.1 200 OK Server: Payara Server 4.1.2.181 #badassfish X-Powered-By: Servlet/3.1 JSP/2.3 (Payara Server 4.1.2.181 #badassfish Java/Oracle Corporation/1.8) Access-Control-Allow-Origin: * Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-accept-encoding, password Access-Control-Expose-Headers: jwt, x-archive-content-length, shared-entity-token, entity-token Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD Set-Cookie: JSESSIONID=39161e81ab6bad375325208c42f0; Path=/eplmp-server-rest; HttpOnly jwt: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJsb2dpblwiOlwibWFzdGVyXCIsXCJncm91cE5hbWVcIjpcImFkbWluXCJ9IiwiaWF0IjoxNTMzOTAwMDU1LCJleHAiOjE1MzM5MTA4NTV9.nx24E95JNusYg3k5qIp5FDsrAwrl5i5AI-ZlZl2E2P4 Content-Type: application/json Date: Fri, 10 Aug 2018 11:20:55 GMT Content-Length: 106 X-Frame-Options: SAMEORIGIN
{"admin":true,"email":"","enabled":true,"language":"fr","login":"master","name":"master","timeZone":"GMT"}
$ curl -i X PUT "http://localhost:8080/eplmp-server-rest/api/admin/accounts" -H 'accept:application/json' -H 'Content-Type:application/json' -d '{"login": "master","password": "root","name": "master","email": "","language": "fr","timeZone": "GMT","admin": true,"enabled": true,"newPassword": "root","providerId": 0}' -H 'authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJsb2dpblwiOlwibWFzdGVyXCIsXCJncm91cE5hbWVcIjpcImFkbWluXCJ9IiwiaWF0IjoxNTMzOTAwMDU1LCJleHAiOjE1MzM5MTA4NTV9.nx24E95JNusYg3k5qIp5FDsrAwrl5i5AI-ZlZl2E2P4'`
HTTP/1.1 200 OK Server: Payara Server 4.1.2.181 #badassfish X-Powered-By: Servlet/3.1 JSP/2.3 (Payara Server 4.1.2.181 #badassfish Java/Oracle Corporation/1.8) Access-Control-Allow-Origin: * Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-accept-encoding, password Access-Control-Expose-Headers: jwt, x-archive-content-length, shared-entity-token, entity-token Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD Content-Type: application/json Date: Fri, 10 Aug 2018 11:21:11 GMT Content-Length: 107 X-Frame-Options: SAMEORIGIN
{"admin":false,"email":"","enabled":true,"language":"fr","login":"master","name":"master","timeZone":"GMT"}
When i've tried to up to date the admin account, i've noticed than the admin field got a wrong value. In fact the connected user was admin but in http response i saw than admin field had 'false' as value.
Execution Traces :
Connection as Admin
$ curl -i --header "Content-Type: application/json" --request POST -k http://localhost:8080/eplmp-server-rest/api/auth/login --data '{"login":"master","password":"root"}'
HTTP/1.1 200 OK Server: Payara Server 4.1.2.181 #badassfish X-Powered-By: Servlet/3.1 JSP/2.3 (Payara Server 4.1.2.181 #badassfish Java/Oracle Corporation/1.8) Access-Control-Allow-Origin: * Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-accept-encoding, password Access-Control-Expose-Headers: jwt, x-archive-content-length, shared-entity-token, entity-token Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD Set-Cookie: JSESSIONID=39161e81ab6bad375325208c42f0; Path=/eplmp-server-rest; HttpOnly jwt: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJsb2dpblwiOlwibWFzdGVyXCIsXCJncm91cE5hbWVcIjpcImFkbWluXCJ9IiwiaWF0IjoxNTMzOTAwMDU1LCJleHAiOjE1MzM5MTA4NTV9.nx24E95JNusYg3k5qIp5FDsrAwrl5i5AI-ZlZl2E2P4 Content-Type: application/json Date: Fri, 10 Aug 2018 11:20:55 GMT Content-Length: 106 X-Frame-Options: SAMEORIGIN
JSON Response
{"admin":true,"email":"","enabled":true,"language":"fr","login":"master","name":"master","timeZone":"GMT"}
Ask for update
$ curl -i X PUT "http://localhost:8080/eplmp-server-rest/api/admin/accounts" -H 'accept:application/json' -H 'Content-Type:application/json' -d '{"login": "master","password": "root","name": "master","email": "","language": "fr","timeZone": "GMT","admin": true,"enabled": true,"newPassword": "root","providerId": 0}' -H 'authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJsb2dpblwiOlwibWFzdGVyXCIsXCJncm91cE5hbWVcIjpcImFkbWluXCJ9IiwiaWF0IjoxNTMzOTAwMDU1LCJleHAiOjE1MzM5MTA4NTV9.nx24E95JNusYg3k5qIp5FDsrAwrl5i5AI-ZlZl2E2P4'`
HTTP/1.1 200 OK Server: Payara Server 4.1.2.181 #badassfish X-Powered-By: Servlet/3.1 JSP/2.3 (Payara Server 4.1.2.181 #badassfish Java/Oracle Corporation/1.8) Access-Control-Allow-Origin: * Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-accept-encoding, password Access-Control-Expose-Headers: jwt, x-archive-content-length, shared-entity-token, entity-token Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD Content-Type: application/json Date: Fri, 10 Aug 2018 11:21:11 GMT Content-Length: 107 X-Frame-Options: SAMEORIGIN
JSON response
{"admin":false,"email":"","enabled":true,"language":"fr","login":"master","name":"master","timeZone":"GMT"}