The project purpose is to develop a comprehensive, robust open source PLM (Product LifeCycle Management) solution.
GNU Affero General Public License v3.0
241
stars
98
forks
source link
Admin field in Http response has wrong value when an admin use /account/me [PUT] #1177
Closed
ludoBarel closed 6 years ago
when i've done PUT request with ' /account/me ' with an admin account, http response return a json which contain wrong value for admin field.
Execution Traces :
ADMIN AUTHENTICATION
$ curl -i --header "Content-Type: application/json" --request POST -k http://localhost:8080/eplmp-server-rest/api/auth/login --data '{"login":"root","password":"root"}'HTTP LOGS
HTTP/1.1 200 OK Server: Payara Server 4.1.2.181 #badassfish X-Powered-By: Servlet/3.1 JSP/2.3 (Payara Server 4.1.2.181 #badassfish Java/Oracle Corporation/1.8) Access-Control-Allow-Origin: * Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-accept-encoding, password Access-Control-Expose-Headers: jwt, x-archive-content-length, shared-entity-token, entity-token Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD Set-Cookie: JSESSIONID=369be31c32f617875c7e155f1176; Path=/eplmp-server-rest; HttpOnly jwt: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJsb2dpblwiOlwicm9vdFwiLFwiZ3JvdXBOYW1lXCI6XCJhZG1pblwifSIsImlhdCI6MTUzNDE2NTg5MiwiZXhwIjoxNTM0MTc2NjkyfQ.GxX0fJ2zqjPBKMZHG3uQvNJ8BIlXzCLWY8Th4ODd6c4 Content-Type: application/json Date: Mon, 13 Aug 2018 13:11:32 GMT Content-Length: 104 X-Frame-Options: SAMEORIGIN
JSON RESPONSE
{"admin":true,"email":"","enabled":true,"language":"fr","login":"root","name":"master","timeZone":"GMT"}UPDATE ADMIN ACCOUNT
$ curl -i -X PUT "http://localhost:8080/eplmp-server-rest/api/accounts/me" -H 'accept:application/json' -H 'Content-Type:application/json' -d '{"login": "admin","password": "root","name": "master","email": "","language": "fr","timeZone": "GMT","admin": true,"enabled": true,"newPassword": "root","providerId": 0}' -H 'authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJsb2dpblwiOlwicm9vdFwiLFwiZ3JvdXBOYW1lXCI6XCJhZG1pblwifSIsImlhdCI6MTUzNDE2NTg5MiwiZXhwIjoxNTM0MTc2NjkyfQ.GxX0fJ2zqjPBKMZHG3uQvNJ8BIlXzCLWY8Th4ODd6c4'HTTP LOGS
HTTP/1.1 200 OK Server: Payara Server 4.1.2.181 #badassfish X-Powered-By: Servlet/3.1 JSP/2.3 (Payara Server 4.1.2.181 #badassfish Java/Oracle Corporation/1.8) Access-Control-Allow-Origin: * Access-Control-Allow-Headers: origin, content-type, accept, authorization, x-accept-encoding, password Access-Control-Expose-Headers: jwt, x-archive-content-length, shared-entity-token, entity-token Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD Content-Type: application/json Date: Mon, 13 Aug 2018 13:11:46 GMT Content-Length: 105 X-Frame-Options: SAMEORIGIN
JSON RESPONSE
{"admin":false,"email":"","enabled":true,"language":"fr","login":"root","name":"master","timeZone":"GMT"}