Closed Berthe01 closed 2 months ago
Hello,
i have same problem. If i create Entity from api this Entity is not displayed and usable in Entity.php.
But the data is in database
It is expected that you wouldn't be able to see/access entities created outside of your current session until you log out and back in due to how your available entities are cached in your session. When you create an entity, the cache is updated but that only affects your current session.
You may also simply switch profiles or entities to trigger an update of the cache if you wish to keep the same login session.
Hello cconard96,
I'm ok with your answer for step 3, but if I understand correctly, it remains a bug as I should be able to find the Entity at step 5. and 6. because I still use the same SessionToken that has been used to create the Entity.
It looks like the reason why it doesn't work when you share the same session token between the API and web is that the API will close the session early in the request in every case that tries to use sessions. This means that changes to the session after that are not persisted. The entity cache(s) should indeed be updated when creating an entity in the API, but that state is not saved.
REST is supposed to be stateless. I think sharing a session between the web and API would be considered undefined behavior for things that rely on information cached in the session.
Hi,
I do not share the same Session token between GUI and API.
If you remove the GUI steps of issue, my main problem is that when I create an Entity using the API I can't get it in the same session. I must renew my session token to be able to get it.
When I wrote "using the same session token" I mean the same used to create the Entity via API.
Le sam. 1 juil. 2023 à 00:53, Curtis Conard @.***> a écrit :
It looks like the reason why it doesn't work when you share the same session token between the API and web is that the API will close the session early in the request in every case that tries to use sessions. This means that changes to the session after that are not persisted. The entity cache(s) should indeed be updated when creating an entity in the API, but that state is not saved.
REST is supposed to be stateless. I think sharing a session between the web and API would be considered undefined behavior for things that rely on information cached in the session.
— Reply to this email directly, view it on GitHub https://github.com/glpi-project/glpi/issues/14971#issuecomment-1615258141, or unsubscribe https://github.com/notifications/unsubscribe-auth/A7XODA4C6EVE56CAVP3JFWDXN5KFHANCNFSM6AAAAAAZOLEBHM . You are receiving this because you authored the thread.Message ID: @.***>
For some (undefined) part of GLPI, yes, it's required to logout/login again for everything to work. This is an historical behavior, that's why it's impossible to tell what is impacted, but I won't be surprised entites are impacted.
Since API is just using same code as UI in the background, the "limitation" do exists here too.
But in the code, it may be a bit hard to really change that.
As long as the legacy API uses sessions, I think this is just going to be a quirk of it unless the session is completely reset before somehow restoring the previously chosen active entity and active profile. The new API (High-Level API) will not have this issue at all since each request is separate.
So I guess we can assume this is already fixes in GLPI 11 with the new API?
Unless someone thinks the legacy API should have a behavior change introduced... GLPI 11.0 will give users a way to create entities and use them seamlessly since each request is effectively a new session, so I would be OK calling this issue fixed in the next version.
Code of Conduct
Is there an existing issue for this?
Version
10.0.7
Bug description
As mentionned in a previous issue : https://github.com/glpi-project/glpi/issues/6681
When creating an Entity via REST API, it impossible to get it in the same API session.
-> ERROR_RIGHT_MISSING.
Moreover, if a user was logged in web UI, he see the Entity in the UI, but can't access to details or modify it with the same error.
Relevant log output
No response
Page URL
{{APIUrl}}/Entity/{{EntityID}} & {{WebUiURL}}/front/entity.form.php?id={{EntityID}
Steps To reproduce
Your GLPI setup information
Informations sur le système, l'installation et la configuration
Server