search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
748 stars 727 forks source link

Getting error on roles page in non super tenant console #17373

Open ThaminduR opened 1 year ago

ThaminduR commented 1 year ago

Describe the issue:

Following error can be seen in the server logs when trying to create a role in through non super tenant console. 

[2023-10-30 09:45:48,745] [93673f7b-cf7a-4e6b-a17d-2515d2b0a58e] ERROR {org.wso2.charon3.core.protocol.endpoints.AbstractResourceManager} - Error occurred while listing roles based on the search filter: name eq Or and audienceId eq 5403ffc9-3e0a-443c-9710-ccfbd273491b org.wso2.charon3.core.exceptions.CharonException: Error occurred while listing roles based on the search filter: name eq Or and audienceId eq 5403ffc9-3e0a-443c-9710-ccfbd273491b
    at org.wso2.carbon.identity.scim2.common.impl.SCIMRoleManagerV2.filterRolesByAttributes(SCIMRoleManagerV2.java:437)
    at org.wso2.carbon.identity.scim2.common.impl.SCIMRoleManagerV2.filterRoles(SCIMRoleManagerV2.java:408)
    at org.wso2.carbon.identity.scim2.common.impl.SCIMRoleManagerV2.listRolesWithGET(SCIMRoleManagerV2.java:297)
    at org.wso2.charon3.core.protocol.endpoints.RoleResourceV2Manager.listWithGETRole(RoleResourceV2Manager.java:175)
    at org.wso2.carbon.identity.scim2.provider.resources.RoleResourceV2.getRoles(RoleResourceV2.java:165)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179)
    at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
-----
-----
Caused by: org.wso2.carbon.identity.role.v2.mgt.core.exception.IdentityRoleManagementClientException: Invalid filter
    at org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementServiceImpl.getExpressionNodes(RoleManagementServiceImpl.java:757)
    at org.wso2.carbon.identity.role.v2.mgt.core.RoleManagementServiceImpl.getRoles(RoleManagementServiceImpl.java:173)
    at org.wso2.carbon.identity.scim2.common.impl.SCIMRoleManagerV2.filterRolesByAttributes(SCIMRoleManagerV2.java:434)
    ... 59 more
~
~

How to reproduce:

ThaminduR commented 1 year ago

This is reproducible when the role name is Or. Filter query will then contain the or value and from the backend it seems to be getting treated as an OR operation. Hence this is a backend issue.