search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
746 stars 724 forks source link

Internal server error when attempting to rename a group to an existing group name #19845

Closed Lakshan-Banneheke closed 7 months ago

Lakshan-Banneheke commented 7 months ago

Describe the issue: When attempting to rename a group to an existing group name from the API, a 500 internal server error is occuring. There is a FE validation to prevent this, but it can be executed using the below API call.

curl --location --request PATCH 'https://localhost:9443/t/carbon.super/scim2/Groups/cfad18fe-95ae-464e-95b7-ed9ed3da98e2' \
--header 'Access-Control-Allow-Origin: https://localhost:9443/t/carbon.super/console' \
--header 'Accept: application/json, text/plain, */*' \
--header 'Referer;' \
--header 'Authorization: Basic <token>' \
--header 'Content-Type: application/json' \
--data '{"Operations":[{"op":"replace","path":"displayName","value":"abc"}],"schemas":["urn:ietf:params:scim:api:messages:2.0:PatchOp"]}'

The following internal server error is thrown.

[2024-02-26 14:08:50,425] [782fa402-c7db-4842-9309-253af0f1ee43] ERROR {org.wso2.carbon.identity.scim2.common.impl.SCIMUserManager} - Role name: Engineer in the system. Please pick another role name. org.wso2.carbon.user.core.UserStoreException: Role name: Engineer in the system. Please pick another role name.
    at org.wso2.carbon.user.core.common.AbstractUserStoreManager.callSecure(AbstractUserStoreManager.java:261)
    at org.wso2.carbon.user.core.common.AbstractUserStoreManager.renameGroup(AbstractUserStoreManager.java:17853)
    at org.wso2.carbon.identity.scim2.common.impl.SCIMUserManager.doUpdateGroup(SCIMUserManager.java:3616)
    at org.wso2.carbon.identity.scim2.common.impl.SCIMUserManager.updateGroup(SCIMUserManager.java:3540)
    at org.wso2.charon3.core.protocol.endpoints.GroupResourceManager.updateWithPUT(GroupResourceManager.java:567)
    at org.wso2.carbon.identity.scim2.provider.resources.GroupResource.processRequest(GroupResource.java:469)
    at org.wso2.carbon.identity.scim2.provider.resources.GroupResource.updateGroup(GroupResource.java:356)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    .
    .
    .

How to reproduce: Execute the above API call by using the name of a group which already exists

Expected behavior: A 409 response should be sent back to the user and no errors should be thrown in the server

Environment information (Please complete the following information; remove any unnecessary fields) :

UdeshAthukorala commented 7 months ago

After the fix we are receiving below error response.


      "schemas": [
          "urn:ietf:params:scim:api:messages:2.0:Error"
      ],
      "detail": "Group name: ballers is already there in the system. Please pick another group name.",
      "status": "409"
      }