Grouper Users - Open Discussion List

[Chris Hyzer <>]

Yeah, probably, what happens if the Updater is also a Reader?  J Or will that not work for you?

 

Thanks,

Chris

 

From: [mailto:] On Behalf Of Brad Westness
Sent: Thursday, June 12, 2014 12:57 PM
To:
Subject: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege

 

Hello,

I'm receiving a result code of "SUCCESS_WASNT_IMMEDIATE" when attempting to remove members from a group while acting as a user that is in the Updater privilege for the group (with no other privileges). The member I'm attempting to remove is a direct member, verified through the Grouper UI.

Here's the request I'm sending:

POST: /grouper-ws/servicesRest/v2_1_5/groups/u%3anetid%3adaconner%3aa_update_only/members

{
  "WsRestDeleteMemberRequest": {
    "actAsSubjectLookup": {
      "subjectId": "000000001518"
    },
    "subjectLookups": [
      {
        "subjectId": "000000001084"
      }
    ]
  }
}


And here's the response:

{
  "WsDeleteMemberResults": {
    "responseMetadata": {
      "millis": "43",
      "serverVersion": "2.1.5"
    },
    "resultMetadata": {
      "resultCode": "SUCCESS",
      "resultMessage": "Success for: clientVersion: 2.1.5, wsGroupLookup: WsGroupLookup[pitGroups=[],groupName=u:netid:daconner:a_update_only], subjectLookups: Array size: 1: [0]: WsSubjectLookup[subjectId=000000001084]\n\n, actAsSubject: WsSubjectLookup[subjectId=000000001518], fieldName: null, txType: NONE\n, params: null",
      "success": "T"
    },
    "results": [
      {
        "resultMetadata": {
          "resultCode": "SUCCESS_WASNT_IMMEDIATE",
          "success": "T"
        },
        "wsSubject": {
          "id": "000000001084",
          "name": "MICHAEL TESSMER",
          "resultCode": "SUCCESS",
          "sourceId": "jdbc",
          "success": "T"
        }
      }
    ],
    "wsGroup": {
      "description": "a_update_only",
      "displayExtension": "a_update_only",
      "displayName": "u:netid:daconner:a_update_only",
      "extension": "a_update_only",
      "name": "u:netid:daconner:a_update_only",
      "typeOfGroup": "group",
      "uuid": "749909f32e364c6eb08ce6a679e622a2"
    }
  }
}

Meanwhile, if I add the same member to a group of which the "actAsSubject" user has the Admin privilege, it works:

Request:

POST: /grouper-ws/servicesRest/v2_1_5/groups/u%3anetid%3adaconner%3aa_admin_only/members

{
  "WsRestDeleteMemberRequest": {
    "actAsSubjectLookup": {
      "subjectId": "000000001518"
    },
    "subjectLookups": [
      {
        "subjectId": "000000001084"
      }
    ]
  }
}

Response:
{
  "WsDeleteMemberResults": {
    "responseMetadata": {
      "millis": "127",
      "serverVersion": "2.1.5"
    },
    "resultMetadata": {
      "resultCode": "SUCCESS",
      "resultMessage": "Success for: clientVersion: 2.1.5, wsGroupLookup: WsGroupLookup[pitGroups=[],groupName=u:netid:daconner:a_admin_only], subjectLookups: Array size: 1: [0]: WsSubjectLookup[subjectId=000000001084]\n\n, actAsSubject: WsSubjectLookup[subjectId=000000001518], fieldName: null, txType: NONE\n, params: null",
      "success": "T"
    },
    "results": [
      {
        "resultMetadata": {
          "resultCode": "SUCCESS",
          "success": "T"
        },
        "wsSubject": {
          "id": "000000001084",
          "name": "MICHAEL TESSMER",
          "resultCode": "SUCCESS",
          "sourceId": "jdbc",
          "success": "T"
        }
      }
    ],
    "wsGroup": {
      "description": "a_admin_only",
      "displayExtension": "a_admin_only",
      "displayName": "u:netid:daconner:a_admin_only",
      "extension": "a_admin_only",
      "name": "u:netid:daconner:a_admin_only",
      "typeOfGroup": "group",
      "uuid": "e4aeb1d4d86b4f82815eabdb0b00e0b0"
    }
  }
}

I've tried using the DeleteMemberLite service too, with the same results. Is this a bug?

Thanks,

--
Brad Westness
Web Applications Developer
University of Wisconsin | DoIT | Web and Mobile Solutions (WaMS)
608.890.3934