grouper-users - RE: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege

From: Chris Hyzer <>
To: Brad Westness <>
Cc: "" <>
Subject: RE: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege
Date: Thu, 12 Jun 2014 17:15:22 +0000
Accept-language: en-US

It is a bug, I can give you a patch if you like...

-----Original Message-----
From: Brad Westness
[mailto:]

Sent: Thursday, June 12, 2014 1:14 PM
To: Chris Hyzer
Cc:

Subject: Re: [grouper-users] Issue with DeleteMembers web service when acting
as user with Update privilege

Ah yep, looks like if they're both an Updater and a Reader it does the
removal correctly. I'll have to follow up with my team to determine
if/how we want to implement this workaround.

Thanks,

--
Brad Westness
Web Applications Developer
University of Wisconsin | DoIT | Web and Mobile Solutions (WaMS)
608.890.3934

On Thursday, June 12, 2014 12:00:36 PM, Chris Hyzer wrote:
> Yeah, probably, what happens if the Updater is also a Reader? JOr will
> that not work for you?
>
> Thanks,
>
> Chris
>
> *From:*
> [mailto:]
> *On Behalf Of *Brad Westness
> *Sent:* Thursday, June 12, 2014 12:57 PM
> *To:*
>
> *Subject:* [grouper-users] Issue with DeleteMembers web service when
> acting as user with Update privilege
>
> Hello,
>
> I'm receiving a result code of "SUCCESS_WASNT_IMMEDIATE" when
> attempting to remove members from a group while acting as a user that
> is in the Updater privilege for the group (with no other privileges).
> The member I'm attempting to remove /is/ a direct member, verified
> through the Grouper UI.
>
> Here's the request I'm sending:
>
> POST:
> /grouper-ws/servicesRest/v2_1_5/groups/u%3anetid%3adaconner%3aa_update_only/members
>
> {
> "WsRestDeleteMemberRequest": {
> "actAsSubjectLookup": {
> "subjectId": "000000001518"
> },
> "subjectLookups": [
> {
> "subjectId": "000000001084"
> }
> ]
> }
> }
>
>
> And here's the response:
>
> {
> "WsDeleteMemberResults": {
> "responseMetadata": {
> "millis": "43",
> "serverVersion": "2.1.5"
> },
> "resultMetadata": {
> "resultCode": "SUCCESS",
> "resultMessage": "Success for: clientVersion: 2.1.5,
> wsGroupLookup:
> WsGroupLookup[pitGroups=[],groupName=u:netid:daconner:a_update_only],
> subjectLookups: Array size: 1: [0]:
> WsSubjectLookup[subjectId=000000001084]\n\n, actAsSubject:
> WsSubjectLookup[subjectId=000000001518], fieldName: null, txType:
> NONE\n, params: null",
> "success": "T"
> },
> "results": [
> {
> "resultMetadata": {
> "resultCode": "SUCCESS_WASNT_IMMEDIATE",
> "success": "T"
> },
> "wsSubject": {
> "id": "000000001084",
> "name": "MICHAEL TESSMER",
> "resultCode": "SUCCESS",
> "sourceId": "jdbc",
> "success": "T"
> }
> }
> ],
> "wsGroup": {
> "description": "a_update_only",
> "displayExtension": "a_update_only",
> "displayName": "u:netid:daconner:a_update_only",
> "extension": "a_update_only",
> "name": "u:netid:daconner:a_update_only",
> "typeOfGroup": "group",
> "uuid": "749909f32e364c6eb08ce6a679e622a2"
> }
> }
> }
>
> Meanwhile, if I add the same member to a group of which the
> "actAsSubject" user has the Admin privilege, it works:
>
> Request:
>
> POST:
> /grouper-ws/servicesRest/v2_1_5/groups/u%3anetid%3adaconner%3aa_admin_only/members
>
> {
> "WsRestDeleteMemberRequest": {
> "actAsSubjectLookup": {
> "subjectId": "000000001518"
> },
> "subjectLookups": [
> {
> "subjectId": "000000001084"
> }
> ]
> }
> }
>
> Response:
> {
> "WsDeleteMemberResults": {
> "responseMetadata": {
> "millis": "127",
> "serverVersion": "2.1.5"
> },
> "resultMetadata": {
> "resultCode": "SUCCESS",
> "resultMessage": "Success for: clientVersion: 2.1.5,
> wsGroupLookup:
> WsGroupLookup[pitGroups=[],groupName=u:netid:daconner:a_admin_only],
> subjectLookups: Array size: 1: [0]:
> WsSubjectLookup[subjectId=000000001084]\n\n, actAsSubject:
> WsSubjectLookup[subjectId=000000001518], fieldName: null, txType:
> NONE\n, params: null",
> "success": "T"
> },
> "results": [
> {
> "resultMetadata": {
> "resultCode": "SUCCESS",
> "success": "T"
> },
> "wsSubject": {
> "id": "000000001084",
> "name": "MICHAEL TESSMER",
> "resultCode": "SUCCESS",
> "sourceId": "jdbc",
> "success": "T"
> }
> }
> ],
> "wsGroup": {
> "description": "a_admin_only",
> "displayExtension": "a_admin_only",
> "displayName": "u:netid:daconner:a_admin_only",
> "extension": "a_admin_only",
> "name": "u:netid:daconner:a_admin_only",
> "typeOfGroup": "group",
> "uuid": "e4aeb1d4d86b4f82815eabdb0b00e0b0"
> }
> }
> }
>
> I've tried using the DeleteMemberLite service too, with the same
> results. Is this a bug?
>
> Thanks,
>
> --
> Brad Westness
> Web Applications Developer
> University of Wisconsin | DoIT | Web and Mobile Solutions (WaMS)
> 608.890.3934
>

[grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege, Brad Westness, 06/12/2014
- RE: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege, Chris Hyzer, 06/12/2014
  - Re: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege, Brad Westness, 06/12/2014
    - RE: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege, Chris Hyzer, 06/12/2014
      - Re: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege, Brad Westness, 06/12/2014
        
        RE: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege, Chris Hyzer, 06/23/2014

List archive

RE: [grouper-users] Issue with DeleteMembers web service when acting as user with Update privilege