Uploaded image for project: 'Couchbase Gateway'
  1. Couchbase Gateway
  2. CBG-3611

[3.1.4 Backport] PUT to _user/<username> does not override omitted fields

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 3.1.4
    • 3.1.2
    • App Services, SyncGateway
    • Security Level: Public
    • None
    • CBG Sprint 145
    • 1

    Description

      Updating an app user via the _user/<username> endpoint of the SGW admin API does not override omitted fields in the payload. This affects version 3.1.2, and seems to be a change in behaviour from 3.0.9. For example, with a user 'user', with access to * channel, and the following payload:

      {    "name": "user",    
      "admin_roles": ["role"]
      } 

      (notably omitting the admin_channels field) the user will have the role but no * access in 3.0.9, but in 3.1.2 will have both * access and the role. The same is true in the inverse case where the admin_roles field is omitted and the admin_channels field is provided - in 3.0.9 the omitted field will be overwritten but in 3.1.2 this field will NOT be overwritten.

       

      This bug was discovered in Capella App Services via the Capella QE testing pipeline and reproduced manually on Capella with server version 7.2.3

      Attachments

        Issue Links

          Activity

            People

              ben.brooks Ben Brooks
              ben.brooks Ben Brooks
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                PagerDuty