Bugfix, version bump

v0.30.7, nohook build Fixed a bug that could cause an ISE when some Entity was requested with ID===null Added database_version parameter to work around a DBAL issue (see doctrine/DoctrineBundle#351)
hexaaproject · Mar 30, 2017 · 94d33f1 · 94d33f1
1 parent 425c05b
commit 94d33f1
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 12 deletions.
diff --git a/app/config/config.yml b/app/config/config.yml
@@ -51,6 +51,7 @@ doctrine:
         dbname:   %database_name%
         user:     %database_user%
         password: %database_password%
+        server_version: %database_version%
         charset:  UTF8
         mapping_types:
             enum: string

diff --git a/app/config/parameters_dist.yml b/app/config/parameters_dist.yml
@@ -7,6 +7,11 @@ parameters:
     database_user:     someuser
     database_password: somepass
 
+    # The following version option is necessary, because due to a Doctrine DBAL bug we couldn't even create the database
+    # without it (and only get an error that the database does not exists so we could not create it)
+    # (see https://github.com/doctrine/DoctrineBundle/issues/351)
+    database_version:  5.5 # Should be a sensible default, but FIXME
+
     mailer_transport:  sendmail
     mailer_host:       ~
     mailer_user:       ~

diff --git a/src/Hexaa/ApiBundle/Controller/GlobalController.php b/src/Hexaa/ApiBundle/Controller/GlobalController.php
@@ -418,7 +418,7 @@ public function getPropertiesAction(
         $this->accesslog->info($loglbl . "Called by " . $p->getFedid());
 
         return array(
-          "version"                       => "0.30.6+nohook",
+          "version"                       => "0.30.7+nohook",
           "entitlement_base"              => $this->container->getParameter("hexaa_entitlement_uri_prefix"),
           "public_attribute_spec_enabled" => $this->container->getParameter("hexaa_public_attribute_spec_enabled")
         );

diff --git a/src/Hexaa/ApiBundle/EventListener/CheckPolicyListener.php b/src/Hexaa/ApiBundle/EventListener/CheckPolicyListener.php
@@ -265,7 +265,9 @@ private function checkPermission(Principal $p, $_controller, $request, $scopedKe
                     $this->idsToLog['organization'] = $request->request->get('organization');
 
                     return $this->isManagerOfOrganization($request->request->get('organization'), $p, $_controller,
-                        $scopedKey);
+                      $scopedKey,
+                      false
+                    );
                 } else {
                     return true;
                 } // Let validation handle it, it will fail anyway.
@@ -402,13 +404,15 @@ private function checkPermission(Principal $p, $_controller, $request, $scopedKe
                 if ($request->request->has('service')) {
                     $this->idsToLog['service'] = $request->request->get('service');
 
-                    return $this->isManagerOfService($request->request->get('service'), $p, $_controller, $scopedKey);
+                    return $this->isManagerOfService($request->request->get('service'), $p, $_controller, $scopedKey, false);
                 } else {
                     if ($request->request->has('organization')) {
                         $this->idsToLog['organization'] = $request->request->get('organization');
 
                         return $this->isManagerOfOrganization($request->request->get('organization'), $p, $_controller,
-                            $scopedKey);
+                          $scopedKey,
+                          false
+                        );
                     } else {
                         return true;
                     } // Let validation handle it, it will fail anyway.
@@ -536,13 +540,15 @@ private function checkPermission(Principal $p, $_controller, $request, $scopedKe
                 if ($request->request->has('service')) {
                     $this->idsToLog['service'] = $request->request->get('service');
 
-                    return $this->isManagerOfService($request->request->get('service'), $p, $_controller, $scopedKey);
+                    return $this->isManagerOfService($request->request->get('service'), $p, $_controller, $scopedKey, false);
                 } else {
                     if ($request->request->has('organization')) {
                         $this->idsToLog['organization'] = $request->request->get('organization');
 
                         return $this->isManagerOfOrganization($request->request->get('organization'), $p, $_controller,
-                            $scopedKey);
+                          $scopedKey,
+                          false
+                        );
                     } else {
                         return true;
                     } // Let validation handle it, it will fail anyway.
@@ -612,12 +618,17 @@ private function checkPermission(Principal $p, $_controller, $request, $scopedKe
         }
     }
 
-    private function isManagerOfService($id, Principal $p, $_controller, $scopedKey)
+    private function isManagerOfService($id, Principal $p, $_controller, $scopedKey, $strict = true)
     {
         if ($id instanceof Service) {
             $s = $id;
         } else {
-            $s = $this->eh->get('Service', $id, $_controller);
+            $s = $this->eh->get('Service', $id, $_controller, $strict);
+        }
+
+        if (!$strict && $s === null) {
+
+            return true; // This is to let the request fall through to validation
         }
 
         return ($s->hasManager($p) || $this->checkServiceInSecurityDomain($s, $scopedKey));
@@ -637,12 +648,17 @@ private function checkServiceInSecurityDomain(Service $service, $scopedKey)
         return ($sd >= 1);
     }
 
-    private function isManagerOfOrganization($id, Principal $p, $_controller, $scopedKey)
+    private function isManagerOfOrganization($id, Principal $p, $_controller, $scopedKey, $strict = true)
     {
         if ($id instanceof Organization) {
             $o = $id;
         } else {
-            $o = $this->eh->get('Organization', $id, $_controller);
+            $o = $this->eh->get('Organization', $id, $_controller, $strict);
+        }
+
+        if (!$strict && $o === null) {
+
+            return true; // This is to let the request fall through to validation
         }
 
         return ($o->hasManager($p) || $this->checkOrganizationInSecurityDomain($o, $scopedKey));

diff --git a/src/Hexaa/ApiBundle/Handler/EntityHandler.php b/src/Hexaa/ApiBundle/Handler/EntityHandler.php
@@ -39,9 +39,17 @@ public function __construct(EntityManager $em, Logger $errorlog)
         $this->errorlog = $errorlog;
     }
 
-    public function get($entityName = "EmptyName", $id = 0, $action = "EntityHandler")
+    public function get($entityName = "EmptyName", $id = null, $action = "EntityHandler", $strict = true)
     {
-        $obj = $this->em->getRepository('HexaaStorageBundle:' . $entityName)->find($id);
+        if ($id === null) {
+            $this->errorlog->error('[EntityHandler]'.$action.$entityName.' got NULL ID! This should not happen.');
+            if ($strict) {
+                throw new HttpException(404, $entityName.' not found');
+            } else {
+                return null;
+            }
+        }
+            $obj = $this->em->getRepository('HexaaStorageBundle:'.$entityName)->find($id);
         if (!$obj) {
             if (strstr($action, '[') === false && strstr($action, ']') === false) {
                 $action = '[' . $action . '] ';