[
https://issues.apache.org/jira/browse/SYNCOPE-1980?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francesco Chicchiriccò resolved SYNCOPE-1980.
---------------------------------------------
Resolution: Fixed
Thank you [~ozimakov]
> Audit history diff is always empty: entity deserialization fails under
> Jackson 3
> --------------------------------------------------------------------------------
>
> Key: SYNCOPE-1980
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1980
> Project: Syncope
> Issue Type: Bug
> Components: console
> Affects Versions: 5.0.0
> Reporter: Oleg Zimakov
> Assignee: Francesco Chicchiriccò
> Priority: Major
> Fix For: 5.0.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> The per-entity "Audit History" modal in the admin console (User / Group / Any
> Object / Realm / Policy -> View Audit History) never renders a JSON diff:
> both the "previous" and "after" panes are always empty, regardless of which
> versions are selected.
> h3. Steps to reproduce
> # Enable audit confs, e.g. \{{[LOGIC]:[UserLogic]:[]:[create]:[SUCCESS]}} and
> \{{[LOGIC]:[UserLogic]:[]:[update]:[SUCCESS]}} (Configuration -> Audit).
> # Create a user, then update one of its attributes (e.g. fullname) so at
> least two audit versions exist.
> # Open the user's "View Audit History" modal.
> # Select the create version on the left and the update version on the right.
> h3. Expected
> Both panes show the entity JSON and the changed attribute is highlighted.
> h3. Actual
> Both panes are empty (only the line-number gutter is shown); no diff is
> rendered for any combination of selected versions.
> h3. Root cause
> {\{org.apache.syncope.client.console.audit.AuditHistoryDetails#toJSON}}
> deserializes the audited entity with an untyped reader:
> {code:java}
> T entity = MAPPER.reader().
> with(StreamReadFeature.STRICT_DUPLICATE_DETECTION).
> readValue(content);
> {code}
> Under Jackson 3 an ObjectReader with no configured value type throws:
> {code}
> tools.jackson.databind.exc.InvalidDefinitionException: No value type
> configured for ObjectReader
> {code}
> The exception is caught and logged by the surrounding try/catch ("While
> (de)serializing entity ..."), and toJSON returns an empty Model, so the
> failure is silent in the UI and only visible in the console log. The diff is
> therefore always empty.
> This is a regression from the Jackson 2 -> 3 migration (jackson 3.0.3,
> \{{tools.jackson.*}}): Jackson 2's \{{mapper.reader()}} tolerated a missing
> root type, while Jackson 3 requires one.
> h3. Suggested fix
> Deserialize into the concrete type of the entity, which the panel already
> holds as \{{currentEntity}}:
> {code:java}
> @SuppressWarnings("unchecked")
> T entity = (T) MAPPER.readerFor(currentEntity.getClass()).
> with(StreamReadFeature.STRICT_DUPLICATE_DETECTION).
> readValue(content);
> {code}
> With the concrete type, the JSON's \{{_class}} is consumed as an ordinary
> property and the entity deserializes correctly for
> User/Group/AnyObject/Realm/Policy. Verified locally on the standalone (H2)
> distribution: the diff renders and the InvalidDefinitionException no longer
> appears in the console log.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
