You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
tried to add a new user to a resource, the resource has already granted access for the api-user and an group
What happened
we get the error message above: 400 The secrets of all the users having access to the resource are required
What you expected to happen
the new user should get access granted
we have got 2 permissions in the database for this record:
MariaDB [passboltdb]> select * from permissions where aco_foreign_key="b68f85d7-2963-4c1c-ba60-ab969a0a0354";
+--------------------------------------+----------+--------------------------------------+-------+--------------------------------------+------+---------------------+---------------------+
| id | aco | aco_foreign_key | aro | aro_foreign_key | type | created | modified |
+--------------------------------------+----------+--------------------------------------+-------+--------------------------------------+------+---------------------+---------------------+
| aa4ff85f-1cde-4015-bd32-eff9dcee7986 | Resource | b68f85d7-2963-4c1c-ba60-ab969a0a0354 | Group | e9f0ce33-7b52-4f67-b89a-d797e0c3c8ed | 15 | 2022-12-20 08:30:21 | 2022-12-20 08:30:21 |
| f99c7bff-0644-492c-8deb-a4e9cc273d4f | Resource | b68f85d7-2963-4c1c-ba60-ab969a0a0354 | User | fd848340-9168-46e7-b9c7-492946cefe2f | 15 | 2023-02-14 14:01:30 | 2023-02-14 14:01:30 |
+--------------------------------------+----------+--------------------------------------+-------+--------------------------------------+------+---------------------+---------------------+
when I try to add one more user I get this error (expanded the source code a little bit to see which ressource drops that error):
{
"code": 400,
"body": {
"secrets": {
"secrets_provided": "The secrets of all the users having access to the resource are required. recourse-id b68f85d7-2963-4c1c-ba60-ab969a0a0354 | usersIdsHavingAccess: ed7a9fde-c62b-4f36-8db1-dd7797b8595e !== usersIdsHavingASecret: "
}
}
}
So it seems that there is no secret for the user with the id ed7a9fde-c62b-4f36-8db1-dd7797b8595e
When I select that user from the secrets-table I see this:
MariaDB [passboltdb]> select id, user_id, resource_id from secrets where user_id="ed7a9fde-c62b-4f36-8db1-dd7797b8595e" and resource_id="b68f85d7-2963-4c1c-ba60-ab969a0a0354";
+--------------------------------------+--------------------------------------+--------------------------------------+
| id | user_id | resource_id |
+--------------------------------------+--------------------------------------+--------------------------------------+
| b63f6dfe-2485-424f-926e-740511fec842 | ed7a9fde-c62b-4f36-8db1-dd7797b8595e | b68f85d7-2963-4c1c-ba60-ab969a0a0354 |
+--------------------------------------+--------------------------------------+--------------------------------------+
In the data field there is a PGP-Message.
./bin/cake passbolt cleanup -> all OK
./bin/cake passbolt datacheck -> all OK
./bin/cake passbolt datacheck -> all OK
The text was updated successfully, but these errors were encountered:
we expanded the group "allgemein" after creating the records with two more users, maybere there is/was a bug and the system did not create those missing accounts when we added them to the group!?
secrets_provided
-- Operating system: Ubuntu 22.04
-- PHP: 8.1
-- Web server: nginx 1.18.0
-- Database server: mariadb 10.6.12
What you did
tried to add a new user to a resource, the resource has already granted access for the api-user and an group
What happened
we get the error message above: 400 The secrets of all the users having access to the resource are required
What you expected to happen
the new user should get access granted
we have got 2 permissions in the database for this record:
MariaDB [passboltdb]> select * from permissions where aco_foreign_key="b68f85d7-2963-4c1c-ba60-ab969a0a0354";
+--------------------------------------+----------+--------------------------------------+-------+--------------------------------------+------+---------------------+---------------------+
| id | aco | aco_foreign_key | aro | aro_foreign_key | type | created | modified |
+--------------------------------------+----------+--------------------------------------+-------+--------------------------------------+------+---------------------+---------------------+
| aa4ff85f-1cde-4015-bd32-eff9dcee7986 | Resource | b68f85d7-2963-4c1c-ba60-ab969a0a0354 | Group | e9f0ce33-7b52-4f67-b89a-d797e0c3c8ed | 15 | 2022-12-20 08:30:21 | 2022-12-20 08:30:21 |
| f99c7bff-0644-492c-8deb-a4e9cc273d4f | Resource | b68f85d7-2963-4c1c-ba60-ab969a0a0354 | User | fd848340-9168-46e7-b9c7-492946cefe2f | 15 | 2023-02-14 14:01:30 | 2023-02-14 14:01:30 |
+--------------------------------------+----------+--------------------------------------+-------+--------------------------------------+------+---------------------+---------------------+
when I try to add one more user I get this error (expanded the source code a little bit to see which ressource drops that error):
{
"code": 400,
"body": {
"secrets": {
"secrets_provided": "The secrets of all the users having access to the resource are required. recourse-id b68f85d7-2963-4c1c-ba60-ab969a0a0354 | usersIdsHavingAccess: ed7a9fde-c62b-4f36-8db1-dd7797b8595e !== usersIdsHavingASecret: "
}
}
}
So it seems that there is no secret for the user with the id ed7a9fde-c62b-4f36-8db1-dd7797b8595e
When I select that user from the secrets-table I see this:
MariaDB [passboltdb]> select id, user_id, resource_id from secrets where user_id="ed7a9fde-c62b-4f36-8db1-dd7797b8595e" and resource_id="b68f85d7-2963-4c1c-ba60-ab969a0a0354";
+--------------------------------------+--------------------------------------+--------------------------------------+
| id | user_id | resource_id |
+--------------------------------------+--------------------------------------+--------------------------------------+
| b63f6dfe-2485-424f-926e-740511fec842 | ed7a9fde-c62b-4f36-8db1-dd7797b8595e | b68f85d7-2963-4c1c-ba60-ab969a0a0354 |
+--------------------------------------+--------------------------------------+--------------------------------------+
In the data field there is a PGP-Message.
./bin/cake passbolt cleanup -> all OK
./bin/cake passbolt datacheck -> all OK
./bin/cake passbolt datacheck -> all OK
The text was updated successfully, but these errors were encountered: