AnsweredAssumed Answered

Folder predicate works only for existing folders?

Question asked by stephan.burkard on Jan 13, 2017
Latest reply on Jan 18, 2017 by stephan.burkard

Hi 

When I install bundles through the REST API of the gateway, it is usually no problem to reference an object that is created in the same bundle

 

But the folder predicate seems to be an exception here. I get the following error from the gateway when I try to create a role with a folder predicate that points to a folder that is created in the same bundle. 

<l7:Error xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
    <l7:Type>InvalidResource</l7:Type>
    <l7:TimeStamp>2017-01-13T12:40:56.642+01:00</l7:TimeStamp>
    <l7:Link rel="self" uri="http://entx-svl-a-on-l01.visana.ch:8080/restman/1.0/bundle"/>
    <l7:Detail>Resource validation failed due to 'INVALID_VALUES' Could not find entity: Cannot find folder with id: 50b7b02c9d9c46ca8403b2ea40e72296</l7:Detail>
</l7:Error>

 

Here is an example bundle that creates a folder and a role that has multiple references to the folder in the same bundle: 

  • The first reference (EntityFolderAncestryPredicate) works 
  • The second reference (ObjectIdentityPredicate) works
  • The third and fourth (FolderPredicate) are resulting in the above error message
<l7:Bundle xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management" xmlns:setup="http://ns.visana.ch/integration/layer7/management">
   <l7:References>
      <l7:Item>
         <l7:Name>testFolder</l7:Name>
         <l7:Id>50b7b02c9d9c46ca8403b2ea40e72296</l7:Id>
         <l7:Type>FOLDER</l7:Type>
         <l7:Resource>
            <l7:Folder folderId="0000000000000000ffffffffffffec76"
                       id="50b7b02c9d9c46ca8403b2ea40e72296">

               <l7:Name>testFolder</l7:Name>
            </l7:Folder>
         </l7:Resource>
      </l7:Item>
      <l7:Item>
         <l7:Name/>
         <l7:Id>d57d96cbd354452fb97687ec395c0e1f</l7:Id>
         <l7:Type>RBAC_ROLE</l7:Type>
         <l7:Resource>
            <l7:Role id="d57d96cbd354452fb97687ec395c0e1f">
               <l7:name>testRole</l7:name>
               <l7:description>Has a reference to a folder</l7:description>
               <l7:userCreated>true</l7:userCreated>
               <l7:permissions>
            <!-- works fine -->
                  <l7:permission id="a1acd531badb40c98326bd7dcccec1b0">
                     <l7:operationType>READ</l7:operationType>
                     <l7:entityType>FOLDER</l7:entityType>
                     <l7:predicates>
                        <l7:predicate id="43931e1b47eb444493c91b7a23204120">
                           <l7:type>EntityFolderAncestryPredicate</l7:type>
                           <l7:Properties>
                              <l7:Property key="entityId">
                                 <l7:StringValue>50b7b02c9d9c46ca8403b2ea40e72296</l7:StringValue>
                              </l7:Property>
                              <l7:Property key="entityType">
                                 <l7:StringValue>FOLDER</l7:StringValue>
                              </l7:Property>
                           </l7:Properties>
                        </l7:predicate>
                     </l7:predicates>
                  </l7:permission>
                      <!-- works fine -->
                  <l7:permission id="a1acd531badb40c98326bd7dcccec1b1">
                     <l7:operationType>READ</l7:operationType>
                     <l7:entityType>FOLDER</l7:entityType>
                     <l7:predicates>
                        <l7:predicate id="43931e1b47eb444493c91b7a23204121">
                           <l7:type>ObjectIdentityPredicate</l7:type>
                           <l7:Properties>
                              <l7:Property key="entityId">
                                 <l7:StringValue>50b7b02c9d9c46ca8403b2ea40e72296</l7:StringValue>
                              </l7:Property>
                           </l7:Properties>
                        </l7:predicate>
                     </l7:predicates>
                  </l7:permission>
                      <!-- does NOT work -->
                  <l7:permission id="a1acd531badb40c98326bd7dcccec1b2">
                     <l7:operationType>READ</l7:operationType>
                     <l7:entityType>FOLDER</l7:entityType>
                     <l7:predicates>
                        <l7:predicate id="43931e1b47eb444493c91b7a23204122">
                           <l7:type>FolderPredicate</l7:type>
                           <l7:Properties>
                              <l7:Property key="folderId">
                                 <l7:StringValue>50b7b02c9d9c46ca8403b2ea40e72296</l7:StringValue>
                              </l7:Property>
                              <l7:Property key="transitive">
                                 <l7:StringValue>true</l7:StringValue>
                              </l7:Property>
                           </l7:Properties>
                        </l7:predicate>
                     </l7:predicates>
                  </l7:permission>
                      <!-- does NOT work -->
                  <l7:permission id="a1acd531badb40c98326bd7dcccec1b3">
                     <l7:operationType>READ</l7:operationType>
                     <l7:entityType>SERVICE</l7:entityType>
                     <l7:predicates>
                        <l7:predicate id="43931e1b47eb444493c91b7a23204123">
                           <l7:type>FolderPredicate</l7:type>
                           <l7:Properties>
                              <l7:Property key="folderId">
                                 <l7:StringValue>50b7b02c9d9c46ca8403b2ea40e72296</l7:StringValue>
                              </l7:Property>
                              <l7:Property key="transitive">
                                 <l7:StringValue>true</l7:StringValue>
                              </l7:Property>
                           </l7:Properties>
                        </l7:predicate>
                     </l7:predicates>
                  </l7:permission>
               </l7:permissions>
            </l7:Role>
         </l7:Resource>
      </l7:Item>
   </l7:References>
   <l7:Mappings>
      <l7:Mapping action="NewOrUpdate"
                  srcId="50b7b02c9d9c46ca8403b2ea40e72296"
                  type="FOLDER">

         <l7:Properties>
            <l7:Property key="MapBy">
               <l7:StringValue>name</l7:StringValue>
            </l7:Property>
         </l7:Properties>
      </l7:Mapping>
      <l7:Mapping action="NewOrUpdate"
                  srcId="d57d96cbd354452fb97687ec395c0e1f"
                  type="RBAC_ROLE">

         <l7:Properties>
            <l7:Property key="MapBy">
               <l7:StringValue>name</l7:StringValue>
            </l7:Property>
         </l7:Properties>
      </l7:Mapping>
   </l7:Mappings>
</l7:Bundle>

 

Questions: 

  • Is this a bug or a feature? I.e. should this work?
  • Is there another workaround than creating the folders first and then (in a second bundle) the rest?
  • Are there other references that do not work in the same bundle? I.e. that should be created in the first bundle of the workaround?

 

Thanks 

Stephan

Outcomes