Skip to content

Fix issue with PostgreSQL: org.postgresql.util.PSQLException #6050

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 17, 2018
Merged

Fix issue with PostgreSQL: org.postgresql.util.PSQLException #6050

merged 1 commit into from
Dec 17, 2018

Conversation

nenaraab
Copy link
Contributor

@nenaraab nenaraab commented Nov 6, 2018

When trying to use Spring Security ACL, I am facing the error: org.postgresql.util.PSQLException: ERROR: operator does not exist: bigint = character varying.

As recommended in the Spring.io documentation i've setup the acl tables in my PostgreSQL database, with column acl_object_identity.object_id_identity of type varchar(36).

IMHO the object_id_identity in the jdbcTemplate method calls MUST always be passed as a character sequence.

This relates to issue:
#5508

@pivotal-issuemaster
Copy link

@nenaraab Please sign the Contributor License Agreement!

Click here to manually synchronize the status of this Pull Request.

See the FAQ for frequently asked questions.

@pivotal-issuemaster
Copy link

@nenaraab Thank you for signing the Contributor License Agreement!

@rwinch
Copy link
Member

rwinch commented Nov 28, 2018

Thank you for the PR @nenaraab!

  1. Could you please rebase off master?
  2. Could you please use String.valueOf as suggested by @mangei?

If you need any help with the rebase, please let me know and I'd be happy to help.

@rwinch rwinch added the status: waiting-for-feedback We need additional information before we can continue label Nov 28, 2018
@rwinch rwinch mentioned this pull request Nov 28, 2018
Closed
@nenaraab
Copy link
Contributor Author

@rwinch
Thanks for cooperation! I've updated the PR. This will fix all my current PostgreSQL issues...

rwinch
rwinch requested changes Nov 29, 2018
View reviewed changes
Copy link
Member

@rwinch rwinch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fast turnaround @nenaraab! Can you add tests for potential null value and to ensure it is converted to a String for non-string types?

@nenaraab
Copy link
Contributor Author

@rwinch
no problem! Please confirm... i will add some checks (using Assert) at the right places to make it bulletproof

  • check that identifier is not NULL (if not already checked in the calling public method)
  • check that Spring.valueOf does not return null

@rwinch
Copy link
Member

rwinch commented Nov 29, 2018

Thanks for the fast reply @nenaraab!

Sorry for the confusion. I was not very clear. What I meant was to do something like this:

String id = parentIdentity.getIdentifier() == null ? 
    null : parentIdentity.getIdentifier().toString()

As for the testing I meant to add some tests that break before your changes and are fixed after the changes. Also add a test that validates that a null value is passed through if getIdentifier() is passed in. I'd probably add them to JdbcAclServiceTests.

To make testing more realistic, I'd:

  • Change JdbcTemplate to be JdbcOperations
  • Add a constructor that allows injecting the JdbcOperations and LookupStrategy

Then the tests could inject a Mock JdbcOperations for the tests mentioned above.

Thanks again for your help with this ticket! If you have any questions, don't hesitate to reach out.

@nenaraab
Copy link
Contributor Author

@rwinch
It's not that i dislike to implement a unittest... and thanks for the guidance here.

But as ObjectIdentity.getIdentifier() never returns null (see documentation, see all constructor implementations) i don't get the point of introducing a null check at all.

Furthermore I've checked the ObjectIdentityImplTests thoroughly. All not null assertions according to the identifier are covered by tests.

rwinch
rwinch requested changes Nov 30, 2018
View reviewed changes
Copy link
Member

@rwinch rwinch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! You are right about not needing the null checks. I have provided feedback inline.

@nenaraab
Copy link
Contributor Author

@rwinch
great, added two test cases to test the code change.

Furthermore I've added integration tests (using hsql in-memory database) to test also a proper conversion of the fetched entries, and the find-children sql queries as well.

rwinch
rwinch requested changes Dec 12, 2018
View reviewed changes
Copy link
Member

@rwinch rwinch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for all the tests @nenaraab! I have another round of feedback inline.

rwinch
rwinch requested changes Dec 14, 2018
View reviewed changes
Copy link
Member

@rwinch rwinch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fast turnaround! I have provided feedback inline.

acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java Outdated
@@ -77,9 +78,14 @@
// ===================================================================================================

public JdbcAclService(DataSource dataSource, LookupStrategy lookupStrategy) {
this(new JdbcTemplate(dataSource), lookupStrategy);
Assert.notNull(dataSource, "DataSource required");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this assertion is not necessary because JdbcTemplate validates that the dataSource is not null.

Copy link
Contributor Author

@nenaraab nenaraab Dec 14, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm so sorry!
this @Nullable was missleading...
but you're right: the method afterPropertiesSet raises an exception, so I've removed the assertion. Sorry for inconvenience...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No problem. It is a bit confusing and due the fact there is also a default constructor.

Thanks for the fast turnaround!

@nenaraab
JdbcAclService: fixes PostgreSql issue
0cd45e1 
When setup the acl tables as specified in the Spring.io documentation
I have faced the following error on a PostgreSql database:
org.postgresql.util.PSQLException: ERROR: operator does not exist:
bigint = character varying.
This is because the acl_object_identity.object_id_identity column is
of type varchar(36) but it is not necessarily accessed with a value
of type String.

- JdbcAclService / JdbcMutableAclService: SQL query must match
  object_id_identity column specification
- JdbcAclService: changed JdbcTemplate to JdbcOperations for testability
- JdbcAclServiceTest: Increased test coverage,
  the integration tests using embedded db relates to this commit
thomasdarimont@cd8d207

Fixes gh-5508
@rwinch rwinch removed the status: waiting-for-feedback We need additional information before we can continue label Dec 17, 2018
@rwinch rwinch self-assigned this Dec 17, 2018
@rwinch rwinch merged commit d1a754f into spring-projects:master Dec 17, 2018
@rwinch rwinch added status: duplicate A duplicate of another issue in: core An issue in spring-security-core type: bug A general bug labels Dec 17, 2018
@rwinch rwinch added this to the 5.2.0.M1 milestone Dec 17, 2018
@juzerali
Copy link
Contributor

In which version is this fix available?

@jzheaux
Copy link
Contributor

jzheaux commented Jun 17, 2021

You can see by looking at the commit hash - d1a754f. In the comment at the top, the versions are listed. Let me know if I can help further.

@juzerali
Copy link
Contributor

Got it, so it is available since v5.2. Thanks @jzheaux

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mangei mangei mangei left review comments

@rwinch rwinch rwinch approved these changes

Assignees

@rwinch rwinch

Labels
in: core An issue in spring-security-core status: duplicate A duplicate of another issue type: bug A general bug
Projects
None yet
Milestone
5.2.0.M1
Development

Successfully merging this pull request may close these issues.
6 participants
@nenaraab @pivotal-issuemaster @rwinch @juzerali @jzheaux @mangei