Bug 1714633

Summary: Using more than one asterisk in the search string is not working when searching for users.
Product: Red Hat Enterprise Virtualization Manager Reporter: Miguel Martin <mmartinv>
Component: ovirt-engine-extension-aaa-jdbcAssignee: Eli Mesika <emesika>
Status: CLOSED ERRATA QA Contact: Petr Matyáš <pmatyas>
Severity: medium Docs Contact:
Priority: low    
Version: 4.2.8-4CC: lleistne, mperina, mtessun
Target Milestone: ovirt-4.4.0Flags: lsvaty: testing_plan_complete-
Target Release: 4.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovirt-engine-extension-aaa-jdbc-1.1.90 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-08-04 13:19:31 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Miguel Martin 2019-05-28 13:42:26 UTC 
Description of problem:

When searching for users in the Webadmin Portal ('Administration -> Users -> add') it's not possible to use more than one '*' character in the search string. Only the latest character is left 'as is' and the rest are replaced by '\2a' before performing the real query.

Version-Release number of selected component (if applicable):
ovirt-engine-4.2.8.5-0.1.el7ev.noarch

How reproducible:
Always


Steps to Reproduce:
1. In the webadmin portal navigate to 'Administration -> Users -> add'
2. Enter 'ad*i*' as the search string and click on 'Go'

Actual results:
No user is shown

Expected results:
The user 'admin' is shown


Additional info:
This bug comes from debugging a problem with the AAA LDAP extension where we expected the search string containing several '*' characters to work as it would work in a normal ldapsearch command. However, this is something not exclusive to LDAP profiles, it does not work with the 'internal' profile either.
Comment 1 Daniel Gur 2019-08-28 13:11:48 UTC 
sync2jira
Comment 2 Daniel Gur 2019-08-28 13:16:00 UTC 
sync2jira
Comment 3 Eli Mesika 2019-11-11 04:37:45 UTC 
This occurs not only for more than one '*' , it does not match whenever the '*' is not the last character , for example if you serach for 'admin' by "*n" you will got nothing 

The reason is that the code checks for the last char only to see if it is '*' and then replace it with '*' when the replacement should be for all occurrences 

I managed to reproduce it also from the CLI tool , for example :

ovirt-aaa-jdbc-tool query --what=user --pattern="name=*n"  

is not working either
Comment 4 Petr Matyáš 2020-01-08 14:47:05 UTC 
Verified on ovirt-engine-extension-aaa-jdbc-1.1.90-1.el7ev.noarch
Comment 9 errata-xmlrpc 2020-08-04 13:19:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: RHV Manager (ovirt-engine) 4.4 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:3247