Bug 84709 - ui.admin.UserForm forms filter incorrectly, causing edit of users with negative userIDs to fail
ui.admin.UserForm forms filter incorrectly, causing edit of users with negati...
Status: CLOSED CURRENTRELEASE
Product: Red Hat Web Application Framework
Classification: Retired
Component: ui (Show other bugs)
nightly
powerpc Linux
medium Severity medium
: ---
: ---
Assigned To: Richard Li
Jon Orris
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-02-20 15:18 EST by Oliver Stewart
Modified: 2007-04-18 12:51 EDT (History)
0 users

See Also:
Fixed In Version: @27513
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-01 10:37:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Oliver Stewart 2003-02-20 15:18:56 EST
Description of problem:
At com.arsdigita.ui.admin.UserForm.java:258:
            query.addFilter("userID != " + userID);

addFilter is called by appending a string from a request parameter.  This fails
for negative numbers, because the negative sign is interpreted as part of the
'!=' operator (i.e. as '!=-').  userID should be passed to the filter using a
bind variable:
Filter filter = query.addFilter("userID != :userID");
filter.set("userID", userID);


Version-Release number of selected component (if applicable):
5.3.0.AUTO.02.18.2003

How reproducible:
Reproducible

Steps to Reproduce:
1. Login as the administrator user
2. Navigate to the admin UI (<site_root>/admin/)
3. Browse Users
4. Select a User with a negative User ID
5. Click Edit User
6. Modify an attribute, and click Save

The error occurs.
    
Actual results:
A PersistenceException is thrown.

Expected results:
The user information should be modified.
Comment 1 Richard Li 2003-02-20 16:20:54 EST
You get +2 karma for the catch.

[16:15] <richardl_home> ccmbot: rank ostewart
[16:15] <ccmbot> ostewart has 2 points of karma (rank 243).
Comment 2 Richard Li 2003-02-20 16:29:28 EST
Fixed @27513. Should show up in the nightlies.

Note You need to log in before you can comment on or make changes to this bug.