Ingest fails because /recordings/{id}/acls returns 500 if event has not ACLs

Steps to reproduce

Steps to reproduce:
1. On a system where you have a separate ingest node
2. Use the REST API to schedule an event. do not set ACLs
3. Ingest the scheduled recording

Actual Results:
Ingest fails on the ingest node with:

2017-08-01 13:38:08,379 | INFO | (IngestServiceImpl:1193) - Found matching scheduled event for id '864411269119925248', overriding mediapackage id to 85c81221-632f-4dbe-8d9d-3055713f3a63
2017-08-01 13:38:08,392 | WARN | (RemoteBase:202) - Service at returned unexpected response code 500
2017-08-01 13:38:08,392 | WARN | (RemoteBase:219) - All services of type 'org.opencastproject.scheduler' are in unknown state, abort remote call 864411269119925248/acl
2017-08-01 13:38:08,393 | ERROR | (IngestServiceImpl:1204) - Unable to get event dublin core from scheduler event 864411269119925248: org.opencastproject.scheduler.api.SchedulerException: Unable to get ev
ent access control list from remote scheduler service

Whereas if you ingest to the admin node it will succeed

Workaround (if any):

Only ingest to admin.

It may be bad practice to not set ACLs but it should be allowable. The problems is that the GET recording/{id}/acls endpoint does not test for a null value returned by ScheduleService.getAccessControlList() and tries to convert it to JSON. This breaks the call to ScheduleService.getAccessControlList() by the IngestService when it is using the remote ScheduleService implementation.

If ScheduleService.getAccessControlList() returns null, what should the REST Endpoint return?

A response of NOT_FOUND is currently used to signify that the event itself can't be found, which wouldn't be correct.

Which of the following would be more appropriate?

1. 204 no content
2. 200 but other empty response
3. 200 some default ACLs (eg ADMIN+RW), this would require the local implementation of getAccessControlList() to return the defaults instead of null.


James Perrin
August 2, 2017, 3:47 PM

In the 4.x scheduler, getAccessControlList does the following, which is different again:

Opt<AccessControlList> acl = loadEpisodeAclFromAsset(record.get().getSnapshot().get());
if (acl.isNone())
throw new NotFoundException();

The rest endpoint would return 404 not found. However Ingest does not look to the scheduler for default acls but instead calls:

private void setPublicAclIfEmpty(MediaPackage mp) {
AccessControlList activeAcl = authorizationService.getActiveAcl(mp).getA();
if (activeAcl.getEntries().size() == 0) {
String anonymousRole = securityService.getOrganization().getAnonymousRole();
activeAcl = new AccessControlList(new AccessControlEntry(anonymousRole, Permissions.Action.READ.toString(), true));
authorizationService.setAcl(mp, AclScope.Series, activeAcl);

I not sure that setting public permissions the correct thing to do either, better to over restrict data that make something public that shouldn't.

In summary I think that 4.x is still broken but in a different way.

James Perrin
August 2, 2017, 3:24 PM

option 3 would be

where ROLE_ADMIN = Organization.getAdminRole()

Fixed and reviewed


James Perrin


James Perrin


Incorrectly Functioning With Workaround

Tags (folksonomy)