In 9.9 LTA, api/users/search?externalIdentity= is not retreiving data from some users

SonarQube Server / Community Build
1

Hi, there!

One of our customers stated that when they made an api call to api/users/search and filtering by externalIdentity, they didn’t get a result.

https://*********/sonar/api/users/search?externalIdentity=****

I made some test and they were right up to a certain point:

With one user:

imagen
imagen1010×314 22.9 KB

But with another user:

imagen
imagen1007×510 42.1 KB

I have made a script in order to get which users were affected with this behaviour and get a pattern to investigate what’s going on and I couldn’t get it.

First, I retrieve all users with sonar/api/users/search. Second filter by users in the external Identity provider. Then, I made a call to sonar/api/users/search?externalIdentity=**** with the externalIdentity param I retrieved from the first call:

imagen
imagen979×199 17.7 KB

I made some tests in four another instances of SonarQube (SonarQube for Server) 9.9.7 LTA and in every single one we have this behaviour. Some users respond to the search by external ID, some not without a pattern I could find:

imagen
imagen1616×171 24.1 KB

imagen
imagen1563×166 24 KB

imagen
imagen836×153 12.7 KB

imagen
imagen800×150 13 KB

BUT When I make the test in a 10.7 instance, this behaviour does not occur:

imagen
imagen795×154 12.6 KB

I have been looking for an answer into the SonarQube code and I found that the code in the SearchAction for the API is completely different in 9.9 and in 10.x.

In 9.9 looks this way:

sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/SearchAction.java
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/SearchAction.java1065×191 34.6 KB

sonarqube/server/sonar-db-dao/src/main/resources/org/sonar/db/user/UserMapper.xml
sonarqube/server/sonar-db-dao/src/main/resources/org/sonar/db/user/UserMapper.xml650×124 13.5 KB

And it looks good to me, but I cannot test further. Is it maybe a bug?

TLDR: In 9.9 LTA, api/users/search?externalIdentity= is not retreiving data from some users

4

Hello @mbastardo.excentia,

The externalIdentity parameter only works for the first 50 users that are fetched. So, when this is tested on a few users, there’s no issue. But for customers with >50 users, it returns no results for users not in the first 50 results. We discussed this bug and decided not to backport the fix to the LTA. The latest active version, 10.x, is not impacted by this bug, and the endpoint works correctly.

Without the ability to query the external identity directly, the main workaround is to extract all users (numbering in the thousands), then manually filter the one that matches the externalIdentity value to get the SonarQube login.

Also as mitigation, you could increase the page size up to 500 (but that would still not work for larger instances) or rather use another filter such as login (but I don’t know whether that’s an option).

I hope this clarifies.

Thanks,
Sarath

1 Like
5

Hi @Sarath_Nair,

Thank you for your support. We figured it wasn’t worth the effort of the fix to get it to LTS.

Regards,