I couldn't solve my problem, so i try to explain it again:
There are 2 Participants (Provider). Both of them holds own Wallet and Account and they want to exchange Cash to Tokens or visa versa. They should have just READ-access to their own assets, because of fraud, security etc. But for transactions they need UPDATE-access. Here is my code:
org.acme.biznet.cto:
namespace org.acme.biznet
abstract participant Member identified by memberId {
o String memberId
o String name
o String email
}
// Sensorbesitzer, z.B private Personen, Haushalte etc.
participant Provider identified by providerId extends Member {
o String providerId
--> SDTWallet sdtWallet
--> Account account
}
// SDT Token Wallet von den Netzwerkteilnehmern.
asset SDTWallet identified by sdtWalletId {
o String sdtWalletId
o Double balance default = 0.0
--> Member owner
}
// Geldkonto von den Netzwerkteilnehmern.
asset Account identified by accountId {
o String accountId
o Double balance default = 0.0
--> Member owner
}
// Cash gegen Tokens getauscht.
transaction TradeCashToTokens {
o Double cashRate default = 2.0
o Double cashValue default = 1.0 range = [1.0,]
--> SDTWallet fromSDT
--> SDTWallet toSDT
--> Account fromCash
--> Account toCash
}
// Tokens gegen Cash getauscht.
transaction TradeTokensToCash {
o Double tokenRate default = 0.5
o Double tokenValue default = 2.0 range = [2.0,]
--> SDTWallet fromSDT
--> SDTWallet toSDT
--> Account fromCash
--> Account toCash
}
and logic.js:
/**
* Cash to tokens transaction
* #param {org.acme.biznet.TradeCashToTokens} UpdateValues
* #transaction
*/
function TradeCashToTokens(UpdateValues) {
//determine change in tokens value from the rate
var tokensChange = (UpdateValues.cashRate * UpdateValues.cashValue);
if(UpdateValues.fromCash.balance < UpdateValues.cashValue) {
throw new Error('Insufficient cash funds!');
} else if (tokensChange > UpdateValues.fromSDT.balance) {
throw new Error('Not enough tokens for this transaction!');
}
//alert("Fehler!");
//update values of exchanger1 cash account
console.log('#### exchanger1 cash balance before: ' + UpdateValues.fromCash.balance);
UpdateValues.fromCash.balance -= UpdateValues.cashValue;
console.log('#### exchanger1 cash balance after: ' + UpdateValues.fromCash.balance);
//update values of exchanger2 cash account
console.log('#### exchanger2 cash balance before: ' + UpdateValues.toCash.balance);
UpdateValues.toCash.balance += UpdateValues.cashValue;
console.log('#### exchanger2 cash balance after: ' + UpdateValues.toCash.balance);
//update values of exchanger1 token wallet
console.log('#### exchanger1 token balance before: ' + UpdateValues.toSDT.balance);
UpdateValues.toSDT.balance += tokensChange;
console.log('#### exchanger1 token balance after: ' + UpdateValues.toSDT.balance);
//update values of exchanger2 token wallet
console.log('#### exchanger2 token balance before: ' + UpdateValues.fromSDT.balance);
UpdateValues.fromSDT.balance -= tokensChange;
console.log('#### exchanger2 token balance after: ' + UpdateValues.fromSDT.balance);
console.log(UpdateValues.cashValue + ' EUR exchanged to ' + tokensChange + ' SDT Tokens with actual rate of ' + UpdateValues.cashRate);
return getAssetRegistry('org.acme.biznet.SDTWallet')
.then(function (assetRegistry) {
return assetRegistry.updateAll([UpdateValues.toSDT,UpdateValues.fromSDT]);
})
.then(function () {
return getAssetRegistry('org.acme.biznet.Account')
.then(function (assetRegistry) {
return assetRegistry.updateAll([UpdateValues.toCash,UpdateValues.fromCash]);
});
});
}
and permissions.acl:
//****************PROVIDER_PARTICIPANTS**********************
//Provider has access only to their own profile
rule ProviderAccessOwnProfile {
description: "Allow providers to access only their profile"
participant(p): "org.acme.biznet.Provider"
operation: READ, UPDATE
resource(r): "org.acme.biznet.Provider"
condition: (r.getIdentifier() === p.getIdentifier())
action: ALLOW
}
//Provider has read only access to other Providers
rule ProviderReadAccessProviders {
description: "Allow provider read access to other providers"
participant: "org.acme.biznet.Provider"
operation: READ
resource: "org.acme.biznet.Provider"
action: ALLOW
}
//****************PROVIDER_ASSETS**********************
rule ProvidersReadAccesstoAccount {
description: "Traders see their own BankAccount only"
participant: "org.acme.biznet.Provider"
operation: READ
resource: "org.acme.biznet.Account"
action: ALLOW
}
rule ProvidersReadAccesstoSDTWallet {
description: "Providers see their own SDT Wallet only"
participant: "org.acme.biznet.Provider"
operation: READ
resource: "org.acme.biznet.SDTWallet"
action: ALLOW
}
//Provider can submit CashToToken transaction
rule ProvidercanUpdateAccountthroughTransactionOnly {
description: "Allow trader to submit trade transactions"
participant(p): "org.acme.biznet.Provider"
operation: READ, UPDATE
resource(r): "org.acme.biznet.Account"
transaction(tx): "org.acme.biznet.TradeCashToTokens"
condition: (p.getIdentifier() === r.owner.getIdentifier() &&
r.getIdentifier() === tx.toCash.getIdentifier())
action: ALLOW
}
//Provider can submit CashToToken transaction
rule ProvidercanUpdateSDTWalletthroughTransactionOnly {
description: "Allow trader to submit trade transactions"
participant(p): "org.acme.biznet.Provider"
operation: READ, UPDATE
resource(r): "org.acme.biznet.SDTWallet"
transaction(tx): "org.acme.biznet.TradeCashToTokens"
condition: (p.getIdentifier() === r.owner.getIdentifier() &&
r.getIdentifier() === tx.fromSDT.getIdentifier())
action: ALLOW
}
//****************PROVIDER_TRANSACTIONS**********************
//Provider can submit CashToTokens transaction
rule ProviderSubmitCashToTokenTransactions {
description: "Allow provider to submit cash to tokens transactions"
participant: "org.acme.biznet.Provider"
operation: CREATE, READ
resource: "org.acme.biznet.TradeCashToTokens"
action: ALLOW
}
//Provider can submit TokenToCash transaction
rule ProviderSubmitTokensToCashTransactions {
description: "Allow provider to submit tokens to cash transactions"
participant: "org.acme.biznet.Provider"
operation: CREATE, READ
resource: "org.acme.biznet.TradeTokensToCash"
action: ALLOW
}
//****************PROVIDER_HISTORY**********************
//Provider can see the history of own transactions only
rule ProviderSeeOwnHistoryOnly {
description: "Proviers should be able to see the history of their own
transactions only"
participant(p): "org.acme.biznet.Provider"
operation: READ
resource(r): "org.hyperledger.composer.system.HistorianRecord"
condition: (r.participantInvoking.getIdentifier() != p.getIdentifier())
action: DENY
}
//*********************NETWORK***************************
rule SystemACL {
description: "System ACL to permit all access"
participant: "org.hyperledger.composer.system.Participant"
operation: ALL
resource: "org.hyperledger.composer.system.**"
action: ALLOW
}
rule NetworkAdminUser {
description: "Grant business network administrators full access to user
resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "**"
action: ALLOW
}
rule NetworkAdminSystem {
description: "Grant business network administrators full access to system
resources"
participant: "org.hyperledger.composer.system.NetworkAdmin"
operation: ALL
resource: "org.hyperledger.composer.system.**"
action: ALLOW
}
And when i want to try make transactions as Provider, e.g. TradeCachToTokens, it says t: Participant 'org.acme.biznet.Provider#P1' does not have 'UPDATE' access to resource 'org.acme.biznet.SDTWallet#SDT1'
please see the screenshot: cash_to_tokens
Provider(P1) should get UPDATE-access for Wallet and Account, if he make transaction, but not only his own, for his opposite (P2) too.
Whats the problem here?
UPDATED ANSWER: the answer is (May 10):
You are updating the registries org.acme.biznet.SDTWallet and org.acme.bixnet.Account - and I see you have rules to allow updates to occur from the transaction TradeCashToTokens or indeed TradeTokensToCash. I think the problem is the condition should be || and not && - one resource at a time is evaluated, and the resource owner can be TRUE in the conditional match. As the trxn is invoked by the participant, should always evaluate TRUE (unless he's not the resource owner of course), part A of the condition ; for the target resource (toCash or toSDT), you compare it with the owner of the resource (being updated in your transaction function code - names as above). Note the rules are based allowing the invoking participant update the 2 target resources (based on participant, not Account - ps I think the reason your 'SDT' rule failed is because the rule says 'fromSDT' (evaluates to one target resource only).
Suggest a set of rules like:
rule UpdateAccountsviaTradeCashToTokens {
description: "Allow source/target providers defined in trxn (ie 2)- to access/update their Accounts from, trxn TradeCashToTokens only"
participant(p): "org.acme.biznet.Provider"
operation: READ, UPDATE
resource(r): "org.acme.biznet.Account"
transaction(tx): "org.acme.biznet.TradeCashToTokens"
condition: ( p.getIdentifier() === r.owner.getIdentifier() || tx.toCash.owner.getIdentifier() === r.owner.getIdentifier() )
action: ALLOW
}
rule UpdateSDTWalletsviaTradeCashToTokens {
description: "Allow source/target providers defined in trxn (ie 2)- to access/update their SDT Wallets from, trxn TradeCashToTokens only"
participant(p): "org.acme.biznet.Provider"
operation: READ, UPDATE
resource(r): "org.acme.biznet.SDTWallet"
transaction(tx): "org.acme.biznet.TradeCashToTokens"
condition: ( p.getIdentifier() === r.owner.getIdentifier() || tx.toSDT.owner.getIdentifier() === r.owner.getIdentifier() )
action: ALLOW
}
Similarly - for the other transaction TradeTokenstoCash you can have
rule UpdateAccountsviaTradeTokensToCash {
description: "Allow source/target providers defined in trxn (ie 2)- to access/update their Accounts from, trxn TradeTokensToCash only"
participant(p): "org.acme.biznet.Provider"
operation: READ, UPDATE
resource(r): "org.acme.biznet.Account"
transaction(tx): "org.acme.biznet.TradeTokensToCash"
condition: ( p.getIdentifier() === r.owner.getIdentifier() || tx.toCash.owner.getIdentifier() === r.owner.getIdentifier() )
action: ALLOW
}
rule UpdateSDTWalletsviaTradeTokenstoCash {
description: "Allow source/target providers defined in trxn (ie 2)- to access/update their SDT Wallets from, trxn TradeTokenstoCash only"
participant(p): "org.acme.biznet.Provider"
operation: READ, UPDATE
resource(r): "org.acme.biznet.SDTWallet"
transaction(tx): "org.acme.biznet.TradeTokenstoCash"
condition: ( p.getIdentifier() === r.owner.getIdentifier() || tx.toSDT.owner.getIdentifier() === r.owner.getIdentifier() )
action: ALLOW
}
You will still need your PROVIDER_TRANSACTIONS rules.
You are correct to say you will need the PROVIDER_ASSETS rules - before the transaction update based rules (ie mentioned above).
I have created an ACL tutorial - that I will incorporate into the Composer docs in due course (for benefit of others too) - similar to what you've done.
https://github.com/mahoney1/test/blob/master/acl_dynamic.md
Hope this helps, have tried your complete ruleset with changes and it works; if you wish me to post the complete set of rules, let me know.
Related
I'm using Identity Server 4. I have an external identity provider that I want to get the claims from the id token. In the documentation, http://docs.identityserver.io/en/latest/topics/signin_external_providers.html, it says that all the claims will be available. When I sign in only a few claims are shown in the Home/secure page. If I goto the Diagnostics page and look at the Id Token, they are there. I would like to include some of the claims in the id token and access token that the service is returning. I have created a Profile service thinking that I could add them there, but the same claims that show in the home/secure page are the only ones available:
Here is my external config in start up:
services.AddAuthentication()
.AddOpenIdConnect("external", "external", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
options.Authority = "https://external idp address.com";
options.ClientId = "secret";
options.Scope.Clear();
options.Scope.Add("openid profile");
options.SaveTokens = true;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name"
};
options.ClaimActions.MapAll();
});
I'm using online Playground of Hyperledger Composer (https://composer-playground.mybluemix.net/).
I'm tring to modify acl file from "pii-network" example.
I would like to have authorized access only if participant want to authorize another member and not himself... How can I do it?
I did the following change to ACL file but it does not work as I expected (it authorize/revoke anyone and not anyone without himself):
rule AuthorizeAccessTransaction {
description: "Allow all participants to submit AuthorizeAccess transactions"
participant(p): "org.acme.model.Doctor"
operation: CREATE
resource(r): "org.acme.model.AuthorizeAccess"
condition: (r.getIdentifier() != p.getIdentifier())
action: ALLOW
}
rule RevokeAccessTransaction {
description: "Allow all participants to submit RevokeAccess transactions"
participant(p): "org.acme.model.Doctor"
operation: CREATE
resource(r): "org.acme.model.RevokeAccess"
condition: (r.getIdentifier() != p.getIdentifier())
action: ALLOW
}
rule OwnRecordFullAccess {
description: "Allow all participants full access to their own record"
participant(p): "org.acme.model.Doctor"
operation: ALL
resource(r): "org.acme.model.Doctor"
condition: (r.getIdentifier() === p.getIdentifier())
action: ALLOW
}
rule ForeignRecordConditionalAccess {
description: "Allow participants access to other people's records if granted"
participant(p): "org.acme.model.Doctor"
operation: ALL
resource(r): "org.acme.model.Doctor"
condition: (r.authorized && r.authorized.indexOf(p.getIdentifier()) > -1)
action: ALLOW
}
rule SystemACL {
description: "System ACL to permit all access"
participant: "org.hyperledger.composer.system.Participant"
operation: ALL
resource: "org.hyperledger.composer.system.**"
action: ALLOW
}
I followed instruction from https://www.youtube.com/watch?v=VTX-9VyO6OU&feature=youtu.be and I changed the .acl file like I showed
Does anyone know what is the problem? What did I wrong?
I show also cto file here:
namespace org.acme.model
concept Specialization {
o String hospital
o String hospital_ward //reparto ospedaliero
o String city
o String county
o String zip
o String field //campo medico di specializzazione
}
participant Doctor identified by username {
o String username
o String firstName
o String lastName
o Specialization specialization
o DateTime dob optional
o String[] authorized optional
}
abstract transaction DoctorTransaction {
o String username
}
transaction AuthorizeAccess extends DoctorTransaction {
}
transaction RevokeAccess extends DoctorTransaction {
}
event DoctorEvent {
o DoctorTransaction doctorTransaction
}
Use relationship as datatype for your authorized users.
participant Doctor identified by username {
o String username
o String firstName
o String lastName
o Specialization specialization
o DateTime dob optional
--> Doctor[] authorized optional
Then use this function to check condition in permissions.acl
rule ForeignRecordConditionalAccess {
description: "Allow participants access to other people's records if granted"
participant(p): "org.acme.model.Doctor"
operation: ALL
resource(r): "org.acme.model.Doctor"
condition: (
r.authorized.some(function (doc){
return doc.$identifier === p.$identifier;
})
)
action: ALLOW
}
Problem:
I am working on an Android app which interacts with nodejs REST server using node orm for mysql backend. On my server, I have a functionality of authenticating users based on email verification. Once verification is successful, node orm fetches the user object, changes the verified column value and saves it back.
But, the change is not reflecting in the db after execution. Only if we run the same code another time, it is reflecting in the database
Code
exports.activateEmail = function(email, callback) {
log.info('In verifyEmailDao.js, activateEmail module');
var db = connectionObj.getConnection();
var Candidate = db.models.jobseeker_id;
Candidate.find({email : email}, function(err,candidate){
if(err){
log.info('cannot find account with email to activate', email);
callback(false, null);
}
else {
candidate[0].verified = true;
log.info('candidate email now activated.! status is', candidate[0].verified);
candidate[0].save(function(error){
log.info('Email verified any errors?', error);
callback(true, candidate[0].id);
});
}
});
}
Edit 1:
jobseeker_id.js (node-orm model)
var orm = require('orm');
module.exports = function(db){
console.log('coming inside candidateId.js');
var JobSeekerId = db.define('jobseeker_id', {
id : {type:'serial' , key:true},
first_name : String,
last_name : String,
email : String,
password : String,
verified : Boolean
},{
validations : {
email : orm.enforce.unique("Already registered")
}
});
}
Server log:
{"name":"test-app" "msg":"In verifyEmailDao.js, activateEmail module"}
{"name":"test-app","msg":"candidate email now activated.! status is true"}
{"name":"test-app","msg":"Email verified any errors? null"}
{"name":"test-app","msg":"Email sucessfully activated. Now deleting the entry from verify email link table for candidate id 30}
{"name":"test-app","msg":"In verifyEmailDao.js, deleteRandomLink module"}
{"name":"test-app","msg":"error is---> null"}
{"name":"test-app","msg":"Entry deleted from verify email table as email is activated"}
There will no be no changes in the log when I execute the code for second time, but the change in the db will be reflected!
After 2 days of hell I finally fixed the issue by adding a statement db.settings.set('instance.cache', false) to the db config file. Though I did'nt clearly understand how db update issue was resolved by setting the cache to false, this did the trick!
I am trying to update some user data via the admin SDK. I thought this would work
function directoryUpdate(userId, userDept, userLocation, userPhone, userTitle) {
var update = {
organizations:
{
name: "Next Step Living",
title: userTitle,
primary: true,
type: "work",
department: userDept,
location: userLocation
},
phones:
{
value: userPhone,
type: "work",
primary: true,
}
};
update = AdminDirectory.Users.update(update, userId);
Logger.log('User %s updated with result %s.', userId, update)
return true;
}
but it is not updating the organization or phone data on the record. It also does not throw any kind of error.
three questions, what is the proper syntax to do this update, I assume this works like the API update and behaves like an upsert, is that true, and what is the best practice for capturing any errors during the update. I would like to return a false when the update fails and capture that info. Thanks in advance for your help.
Thanks for your question!
This "inspired" me to work out how the update API worked, as I had got as far as retrieving a User object, updating the properties but had not worked out how to persist the data back to Google.
So, here's my prototype code, which appears to work (the objective being to reset the user's password based on entries in a spreadsheet).
It doesn't seem the most elegant code to me, being that there are two round-trips to the Admin API, and we have to post the email address twice, but I guess that is a side-effect of the JSON API.
var emailAddress = userListSheet.getRange(row, 1).getValue();
var password = userListSheet.getRange(row, 2).getValue();
Logger.log('Email: %s, Password: %s', emailAddress, password);
// Reset user's password
var user = AdminDirectory.Users.get(emailAddress);
user.password = password;
if (changePasswordAtNextLogin == 'Yes') {
user.changePasswordAtNextLogin = true;
}
AdminDirectory.Users.update(user, emailAddress);
Figured out the syntax issue. You do need a set of [] around the name value pairs under organization and phones. organizations:[{....}], phones:[{...}]}; and no, at the end of primary: true under phones. Also changed it from an update to a patch but not sure if that was really required;
update = AdminDirectory.Users.patch(update, userId);
And Yes, it did behave like an upsert and modified existing data and added new data just like the API.
Still need to figure out the best way to capture any errors though so if you have any suggestions please post them.
Looks like supplying an invalid email address is a fatal error that can not be caught and dealt with in code. What I did was get all the primary emails out of Google, store them in an array, and validate that the email I was using was in that list prior to running the update. Since everything else is just a string or logical replacement it should not throw any errors so I am confident that the script will not fail. Now all I have to worry about is the time limit.
We are using Grails 2.1.1 and Searchable plugin 0.6.4 in our Grails applications and implemented searchable on some domains which are indicated below with all the mappings.
class User {
.....
static hasMany = [userEducations : UserEducations , userWorkings : UserWorkings ]
......
static searchable = {
content: spellCheck 'include'
all termVector: "yes"
userEducations component: true
userWorkings component: true
}
......
}
class UserEducations {
.....
Schools schools
.....
static belongsTo = [user : User ]
......
static searchable = {
content: spellCheck 'include'
all termVector: "yes"
schools component: true
}
......
}
class UserWorkings {
.....
Organizations organizations
.....
static belongsTo = [user : User ]
....
static searchable = {
content: spellCheck 'include'
all termVector: "yes"
organizations component: true
}
......
}
class Schools {
......
static searchable = true
......
}
class Organizations {
......
static searchable = true
......
}
The data is saving successfully with correct mapping and constraints.
The problem starts when we have the drowslike below in table user with relationship
User a1 -> UserEducations b1 -> Schools d1
and
User a2 -> UserEducations b2 -> Schools d1
or
User a1 -> UserWorkings c1 -> Organizations e1
and
User a2 - > UserWorkings c2 -> Organizations e1
(We are not sure about above fact may be the problem happened due to large no. of data.)
Then when we try to start the server then we receive below exception and server wouldn't start
We have tried by removing searchable index and restarting again then it also not start.
The server starts only when we truncate tables corresponding to above 5 domains.
18:30:54,133 [Compass Gps Index [pool-5-thread-5]] ERROR indexer.ScrollableHibernateIndexEntitiesIndexer - {hibernate}: Failed to index the database
org.compass.core.engine.SearchEngineException: Processor [4]: Failed to add job [Job Create [alias [Organizations] uid [Organizations#456#]] Resource [{Organizations} [stored/uncompressed,indexed,omitNorms<alias:Organizations>],[stored/uncompressed,indexed,omitNorms,omitTf<$/Organizations/id:456>],[stored/uncompressed,indexed<active:true>],[stored/uncompressed,indexed<dateCreated:2013-02-28-14-03-05-0-PM>],[stored/uncompressed,indexed,tokenized<aaa:109122482450911>],[stored/uncompressed,indexed<lastUpdated:2013-02-28-14-03-05-0-PM>],[stored/uncompressed,indexed,tokenized<name:Asc>],[stored/uncompressed,indexed<version:0>],[stored/uncompressed,indexed,omitNorms,omitTf<$/uid:Bs#456#>]]] after [10000ms] and backlog size [100]
at org.compass.core.lucene.engine.transaction.support.AbstractConcurrentTransactionProcessor$Processor.addJob(AbstractConcurrentTransactionProcessor.java:496)
at org.compass.core.lucene.engine.transaction.support.AbstractConcurrentTransactionProcessor.create(AbstractConcurrentTransactionProcessor.java:158)
at org.compass.core.lucene.engine.LuceneSearchEngine.createOrUpdate(LuceneSearchEngine.java:290)
at org.compass.core.lucene.engine.LuceneSearchEngine.create(LuceneSearchEngine.java:268)
at org.compass.core.impl.DefaultCompassSession.create(DefaultCompassSession.java:413)
at org.compass.core.impl.DefaultCompassSession.create(DefaultCompassSession.java:397)
at org.compass.core.impl.ExistingCompassSession.create(ExistingCompassSession.java:305)
at org.compass.gps.device.hibernate.indexer.ScrollableHibernateIndexEntitiesIndexer$RowBuffer.flush(ScrollableHibernateIndexEntitiesIndexer.java:212)
at org.compass.gps.device.hibernate.indexer.ScrollableHibernateIndexEntitiesIndexer$RowBuffer.close(ScrollableHibernateIndexEntitiesIndexer.java:206)
at org.compass.gps.device.hibernate.indexer.ScrollableHibernateIndexEntitiesIndexer.performIndex(ScrollableHibernateIndexEntitiesIndexer.java:151)
at org.compass.gps.device.support.parallel.ConcurrentParallelIndexExecutor$1$1.doInCompassWithoutResult(ConcurrentParallelIndexExecutor.java:104)
at org.compass.core.CompassCallbackWithoutResult.doInCompass(CompassCallbackWithoutResult.java:29)
at org.compass.core.CompassTemplate.execute(CompassTemplate.java:133)
at org.compass.gps.impl.SingleCompassGps.executeForIndex(SingleCompassGps.java:147)
at org.compass.gps.device.support.parallel.ConcurrentParallelIndexExecutor$1.call(ConcurrentParallelIndexExecutor.java:102)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:679)
Our problem is similar to below post
http://grails.1312388.n4.nabble.com/hibernate-Searchable-failing-to-index-on-program-start-td4119566.html
We have tried our best to sort out the problem but no luck.
Please help us to solve this problem.
Go to your console and enter:
grails install-searchable-config
Then open myproject/grails-app/conf/Searchable.groovy and search for the following and change the values as I pointed out.
mirrorChanges = false
bulkIndexOnStartup = false
in Bootstrap.groovy:
class BootStrap {
def searchableService
def init = { servletContext ->
// do any data loading you would normally do
// Manually start the mirroring process to ensure that it comes after the automated migrations.
println "Performing bulk index"
searchableService.reindex()
println "Starting mirror service"
searchableService.startMirroring()
}
}