Scheduler behaves differently than manually running API

Wappler General How To
#1

Hello. Hoping for some guidance on this issue I am having. I have a setup where I am syncing my local active directory groups to specific permissions in Wappler, tying that through Azure AD and a database table with users and roles. That part works great, I can run the API, it will check if the user exists and if not create the user and role assigned to the group. If the user already exists it will only assign the role. Finally it will delete the user from the role if they are no longer in the AD group.

I can run this again and again and again and it works every time correctly.

However, if I put it in a scheduler then it runs differently and does deletion tasks where it is not supposed to. Upon the next schedule it assigns the roles again since they were missing and deleted in the last run. I’ve put this in the API library then I am calling it via exec action. I created two APIs that one I can run manually then the other is on a schedule, so they are using the same action that way.

Below is the library action. Why would the scheduler be running the database delete action when it is not supposed to whereas if I run this action manually it runs correctly every time?

Thanks

image
image688×833 34.6 KB

#2

Not sure, but here’s a few things that might help.

If you use replicas, the scheduler will be running in each replica. If that’s the problem, you can setup a job lock using a unique index in the db.

There is no logged in user when using the scheduler—sometimes people forget that identity will be null.

And lastly, if inside a docker container, calling localhost can cause problems, but that too can be resolved.

#3

Thanks for the reply and things to check.

No replicas.

There should not need to be a user logged in when running this. It does work on the schedule as in it will add the users to the table, it will add the roles if missing, but it also deletes the roles when it is not supposed to whereas if I do it on a separate API call of the only step being run the library action it works correctly. The scheduler is the same step, only an Exec Action.

The authentication is in the API action get access token step with the client id and client secret. Then the next API call uses that token received to do the call to pull the Azure AD members.

Currently I have it published to a website as I am testing, webserver is in a docker container and so is the database in a separate docker container all handled by Wappler.

Thanks

#4

If I read correctly, you call an API with an Exec and it works, and if you schedule with the same exec action it does not work. Strange.

Have you tried using the Include action instead of Exec? Can’t see that changing anything, but ???

I think the main difference here is that with the API there is an http request, and there isn’t with the scheduler, so perhaps you are using a SERVER var that isn’t the same??? Again, wild guess.

You might want to get the Advanced Logger extension and start logging a bunch of details so you can see where the difference lies.

#5

Finally got it working correctly, sometimes it just takes coming back the next day to reevaluate how it works. This one was 100% my fault.

As I have multiple groups I had multiple schedules running, basically the same thing just a few minor tweaks between them like a different group ID, different role etc…

However on the query to delete I was not adding an additional condition to look for the role on the table so when both schedules ran they were technically doing exactly as they were told and one was deleting the other since it was not filtered to look for the specific role to remove only that one.

With your idea of include actions I am likely going to revisit this and split this into multiple actions so I can just reuse the authentication token coming from Microsoft instead of getting multiple tokens between multiple actions.

Thanks