Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-13316

NullPointerException thrown if user cannot move attachments

    XMLWordPrintable

Details

    Description

      Steps to reproduce:

      1. Attach a file to PageA in SpaceA
      2. For SpaceA, grant userA with "View" and "Create Page" permissions only. User should be able to see edit attachment link (CONF-11453)
      3. Login as userA
      4. Edit attachment of PageA in SpaceA
      5. Specify a page to move the attachment to
      6. Click OK

      The following stack trace will be prompted:

      java.lang.NullPointerException
      at com.atlassian.confluence.pages.actions.MoveAttachmentAction.validate(MoveAttachmentAction.java:175)
      at com.opensymphony.xwork.interceptor.DefaultWorkflowInterceptor.intercept(DefaultWorkflowInterceptor.java:44)
      at com.atlassian.confluence.core.ConfluenceWorkflowInterceptor.intercept(ConfluenceWorkflowInterceptor.java:35)
      at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
      at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
      at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
      at com.atlassian.confluence.security.interceptors.CaptchaInterceptor.intercept(CaptchaInterceptor.java:46)
      at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
      at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
      at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
      at com.atlassian.confluence.util.LoggingContextInterceptor.intercept(LoggingContextInterceptor.java:48)
      at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
      at com.atlassian.confluence.core.CancellingInterceptor.intercept(CancellingInterceptor.java:23)
      at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
      at com.atlassian.confluence.security.actions.PermissionCheckInterceptor.intercept(PermissionCheckInterceptor.java:54)
      at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
      ...

      A more friendly message should be prompted, as it was in Confluence prior to version 2.9 (see screenshot [^move_in_281]):

      You do not have permission to move this attachment to the space spaceA.

      Although Confluence behaves as expected (by disallowing user to move attachment), the stack trace could cause some confusion

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. CONFSERVER-13490 Attachments can be moved to a page which the user cannot access

          • Medium - Medium priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              amohdaris Azwandi Mohd Aris (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: