Details
-
Bug
-
Resolution: Fixed
-
High
-
2.0.10
-
confluence-5.7.1
-
Severity 3 - Minor
-
Description
NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.
It seems that indexing of Confluence questions triggers a huge number of errors and thread dumps due to permission checks that are failing.
This is caused by the bad usage of GET urls for delete actions in the UI when Confluence is configured to be accessed as anonymous. The logs can fill quite fast due to this bug as it logs over 10kb per request.
2015-04-13 10:14:47,581 ERROR [http-bio-8090-exec-203] [atlassian.plugin.web.DefaultWebInterfaceManager] filterFragmentsByCondition Could not evaluate condition 'co m.atlassian.confluence.plugins.questions.conditions.AnswerPermissionCondition@7fe75f60' for descriptor: cq.answer.meta/cq.answer.meta.delete -- url: /display/xenserver/questions/1226224791/answers/1226224795/comments/1226224808 | userName: anonymous | action: viewquestion | space: 130351106 java.lang.NullPointerException at com.atlassian.confluence.plugins.questions.internal.security.policy.SpacePermissionPolicy.isAuthorOfResource(SpacePermissionPolicy.java:94) at com.atlassian.confluence.plugins.questions.internal.security.policy.SpacePermissionPolicy.hasPermission(SpacePermissionPolicy.java:80) at com.atlassian.confluence.plugins.questions.internal.security.policy.SpacePermissionPolicy.hasPermissionWithMessage(SpacePermissionPolicy.java:49) at com.atlassian.confluence.plugins.questions.internal.security.PermissionServiceImpl.hasPermissionWithMessage(PermissionServiceImpl.java:94)
Attachments
Issue Links
- relates to
-
CONFCLOUD-47657 [atlassian.plugin.web.DefaultWebInterfaceManager] filterFragmentsByCondition Could not evaluate condition 'co m.atlassian.confluence.plugins.questions.conditions.QuestionPermissionCondition@ for descriptor: cq.question.meta/cq.question.meta.delete
- Closed