[#JRA-14295] NullPointerException when clicking on email filter subscription edit link when not logged into JIRA

JIRA

NullPointerException when clicking on email filter subscription edit link when not logged into JIRA

Created: 16/Jan/08 04:15 PM Updated: 23/Jan/08 06:04 AM

Component/s:

Permissions Security, Services

Affects Version/s:

3.12.1

Fix Version/s:

3.12.2

Time Tracking:

Original Estimate:

3 hours

Remaining Estimate:

0 minutes

Time Spent:

3 hours

Issue Links:

Duplicate

This issue is duplicated by:

~~JRA-13049~~ JIRA crashes when subscribing to a filter, and not logged in.

~~JRA-14272~~ NullPointerException when clicking on email filter subscription edit link when not logged into JIRA

Reference

This issue relates to:

~~JRA-13577~~ Can't remove Anyone from jira-users global permission in JIRA 3.10.1 upgraded from earlier version

~~JRA-13564~~ unable to add 'Anyone' to global permission 'Jira-users'

Participants:	Dushan Hanuska [Atlassian] and Steven Salter
Since last comment:	31 weeks, 2 days ago
Resolution Date:	23/Jan/08 01:45 AM
To be done by:	Single developer
Labels:

Description

« Hide

When logged out of JIRA and clicking on the "here" link in an email subscription to perform an edit, a NullPointerEexception is observed. This NPE is not observed once I log into JIRA and click on the link once again.

The customer that reported this bug said:

I updated the issue to display the rest of the stack trace. I did try to see if I could reproduce this on jira.atlassian.com - I created a filter and received the html e-mail when clicking on the 'Here' link I was taken to the login screen. The instance in which the issue occured in in running in SSL and is also private.

I was able to reproduce this bug locally. The exception is:

java.lang.NullPointerException
	at com.atlassian.jira.issue.subscription.DefaultSubscriptionManager.getSubscription(DefaultSubscriptionManager.java:62)
	at com.atlassian.jira.web.action.filter.FilterSubscription.doDefault(FilterSubscription.java:69)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at webwork.util.InjectionUtils$DefaultInjectionImpl.invoke(InjectionUtils.java:61)
	at webwork.util.InjectionUtils.invoke(InjectionUtils.java:52)
	at webwork.action.ActionSupport.invokeCommand(ActionSupport.java:417)
	at webwork.action.ActionSupport.execute(ActionSupport.java:146)
	at com.atlassian.jira.action.JiraActionSupport.execute(JiraActionSupport.java:54)
	at webwork.dispatcher.GenericDispatcher.executeAction(GenericDispatcher.java:132)
	at com.atlassian.jira.web.dispatcher.JiraServletDispatcher.service(JiraServletDispatcher.java:211)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.jira.web.filters.AccessLogFilter.doFilter(AccessLogFilter.java:73)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:119)
	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:55)
	at com.atlassian.jira.web.filters.SitemeshExcludePathFilter.doFilter(SitemeshExcludePathFilter.java:38)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:192)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:114)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:110)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.util.profiling.filters.ProfilingFilter.doFilter(ProfilingFilter.java:132)
	at com.atlassian.jira.web.filters.JIRAProfilingFilter.doFilter(JIRAProfilingFilter.java:16)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.jira.web.filters.ActionCleanupDelayFilter.doFilter(ActionCleanupDelayFilter.java:43)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.jira.web.filters.RequestCleanupFilter.doFilter(RequestCleanupFilter.java:50)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:72)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:350)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:81)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.core.filters.AbstractEncodingFilter.doFilter(AbstractEncodingFilter.java:37)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.jira.appconsistency.db.DatabaseCompatibilityEnforcerFilter.doFilter(DatabaseCompatibilityEnforcerFilter.java:39)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
	at java.lang.Thread.run(Thread.java:619)

and is caused by the following line in the FilterSubscription.doDefault()

GenericValue subscription = subscriptionManager.getSubscription(getRemoteUser(), subId);

because getRemoteUser() for a not logged in user returns null.

Description

I updated the issue to display the rest of the stack trace. I did try to see if I could reproduce this on jira.atlassian.com - I created a filter and received the html e-mail when clicking on the 'Here' link I was taken to the login screen. The instance in which the issue occured in in running in SSL and is also private.

I was able to reproduce this bug locally. The exception is:

java.lang.NullPointerException
	at com.atlassian.jira.issue.subscription.DefaultSubscriptionManager.getSubscription(DefaultSubscriptionManager.java:62)
	at com.atlassian.jira.web.action.filter.FilterSubscription.doDefault(FilterSubscription.java:69)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at webwork.util.InjectionUtils$DefaultInjectionImpl.invoke(InjectionUtils.java:61)
	at webwork.util.InjectionUtils.invoke(InjectionUtils.java:52)
	at webwork.action.ActionSupport.invokeCommand(ActionSupport.java:417)
	at webwork.action.ActionSupport.execute(ActionSupport.java:146)
	at com.atlassian.jira.action.JiraActionSupport.execute(JiraActionSupport.java:54)
	at webwork.dispatcher.GenericDispatcher.executeAction(GenericDispatcher.java:132)
	at com.atlassian.jira.web.dispatcher.JiraServletDispatcher.service(JiraServletDispatcher.java:211)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.jira.web.filters.AccessLogFilter.doFilter(AccessLogFilter.java:73)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:119)
	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:55)
	at com.atlassian.jira.web.filters.SitemeshExcludePathFilter.doFilter(SitemeshExcludePathFilter.java:38)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:192)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:114)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:110)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.util.profiling.filters.ProfilingFilter.doFilter(ProfilingFilter.java:132)
	at com.atlassian.jira.web.filters.JIRAProfilingFilter.doFilter(JIRAProfilingFilter.java:16)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.jira.web.filters.ActionCleanupDelayFilter.doFilter(ActionCleanupDelayFilter.java:43)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.jira.web.filters.RequestCleanupFilter.doFilter(RequestCleanupFilter.java:50)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:72)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:350)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:81)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.core.filters.AbstractEncodingFilter.doFilter(AbstractEncodingFilter.java:37)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at com.atlassian.jira.appconsistency.db.DatabaseCompatibilityEnforcerFilter.doFilter(DatabaseCompatibilityEnforcerFilter.java:39)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
	at java.lang.Thread.run(Thread.java:619)

and is caused by the following line in the FilterSubscription.doDefault()

GenericValue subscription = subscriptionManager.getSubscription(getRemoteUser(), subId);

because getRemoteUser() for a not logged in user returns null.

Show »

All

Comments

Work Log

Change History

Sort Order:

[ Permlink | « Hide ]

Dushan Hanuska [Atlassian] added a comment - 23/Jan/08 01:45 AM

JIRA was modified in version 3.10.1 to prevent adding Anyone to the jira-users global permission: ~~JRA-13049~~.

The following will resolve the problem. Firstly, run the following query:

mysql> select * from schemepermissions where scheme is NULL and permission = 1 and perm_type='group' and perm_parameter is NULL;
+-------+--------+------------+-----------+----------------+
| ID    | SCHEME | PERMISSION | perm_type | perm_parameter |
+-------+--------+------------+-----------+----------------+
| 10042 |   NULL |          1 | group     | NULL           | 
+-------+--------+------------+-----------+----------------+
1 row in set (0.00 sec)

This should return one row, as above. If so, run the following command to remove the row

mysql> delete from schemepermissions where scheme is NULL and permission = 1 and perm_type='group' and perm_parameter is NULL;
Query OK, 1 row affected (0.00 sec)

You will need to restart JIRA for the change to take place, as JIRA caches permissions in memory. You will need to specify which groups have the JIRA Users global permission, since you can no longer assign Anyone to jira-users.

When you create a new user in JIRA, it automatically adds that user to any group that is in the jira-users global permission. Out of the box, the jira-users group is in the jira-users global permission, so any new user that you create gets added to the jira-users group. Or to put in another way, out of the box, membership of the jira-users group controls who can log in, and by default all users are members of this group.

[ Permlink | « Hide ]

Steven Salter added a comment - 23/Jan/08 05:41 AM - edited

Thanks for the db info, I'm not really into mucking around in the db. I've linked the other issues to this one can somehow the priority of fixing the regression be raised?