Details
-
Bug
-
Resolution: Fixed
-
Low
-
3.13.2
-
3.13
-
Description
We have discovered a bug in the com.atlassian.jira.workflow.function.misc.CreateCommentFunction.java. I have attached our fixed and tested class. Notice the changes on Lines 54-57, checking for a null remote user before sending the username into the create comment function.
Steps to recreate:
- Create new workflow with a transition that has no permission restrictions to execute
- Create a blank screen as the screen for that transition (aka only the comment box shows up)
- assign to a workflow scheme and a project
- allow Group Anyone to add a comment permission on project
- Create an incident
- Log out and execute workflow transition for incident, filling in comment box
Expected result, comment saves as anonymous
Actual result, workflow transition throws NullPointerException.
2009-01-22 16:17:27,075 http-8080-7 ERROR [workflow.function.misc.CreateCommentFunction] Exception: java.lang.NullPointerException java.lang.NullPointerException at com.atlassian.jira.workflow.function.misc.CreateCommentFunction.execute(CreateCommentFunction.java:56) at com.opensymphony.workflow.AbstractWorkflow.executeFunction(AbstractWorkflow.java:869) at com.opensymphony.workflow.AbstractWorkflow.transitionWorkflow(AbstractWorkflow.java:1265) at com.opensymphony.workflow.AbstractWorkflow.doAction(AbstractWorkflow.java:567) at com.atlassian.jira.workflow.SimpleWorkflowManager.doWorkflowAction(SimpleWorkflowManager.java:298) at com.atlassian.jira.workflow.WorkflowTransitionUtilImpl.progress(WorkflowTransitionUtilImpl.java:264) at com.atlassian.jira.web.action.issue.CommentAssignIssue.doExecute(CommentAssignIssue.java:245) at webwork.action.ActionSupport.execute(ActionSupport.java:153) at com.atlassian.jira.action.JiraActionSupport.execute(JiraActionSupport.java:54) at webwork.dispatcher.GenericDispatcher.executeAction(GenericDispatcher.java:132) at com.atlassian.jira.web.dispatcher.JiraServletDispatcher.service(JiraServletDispatcher.java:178) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
Thanks to Brad Svee for raising this bug and developing the fix to check for a null user.