Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
1
-
4
-
Description
Currently, JIRA source tab user interface do not handle the exception well enough. Let takes a scenario where the integration between FishEye and JIRA is using trusted application, two user had the right to access the issue but one of the user does not actually have the rights to access the repository in FishEye. When user does not has the right to access the FishEye repository it will have the following exception in the UI:
The JIRA logs report:
2012-11-28 18:51:51,640 http-8888-2 ERROR <Username> 1131x692870x1 8b1qq6 172.16.61.89 /browse/SE-1212 [jirafisheyeplugin.domain.crucible.ReviewManagerImpl] (CRU Changeset Search) Error encountered retrieving issue reviews from '<Fisheye_Repository>' on 'Fisheye_URL' java.io.IOException: Error in remote call to '<Fisheye Application Name>' (Fisheye_URL) [AbstractRestCommand{path='api/rest/query', params={query=select revisions where (comment matches 'SE-1212' or p4:jobid = 'SE-1212') return reviews, rep=PIAdaptor}, methodType=POST}] : permission denied for: <Fisheye_Repository> at com.atlassian.jirafisheyeplugin.rest.FishEyeRestApiManagerImpl.callFisheye(FishEyeRestApiManagerImpl.java:197) at com.atlassian.jirafisheyeplugin.rest.FishEyeRestApiManagerImpl.callFisheye(FishEyeRestApiManagerImpl.java:124) at com.atlassian.jirafisheyeplugin.rest.FishEyeRestApiManagerImpl.callFisheye(FishEyeRestApiManagerImpl.java:119) at com.atlassian.jirafisheyeplugin.domain.crucible.ReviewManagerImpl.searchForReviews(ReviewManagerImpl.java:323) at com.atlassian.jirafisheyeplugin.domain.crucible.ReviewManagerImpl.access$000(ReviewManagerImpl.java:31) at com.atlassian.jirafisheyeplugin.domain.crucible.ReviewManagerImpl$1.doQuery(ReviewManagerImpl.java:172) at com.atlassian.jirafisheyeplugin.domain.crucible.ReviewManagerImpl$1.doQuery(ReviewManagerImpl.java:164) at com.atlassian.jirafisheyeplugin.domain.P4Query.doQuery(P4Query.java:12) at com.atlassian.jirafisheyeplugin.domain.crucible.ReviewManagerImpl.getReviewsFromRepositories(ReviewManagerImpl.java:183) at com.atlassian.jirafisheyeplugin.domain.crucible.ReviewManagerImpl.getReviewsForIssue(ReviewManagerImpl.java:86) at com.atlassian.jirafisheyeplugin.domain.crucible.ReviewManagerImpl.getReviewsForIssue(ReviewManagerImpl.java:100) at com.atlassian.jirafisheyeplugin.web.issuetabpanel.crucible.CrucibleIssueTabPanel.createActions(CrucibleIssueTabPanel.java:79) at com.atlassian.jirafisheyeplugin.web.issuetabpanel.AbstractFishEyeCrucibleIssueTabPanel.getActions(AbstractFishEyeCrucibleIssueTabPanel.java:91) at com.atlassian.jira.plugin.issuetabpanel.IssueTabPanelInvokerImpl.invokeGetActions(IssueTabPanelInvokerImpl.java:87) at com.atlassian.jira.issue.tabpanels.AllTabPanel.getActions(AllTabPanel.java:40) at com.atlassian.jira.plugin.issuetabpanel.IssueTabPanelInvokerImpl.invokeGetActions(IssueTabPanelInvokerImpl.java:87) <+2> (DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.atlassian.multitenant.impl.MultiTenantComponentFactoryImpl$AbstractMultiTenantAwareInvocationHandler.invokeInternal(MultiTenantComponentFactoryImpl.java:181) at com.atlassian.multitenant.impl.MultiTenantComponentFactoryImpl$MultiTenantAwareInvocationHandler.invoke(MultiTenantComponentFactoryImpl.java:211) at $Proxy415.invokeGetActions(Unknown Source) <+2> (DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.atlassian.plugin.osgi.hostcomponents.impl.DefaultComponentRegistrar$ContextClassLoaderSettingInvocationHandler.invoke(DefaultComponentRegistrar.java:129) at $Proxy415.invokeGetActions(Unknown Source) <+2> (DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.atlassian.plugin.osgi.bridge.external.HostComponentFactoryBean$DynamicServiceInvocationHandler.invoke(HostComponentFactoryBean.java:154) at $Proxy415.invokeGetActions(Unknown Source) at com.atlassian.jira.plugin.viewissue.ActivityBlockViewIssueContextProvider.getContextMap(ActivityBlockViewIssueContextProvider.java:82) at com.atlassian.jira.plugin.webfragment.CacheableContextProviderDecorator.initContextMap(CacheableContextProviderDecorator.java:70) at com.atlassian.jira.plugin.webfragment.CacheableContextProviderDecorator.getContextMap(CacheableContextProviderDecorator.java:46) at com.atlassian.jira.plugin.webfragment.contextproviders.MultiContextProvider.getContextMap(MultiContextProvider.java:99) at com.atlassian.plugin.web.descriptors.DefaultWebPanelModuleDescriptor$ContextAwareWebPanel.getHtml(DefaultWebPanelModuleDescriptor.java:143) at com.atlassian.jira.web.action.issue.ViewIssue.renderActivityModule(ViewIssue.java:269) <+2> (DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at webwork.util.InjectionUtils$DefaultInjectionImpl.invoke(InjectionUtils.java:70) at webwork.util.InjectionUtils.invoke(InjectionUtils.java:56) at webwork.util.ValueStack.findValue(ValueStack.java:514) at webwork.util.ValueStack.findValue(ValueStack.java:213) at webwork.view.taglib.WebWorkBodyTagSupport.findValue(WebWorkBodyTagSupport.java:62) at webwork.view.taglib.BasicPropertyTag.doStartTag(BasicPropertyTag.java:54) at org.apache.jsp.secure.views.issue.viewissuetab_jsp._jspx_meth_ww_005fproperty_005f2(viewissuetab_jsp.java:143) at org.apache.jsp.secure.views.issue.viewissuetab_jsp._jspService(viewissuetab_jsp.java:78) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:386) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:313) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:260) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) <+11> (ApplicationFilterChain.java:290) (ApplicationFilterChain.java:206) (XContentTypeOptionsNoSniffFilter.java:22) (AbstractHttpFilter.java:31) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (HeaderSanitisingFilter.java:32) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:66) at com.atlassian.labs.botkiller.BotKillerFilter.doFilter(BotKillerFilter.java:30) <+31> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) (ContextFilter.java:25) (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (SitemeshPageFilter.java:119) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (SecurityFilter.java:82) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (BaseLoginFilter.java:169) (JiraLoginFilter.java:70) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:66) (OAuthFilter.java:71) (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) at com.atlassian.bonfire.web.filters.BonfireP3PFilter.doFilter(BonfireP3PFilter.java:43) <+17> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (ApplicationDispatcher.java:646) (ApplicationDispatcher.java:436) (ApplicationDispatcher.java:374) (ApplicationDispatcher.java:302) (JiraWebworkActionDispatcher.java:314) (JiraWebworkActionDispatcher.java:205) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) <+11> (ApplicationFilterChain.java:290) (ApplicationFilterChain.java:206) (XContentTypeOptionsNoSniffFilter.java:22) (AbstractHttpFilter.java:31) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (HeaderSanitisingFilter.java:32) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:66) at com.atlassian.labs.botkiller.BotKillerFilter.doFilter(BotKillerFilter.java:30) <+28> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) (ContextFilter.java:25) (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (SecurityFilter.java:82) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (BaseLoginFilter.java:169) (JiraLoginFilter.java:70) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:66) (OAuthFilter.java:71) (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) at com.atlassian.bonfire.web.filters.BonfireP3PFilter.doFilter(BonfireP3PFilter.java:43) <+15> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (ApplicationDispatcher.java:646) (ApplicationDispatcher.java:436) (ApplicationDispatcher.java:374) (ApplicationDispatcher.java:302) at com.atlassian.jira.servlet.QuickLinkServlet.linkToIssue(QuickLinkServlet.java:158) at com.atlassian.jira.servlet.QuickLinkServlet.service(QuickLinkServlet.java:46) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) <+14> (ApplicationFilterChain.java:290) (ApplicationFilterChain.java:206) (ChainedFilterStepRunner.java:78) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (XContentTypeOptionsNoSniffFilter.java:22) (AbstractHttpFilter.java:31) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (HeaderSanitisingFilter.java:44) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:66) at com.atlassian.labs.botkiller.BotKillerFilter.doFilter(BotKillerFilter.java:36) <+3> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) at com.atlassian.jira.tzdetect.IncludeResourcesFilter.doFilter(IncludeResourcesFilter.java:39) <+22> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) (ContextFilter.java:25) (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (AccessLogFilter.java:103) (AccessLogFilter.java:87) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (XsrfTokenAdditionRequestFilter.java:54) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (SitemeshPageFilter.java:119) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:66) at com.atlassian.labs.remoteapps.modules.permissions.ApiScopingFilter.doFilter(ApiScopingFilter.java:60) <+22> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (SecurityFilter.java:234) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (TrustedApplicationsFilter.java:98) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (BaseLoginFilter.java:169) (JiraLoginFilter.java:70) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:66) (OAuthFilter.java:71) (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) at com.atlassian.bonfire.web.filters.BonfireP3PFilter.doFilter(BonfireP3PFilter.java:57) <+22> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (ProfilingFilter.java:99) (JIRAProfilingFilter.java:19) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (AbstractJohnsonFilter.java:71) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (UrlRewriteFilter.java:738) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (GzipFilter.java:80) (GzipFilter.java:51) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (IteratingFilterChain.java:46) (DelegatingPluginFilter.java:66) at com.atlassian.labs.remoteapps.modules.oauth.OAuth2LOFilter.doFilter(OAuth2LOFilter.java:70) <+3> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) at com.atlassian.labs.remoteapps.util.http.bigpipe.RequestIdSettingFilter.doFilter(RequestIdSettingFilter.java:22) <+47> (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (DelegatingPluginFilter.java:66) (JWDSendRedirectFilter.java:25) (DelegatingPluginFilter.java:74) (IteratingFilterChain.java:42) (ServletFilterModuleContainerFilter.java:77) (ServletFilterModuleContainerFilter.java:63) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (ChainedFilterStepRunner.java:78) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (AbstractCachingFilter.java:33) (AbstractHttpFilter.java:31) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (AbstractEncodingFilter.java:41) (AbstractHttpFilter.java:31) (PathMatchingEncodingFilter.java:49) (AbstractHttpFilter.java:31) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (ActiveRequestsFilter.java:346) (ActiveRequestsFilter.java:463) (ActiveRequestsFilter.java:173) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (JiraStartupChecklistFilter.java:75) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (MultiTenantServletFilter.java:91) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (ChainedFilterStepRunner.java:78) (ApplicationFilterChain.java:235) (ApplicationFilterChain.java:206) (StandardWrapperValve.java:233) (StandardContextValve.java:191) (StandardHostValve.java:127) (ErrorReportValve.java:102) (StandardEngineValve.java:109) (AccessLogValve.java:554) (CoyoteAdapter.java:298) (Http11AprProcessor.java:864) (Http11AprProtocol.java:579) (AprEndpoint.java:1665) at java.lang.Thread.run(Thread.java:662) Caused by: com.atlassian.sal.api.net.ResponseException: permission denied for: <Fisheye_Repository> at com.atlassian.jirafisheyeplugin.rest.FishEyeRestApiManagerImpl$FishEyeResponseHandler.extractDocumentFrom(FishEyeRestApiManagerImpl.java:399) at com.atlassian.jirafisheyeplugin.rest.FishEyeRestApiManagerImpl$FishEyeResponseHandler.handle(FishEyeRestApiManagerImpl.java:377) at com.atlassian.jirafisheyeplugin.rest.FishEyeRestApiManagerImpl$FishEyeResponseHandler.handle(FishEyeRestApiManagerImpl.java:334) at com.atlassian.applinks.core.auth.oauth.OAuthApplinksResponseHandler.handle(OAuthApplinksResponseHandler.java:116) at com.atlassian.plugins.rest.module.jersey.JerseyRequest$2.handle(JerseyRequest.java:166) at com.atlassian.sal.core.net.HttpClientRequest.executeAndReturn(HttpClientRequest.java:307) at com.atlassian.plugins.rest.module.jersey.JerseyRequest.executeAndReturn(JerseyRequest.java:161) at com.atlassian.applinks.core.auth.ApplicationLinkRequestAdaptor.execute(ApplicationLinkRequestAdaptor.java:85) at com.atlassian.applinks.core.auth.oauth.OAuthRequest.execute(OAuthRequest.java:196) at com.atlassian.jirafisheyeplugin.rest.FishEyeRestApiManagerImpl.callFisheye(FishEyeRestApiManagerImpl.java:175) ... 315 more
Where else the user has the right to access the repository do not have the particular exception. It would be great if such exception is suppress in the user interface level
Changing the Jira Permission Scheme to hide the Source Tab from users without access to Fisheye will hide the Source tab activity from the All tab as well.