Uploaded image for project: 'Jira Cloud'
  1. Jira Cloud
  2. JRACLOUD-21286

UserUtilImpl doesn't properly handle the case when "Anyone" has permission to administrate JIRA

    XMLWordPrintable

Details

    Description

      NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report.

      Bizarrely this bug only seems to occur when the Anyone "group" has admin or sysadmin permissions (as set in permission schemes). It results in a call to UserUtilImpl.getGroup with a null group (which I guess, but am not sure is supposed to represent the Anyone group). This in turn may throw an exception, depending on what is backing it.

      Luckily it is unusual for people to grant admin access to Anyone, so this is unlikely to affect too many customers.

      The workaround is to replace the Anyone group where it is used in the permissions scheme with a group containing all users.

      An example stack trace that occurs in this situation is (though I doubt this problem is limited to Studio or GreenHopper)
      com.atlassian.util.concurrent.LazyReference$InitializationException: java.lang.IllegalArgumentException: [Assertion Failed] - argument passed to method must not be null
      at com.atlassian.util.concurrent.LazyReference.getInterruptibly(LazyReference.java:152)
      at com.atlassian.util.concurrent.LazyReference.get(LazyReference.java:115)
      at com.atlassian.util.concurrent.ResettableLazyReference.get(ResettableLazyReference.java:73)
      at com.atlassian.jira.user.util.UserUtilImpl.getActiveUserCount(UserUtilImpl.java:370)
      at com.atlassian.jira.user.util.UserUtilImpl.hasExceededUserLimit(UserUtilImpl.java:388)
      at com.atlassian.studio.jira.license.StudioLicenseUserUtilImpl.hasExceededUserLimit(StudioLicenseUserUtilImpl.java:130)
      at sun.reflect.GeneratedMethodAccessor487.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:592)
      at com.atlassian.jira.ProxyAdapter$ProxiedComponentInvocationHandler.invoke(ProxyAdapter.java:171)
      at $Proxy171.hasExceededUserLimit(Unknown Source)
      at com.pyxis.greenhopper.jira.license.GreenHopperLicenseManagerImpl.doVerify(GreenHopperLicenseManagerImpl.java:154)
      at com.pyxis.greenhopper.jira.license.GreenHopperLicenseManagerImpl.verify(GreenHopperLicenseManagerImpl.java:49)
      at com.pyxis.greenhopper.jira.actions.ConfigurationAction.doSuccess(ConfigurationAction.java:93)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:592)
      at webwork.util.InjectionUtils$DefaultInjectionImpl.invoke(InjectionUtils.java:61)
      at webwork.util.InjectionUtils.invoke(InjectionUtils.java:52)
      at webwork.action.ActionSupport.invokeCommand(ActionSupport.java:417)
      at webwork.action.ActionSupport.execute(ActionSupport.java:146)
      at com.atlassian.jira.action.JiraActionSupport.execute(JiraActionSupport.java:59)
      at webwork.dispatcher.GenericDispatcher.executeAction(GenericDispatcher.java:141)
      at com.atlassian.jira.web.dispatcher.JiraServletDispatcher.service(JiraServletDispatcher.java:181)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.core.filters.HeaderSanitisingFilter.doFilter(HeaderSanitisingFilter.java:44)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
      at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55)
      at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:41)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.jira.web.filters.accesslog.AccessLogFilter.executeRequest(AccessLogFilter.java:154)
      at com.atlassian.jira.web.filters.accesslog.AccessLogFilter.doFilter(AccessLogFilter.java:133)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:119)
      at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:55)
      at com.atlassian.jira.web.filters.SitemeshExcludePathFilter.doFilter(SitemeshExcludePathFilter.java:40)
      at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
      at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55)
      at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:41)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:206)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:98)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.seraph.filter.BaseLoginFilter.doFilter(BaseLoginFilter.java:131)
      at com.atlassian.jira.web.filters.JiraLoginFilter.doFilter(JiraLoginFilter.java:70)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
      at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66)
      at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:69)
      at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74)
      at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:42)
      at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55)
      at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:41)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.util.profiling.filters.ProfilingFilter.doFilter(ProfilingFilter.java:99)
      at com.atlassian.jira.web.filters.JIRAProfilingFilter.doFilter(JIRAProfilingFilter.java:16)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.jira.web.filters.ActionCleanupDelayFilter.doFilter(ActionCleanupDelayFilter.java:59)
      at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.jira.web.filters.RequestCleanupFilter.doFilter(RequestCleanupFilter.java:53)
      at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.johnson.filters.AbstractJohnsonFilter.doFilter(AbstractJohnsonFilter.java:72)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:350)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.gzipfilter.GzipFilter.doFilterInternal(GzipFilter.java:81)
      at com.atlassian.gzipfilter.GzipFilter.doFilter(GzipFilter.java:51)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46)
      at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:55)
      at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:41)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.core.filters.cache.AbstractCachingFilter.doFilter(AbstractCachingFilter.java:33)
      at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.core.filters.encoding.AbstractEncodingFilter.doFilter(AbstractEncodingFilter.java:41)
      at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at com.atlassian.jira.startup.JiraStartupChecklistFilter.doFilter(JiraStartupChecklistFilter.java:72)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
      at java.lang.Thread.run(Thread.java:613)
      Caused by: java.lang.IllegalArgumentException: [Assertion Failed] - argument passed to method must not be null
      at com.atlassian.crowd.integration.util.Assert.notNull(Assert.java:33)
      at com.atlassian.crowd.integration.osuser.CrowdAccessProvider.handles(CrowdAccessProvider.java:59)
      at com.opensymphony.user.UserManager.getProvider(UserManager.java:269)
      at com.opensymphony.user.UserManager.getEntity(UserManager.java:257)
      at com.opensymphony.user.UserManager.getGroup(UserManager.java:173)
      at com.atlassian.jira.user.util.DefaultUserManager.getGroup(DefaultUserManager.java:79)
      at sun.reflect.GeneratedMethodAccessor294.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:592)
      at com.atlassian.jira.ProxyAdapter$ProxiedComponentInvocationHandler.invoke(ProxyAdapter.java:167)
      at $Proxy90.getGroup(Unknown Source)
      at sun.reflect.GeneratedMethodAccessor294.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:592)
      at com.atlassian.plugin.osgi.hostcomponents.impl.DefaultComponentRegistrar$ContextClassLoaderSettingInvocationHandler.invoke(DefaultComponentRegistrar.java:129)
      at $Proxy90.getGroup(Unknown Source)
      at sun.reflect.GeneratedMethodAccessor294.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:592)
      at com.atlassian.plugin.osgi.bridge.external.HostComponentFactoryBean$DynamicServiceInvocationHandler.invoke(HostComponentFactoryBean.java:150)
      at $Proxy90.getGroup(Unknown Source)
      at com.atlassian.jira.user.util.UserUtilImpl.getGroup(UserUtilImpl.java:567)
      at com.atlassian.jira.user.util.UserUtilImpl$1.create(UserUtilImpl.java:103)
      at com.atlassian.jira.user.util.UserUtilImpl$1.create(UserUtilImpl.java:96)
      at com.atlassian.util.concurrent.ResettableLazyReference$InternalReference.create(ResettableLazyReference.java:127)
      at com.atlassian.util.concurrent.LazyReference$1.call(LazyReference.java:79)
      at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:269)
      at java.util.concurrent.FutureTask.run(FutureTask.java:123)
      at com.atlassian.util.concurrent.LazyReference.getInterruptibly(LazyReference.java:146)
      at com.atlassian.util.concurrent.LazyReference.get(LazyReference.java:115)
      at com.atlassian.util.concurrent.ResettableLazyReference.get(ResettableLazyReference.java:73)
      at com.atlassian.jira.user.util.UserUtilImpl.getActiveUserCount(UserUtilImpl.java:370)
      at com.atlassian.jira.user.util.UserUtilImpl.hasExceededUserLimit(UserUtilImpl.java:388)
      at com.atlassian.studio.jira.license.StudioLicenseUserUtilImpl.hasExceededUserLimit(StudioLicenseUserUtilImpl.java:130)
      at sun.reflect.GeneratedMethodAccessor487.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:592)
      at com.atlassian.jira.ProxyAdapter$ProxiedComponentInvocationHandler.invoke(ProxyAdapter.java:171)
      at $Proxy171.hasExceededUserLimit(Unknown Source)
      at com.atlassian.jira.web.action.admin.GlobalPermissions.hasExceededUserLimit(GlobalPermissions.java:337)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:592)
      at webwork.util.InjectionUtils$DefaultInjectionImpl.invoke(InjectionUtils.java:61)
      at webwork.util.InjectionUtils.invoke(InjectionUtils.java:52)
      at webwork.util.ValueStack.findValue(ValueStack.java:409)
      at webwork.util.SimpleTest.test(SimpleTest.java:391)
      at webwork.util.ValueStack.test(ValueStack.java:157)
      at webwork.view.taglib.IfTag.doStartTag(IfTag.java:38)
      at org.apache.jsp.secure.admin.jira.views.globalpermissions_jsp._jspService(globalpermissions_jsp.java:193)
      at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
      at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342)
      at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
      at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
      at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
      at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
      at com.atlassian.jira.web.dispatcher.JiraServletDispatcher.service(JiraServletDispatcher.java:251)
      ... 94 more

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-21286 UserUtilImpl doesn't properly handle the case when "Anyone" has permission to administrate JIRA

          • Low - Low priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              edalgliesh Eric Dalgliesh
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: