Uploaded image for project: 'Jira Cloud'
  1. Jira Cloud
  2. JRACLOUD-68462

Jira will throw a 500 error if there are duplicated project roles in a permission scheme

    XMLWordPrintable

Details

    Description

      Summary

      Jira will throw a 500 error when accessing a project which has a permission scheme with duplicated entries in its project roles permissions.

      Steps to Reproduce

      1. Create a project
      2. Inject a duplicated role to any permissions
      3. See the 500 error when trying to access the project and the affected permission scheme is loading a blank screen

      (These steps are only reproducible by support)

      Expected Results

      Jira will be able to handle this exception and it will show an error telling customers it's caused by duplicated entries in the permission scheme.

      Actual Results

      A 500 error page will be displayed.

        com.atlassian.jira.util.dbc.Assertions$NullArgumentException: ProjectRole should not be null!
    	at com.atlassian.jira.util.dbc.Assertions.notNull(Assertions.java:25) 
    	at com.atlassian.jira.security.roles.DefaultProjectRoleManager.getProjectRoleActors(DefaultProjectRoleManager.java:216) 
    	at com.atlassian.jira.notification.type.ProjectRoleSecurityAndNotificationType.getProjectRoleActors(ProjectRoleSecurityAndNotificationType.java:206) 
    	at com.atlassian.jira.notification.type.ProjectRoleSecurityAndNotificationType.hasPermission(ProjectRoleSecurityAndNotificationType.java:159) 
    	at com.atlassian.jira.permission.DefaultPermissionSchemeManager.lambda$hasSchemePermission$3(DefaultPermissionSchemeManager.java:538)
    	at com.atlassian.jira.permission.DefaultPermissionSchemeManager.hasSchemePermission(DefaultPermissionSchemeManager.java:708) 
    	at com.atlassian.jira.permission.DefaultPermissionSchemeManager.hasSchemePermission(DefaultPermissionSchemeManager.java:538)
    	at com.atlassian.jira.security.DefaultPermissionManager.doProjectPermissionCheck(DefaultPermissionManager.java:246) 
    	at com.atlassian.jira.security.DefaultPermissionManager.hasPermission(DefaultPermissionManager.java:153) [classes/:?]
    	at com.atlassian.jira.security.WorkflowBasedPermissionManager.hasPermission(WorkflowBasedPermissionManager.java:121) com.atlassian.jira.security.ApplicationRequiredPermissionManager.lambda$hasPermission$7(ApplicationRequiredPermissionManager.jacom.atlassian.jira.security.ApplicationRequiredPermissionManager.checkUserHasApplicationOrFalse(ApplicationRequiredPermissionMacom.atlassian.jira.security.ApplicationRequiredPermissionManager.hasPermission(ApplicationRequiredPermissionManager.java:120) 
    	at com.atlassian.jira.security.SwitchingPermissionManager.hasPermission(SwitchingPermissionManager.java:98) [classes/:?]
    	at com.atlassian.jira.bc.project.ProjectAction.lambda$userHasAnyProjectPermissions$6(ProjectAction.java:177) [jira-api-1001.0.0-
    	at java.util.stream.MatchOps$1MatchSink.accept(MatchOps.java:90) [?:1.8.0_131]
    	at java.util.Collections$2.tryAdvance(Collections.java:4717) [?:1.8.0_131]
    	at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126) [?:1.8.0_131]
    	at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:498) [?:1.8.0_131]
    	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:485) [?:1.8.0_131]
    	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) [?:1.8.0_131]
    	at java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:230) [?:1.8.0_131]
    	at java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:196) [?:1.8.0_131]
    	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) [?:1.8.0_131]
    	at java.util.stream.ReferencePipeline.anyMatch(ReferencePipeline.java:449) [?:1.8.0_131]
    	at com.atlassian.jira.bc.project.ProjectAction.userHasAnyProjectPermissions(ProjectAction.java:176) [jira-api-1001.0.0-
    	at com.atlassian.jira.bc.project.ProjectAction.hasPermission(ProjectAction.java:139) [jira-api-1001.0.0-SNAPSHOT.jar:?]
    	at com.atlassian.jira.bc.project.DefaultProjectService.checkActionPermission(DefaultProjectService.java:1220) [classes/:?]
    	at com.atlassian.jira.bc.project.DefaultProjectService.getProjectByKeyForAction(DefaultProjectService.java:952) [classes/:?]
    	at com.atlassian.jira.bc.project.DefaultProjectService.getProjectByKey(DefaultProjectService.java:930) [classes/:?]
    	at com.atlassian.jira.admin.ProjectAdminSidebarFeatureImpl.shouldDisplay(ProjectAdminSidebarFeatureImpl.java:32) [classes/:?]
    	at java.util.Optional.map(Optional.java:215) 
(....)
	at java.lang.Thread.run(Thread.java:748)

      Note

      Contact Support
      Affected permission scheme will load blank

      Attachments

        Issue Links

          has a derivative of

          DONUT-2968 Loading...

          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Activity

            People

              asinha@atlassian.com Abhinaya Sinha
              dbrito Daniel Brito [Atlassian]
              Votes:
              6 Vote for this issue
              Watchers:
              20 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: