Details
-
Bug
-
Resolution: Cannot Reproduce
-
Low
-
None
-
5.15.0.1, 5.14.1
-
None
-
Severity 3 - Minor
-
Description
Summary
Could not add any user or group to Global Permissions
Steps to Reproduce
- Navigate to Administration >> Security >> Global permissions
- Click on the button "Edit Global Permissions"
- Click on the button "Add user"
- Search and select a user
- Click on the button "Add"
Expected Results
The user will be successfully added into Global Permissions list
Actual Results
The below exception is thrown in the atlassian-bamboo.log file:
2017-03-08 10:59:55,767 INFO [http-nio-8085-exec-17] [AccessLogFilter] username POST https://bamboo/ajax/createPermissionPrincipal.action 378865kb 2017-03-08 10:59:55,777 ERROR [http-nio-8085-exec-17] [ExceptionMappingInterceptor] query did not return a unique result: 23; nested exception is org.hibernate.NonUniqueResultException: query did not return a unique result: 23 org.springframework.dao.IncorrectResultSizeDataAccessException: query did not return a unique result: 23; nested exception is org.hibernate.NonUniqueResultException: query did not return a unique result: 23 at org.springframework.orm.hibernate4.SessionFactoryUtils.convertHibernateAccessException(SessionFactoryUtils.java:178) at org.springframework.orm.hibernate4.HibernateTemplate.doExecute(HibernateTemplate.java:344) at org.springframework.orm.hibernate4.HibernateTemplate.execute(HibernateTemplate.java:296) at com.atlassian.bamboo.security.acegi.acls.AclHibernateDao.findAcl(AclHibernateDao.java:73) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:281) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208) at com.sun.proxy.$Proxy32.findAcl(Unknown Source) at com.atlassian.bamboo.security.acegi.acls.HibernateMutableAclServiceImpl.readMutableAclById(HibernateMutableAclServiceImpl.java:216) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:281) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208) at com.sun.proxy.$Proxy33.readMutableAclById(Unknown Source) at com.atlassian.bamboo.configuration.AddPermissionAction.getAcl(AddPermissionAction.java:125) at com.atlassian.bamboo.configuration.AddPermissionAction.addUserPrincipal(AddPermissionAction.java:64) at com.atlassian.bamboo.configuration.AddPermissionAction.createPrincipal(AddPermissionAction.java:46)
Notes
There are duplicate data in the table ACL_OBJECT_IDENTITY and ACL_ENTRY
Workaround
- Shutdown Bamboo
- Backup database for rollback purposes
- Select the list of Global Permission data in the table ACL_OBJECT_IDENTITY:
SELECT * FROM ACL_OBJECT_IDENTITY WHERE OBJECT_ID_IDENTITY=999999 AND OBJECT_ID_CLASS="com.atlassian.bamboo.security.GlobalApplicationSecureObject"
The above SQL result should only have 1 row
- Delete the duplicate data so that only 1 row is left:
DELETE FROM ACL_ENTRY WHERE ACL_OBJECT_IDENTITY IN (id1,id2); DELETE FROM ACL_OBJECT_IDENTITY WHERE ID IN (id1,id2);
Replace id1,id2 and add any extra ID into the above SQL to delete the duplicate data
- Restart Bamboo