-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Low
-
None
-
Affects Version/s: 3.27.0, 3.28.0, 3.29.0, 3.29.1
-
Component/s: Plan
-
None
-
12
-
Severity 3 - Minor
-
5
Issue Summary
When using the Advanced Roadmaps (formerly Portfolio) App, accessing a shared link of a roadmap plan while unauthenticated in Jira throws an error with a stack trace in the UI instead of a friendly message saying that I should authenticate to Jira.
This issue occurs as well when using the Advanced Roadmaps for Jira in Confluence macro in a Confluence page.
Steps to Reproduce
- Install a vanilla instance of Jira.
- This was validated with Jira version 8.5.3.
- Install Advanced Roadmaps (formerly Portfolio) App.
- This was validated on App version 3.29.1, 3.29.0 and the issue was introduced on version 3.27.0.
- Create a Scrum software development project with sample data.
- Create a plan based on the sample project.
- Share the plan and copy the generated URL.
- Open an incognito window (to ensure you are not authenticated to Jira) and access the plan shared URL.
Expected Results
The roadmap plan should not load and there should be a friendly message in the UI to login to Jira so I can see the page – or the user is redirected to the login page.
If using the regular share link, then user is redirected to the Jira authentication page.
If using the embedded or Confluence links, then the user gets a friendly page to authenticate.
Actual Results
If using the embedded or Confluence links, then the user is presented to an error with the following stack trace.
Directly pasting the URL in the Confluence macro configuration presents the same problem.
An error occurred whilst rendering this message. Please contact the administrators, and inform them of this bug. Details: ------- org.apache.velocity.exception.ParseErrorException: Encountered "#else\n" at com.atlassian.jpo:jpo-ww1//views/page-login-headerless/view.vm[line 7, column 79] Was expecting one of: <EOF> "(" ... <RPAREN> ... <ESCAPE_DIRECTIVE> ... <SET_DIRECTIVE> ... "##" ... "\\\\" ... "\\" ... <TEXT> ... "*#" ... "*#" ... <STRING_LITERAL> ... <IF_DIRECTIVE> ... <STOP_DIRECTIVE> ... <INTEGER_LITERAL> ... <FLOATING_POINT_LITERAL> ... <WORD> ... <BRACKETED_WORD> ... <IDENTIFIER> ... <DOT> ... "{" ... "}" ... at org.apache.velocity.Template.process(Template.java:141) at org.apache.velocity.runtime.resource.ResourceManagerImpl.loadResource(ResourceManagerImpl.java:446) at org.apache.velocity.runtime.resource.ResourceManagerImpl.getResource(ResourceManagerImpl.java:354) at org.apache.velocity.runtime.RuntimeInstance.getTemplate(RuntimeInstance.java:1399) at org.apache.velocity.app.VelocityEngine.mergeTemplate(VelocityEngine.java:370) at com.atlassian.velocity.DefaultVelocityManager.writeEncodedBodyImpl(DefaultVelocityManager.java:117) at com.atlassian.velocity.DefaultVelocityManager.writeEncodedBody(DefaultVelocityManager.java:97) at com.atlassian.jira.template.velocity.DefaultVelocityTemplatingEngine$DefaultRenderRequest.toWriterImpl(DefaultVelocityTemplatingEngine.java:122) at com.atlassian.jira.template.velocity.DefaultVelocityTemplatingEngine$DefaultRenderRequest.asHtml(DefaultVelocityTemplatingEngine.java:113) at com.atlassian.jira.web.dispatcher.JiraVelocityViewDispatcher.dispatch(JiraVelocityViewDispatcher.java:51) at com.atlassian.jira.web.dispatcher.JiraWebworkViewDispatcher.dispatchViaVelocityView(JiraWebworkViewDispatcher.java:89) at com.atlassian.jira.web.dispatcher.JiraWebworkViewDispatcher.dispatchView(JiraWebworkViewDispatcher.java:56) at com.atlassian.jira.web.dispatcher.JiraWebworkActionDispatcher.service(JiraWebworkActionDispatcher.java:178) at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
Using the regular share link still properly redirects the user to the authentication page.
Workaround
Currently there is no known workaround for this behavior on the latest app version. A workaround will be added here when available.
If you can afford downgrading Advanced Roadmaps to version 3.26.0 it would restore this functionality.
