-
Bug
-
Resolution: Fixed
-
Medium
-
5.10.0, 5.11.0, 5.10.1, 5.10.2, 5.12.0, 5.11.1, 5.11.2, 5.11.3, 5.12.1
-
2
-
Severity 3 - Minor
-
5
-
Issue Summary
Creating tickets in the customer portal does not allow the "Security level" field to be blank though the field is set as optional
This is reproducible on Data Center: (yes) / (no)
This is working in the 9.6/5.6 versions but not in 9.12
and it was observed that the default value "None" is not being displayed in the drop-down
Steps to Reproduce
- Create an issue security level and associate it with an ITSM project.
- Add the "Security level" field to the JSM project screens.
- Add the "Security level" field to request types under the project settings and keep it optional
- try creating issues from the customer portal and it doesn't work until we set the "Security Level" with some value
Expected Results
The ticket should be created with the "Security level" field to be blank or without any value in the field
Actual Results
Ticket creation failing with errors and logs will show:
2024-03-21 13:04:54,388-0700 http-nio-8082-exec-6 ERROR adminname 784x321x1 1iu68vs xxx.xxx.xxx.xxx,127.0.0.1 /servicedesk/customer/portal/1/create/1234 [c.a.p.i.util.runner.AuthenticationContextUtilImpl] Unexpected error while running action as user 'adminname' java.lang.NumberFormatException: For input string: "" at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:65) at java.base/java.lang.Long.parseLong(Long.java:702) at java.base/java.lang.Long.valueOf(Long.java:1144) at com.atlassian.jira.issue.fields.SecurityLevelSystemField.getValueFromParams(SecurityLevelSystemField.java:320) at com.atlassian.jira.issue.fields.SecurityLevelSystemField.updateIssue(SecurityLevelSystemField.java:430) at com.atlassian.jira.web.action.issue.IssueCreationHelperBeanImpl.updateIssueFromFieldValuesHolder(IssueCreationHelperBeanImpl.java:145) at com.atlassian.jira.bc.issue.DefaultIssueService.validateAndCreateIssueFromFields(DefaultIssueService.java:813) at com.atlassian.jira.bc.issue.DefaultIssueService.validateCreate(DefaultIssueService.java:768) at com.atlassian.jira.bc.issue.DefaultIssueService.validateCreate(DefaultIssueService.java:225) at jdk.internal.reflect.GeneratedMethodAccessor2003.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at com.atlassian.plugin.util.ContextClassLoaderSettingInvocationHandler.invoke(ContextClassLoaderSettingInvocationHandler.java:26) at com.sun.proxy.$Proxy227.validateCreate(Unknown Source) at jdk.internal.reflect.GeneratedMethodAccessor2003.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344) at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56) at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:137) at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70) at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:137) at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:241) at com.sun.proxy.$Proxy4569.validateCreate(Unknown Source) at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.validateCreateIssueInputParameters(CustomerRequestManagerImpl.java:249) at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.createValidationResult(CustomerRequestManagerImpl.java:179) at com.atlassian.servicedesk.internal.feature.customer.request.CustomerRequestManagerImpl.lambda$validateCreateRequest$3(CustomerRequestManagerImpl.java:119) at com.atlassian.pocketknife.step.EitherStep4.lambda$null$0(EitherStep4.java:29)
Workaround
Setting the default security level for an issue security scheme
You now have the power to select the default security level that will be applied to issues assigned to each security scheme.
Some things to keep in mind when setting a default security level:
- If the reporter of an issue does not have the 'Set Issue Security' permission, the issue will be set to the default security level.
- If an issue security scheme doesn't have a default security level, issue security levels will be set to 'None' (anyone can see the issues).
- If the user has the Set Issue Security' permission but they aren't assigned to the default issue security level and don't update the security level when opening a ticket, the issue won't be set to the default security level. Instead, it'll be set to the security level that this user is assigned to.
To setup the default security level:
- In the upper-right corner of the screen, select Administration
> Issues. - In the sidebar, select ** Issue security schemes to open the Issue security schemes page, which lists all the issue security schemes currently available in your Jira installation.
- Select the scheme name, or the Security levels link in the Actions column, to open the Edit issue security levels page.
- To set the default security level, locate the appropriate Security level and click Default in the Actions column.
- To remove the default security level, click Change default security level to "None" link (near the top of the page
- mentioned in
-
Page Failed to load
[JSDSERVER-15024] Creating tickets in the customer portal not allowing the "Security level" field to be blank though the field is set optional
I'm experiencing the same problem with v5.17.0 so it seems is not completely fixed.
I've applied a workaround: created a "Public" security level and set this as the default. To hide None from the list of options, I've set the field on the Request type as required.
It is sub-optimal but at least now it works.
This bug is such a pain I decided to see if I could hack some javascript with ScriptRunner Behaviours to alleviate the issue (using context customerportal):
Basically if the value is blank for security level, set it to -1 which is what the regular Create form does when you leave it unset.
document.addEventListener('DOMNodeInserted', function() { var securityInput = document.querySelector('input[name="security"]'); if (securityInput != null && securityInput.value === "") { securityInput.value = "-1"; } });
Hi Atlassian, Any update on my previous comment? I don't think fixed version 5.14.0 is LTS version and Any idea when we can expect a fix for LTS ?
Is there no backport planned for this critical bug?
Also putting the error from the logs would be helpful for those trying to google for an answer:
java.lang.NumberFormatException: For input string: "" at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:65) at java.base/java.lang.Long.parseLong(Long.java:702) at java.base/java.lang.Long.valueOf(Long.java:1144) at com.atlassian.jira.issue.fields.SecurityLevelSystemField.getValueFromParams(SecurityLevelSystemField.java:320) at com.atlassian.jira.issue.fields.SecurityLevelSystemField.updateIssue(SecurityLevelSystemField.java:430)
Hi Team, I don't see this issues fixed with any latest LTS versions, Any idea when we can expect a fix for LTS ?
I've upgraded to Jira 10.3.1 and JSM 10.3.1.
The problem still exists.