[MAGNOLIA-8383] Incomplete app definition permissions lead to unreachable admincentral Created: 13/Nov/19 Updated: 20/Apr/22 Resolved: 19/Apr/22 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | None |
| Affects Version/s: | 6.2.11 |
| Fix Version/s: | 6.2.19 |
| Type: | Bug | Priority: | Neutral |
| Reporter: | Richard Gange | Assignee: | Chuong Doan Huy |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | maintenance | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | 2d | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Template: |
|
||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||
| Task DoD: |
[X]*
Doc/release notes changes? Comment present?
[X]*
Downstream builds green?
[X]*
Solution information and context easily available?
[X]*
Tests
[X]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||||||
| Date of First Response: | |||||||||||||
| Epic Link: | Support | ||||||||||||
| Sprint: | DevX 8 | ||||||||||||
| Story Points: | 3 | ||||||||||||
| Team: | |||||||||||||
| Description |
|
For example, let's say I have an incomplete permissions in my app definition. Like this:
label: Events
icon: icon-datepicker
appClass: info.magnolia.ui.contentapp.ContentApp
class: info.magnolia.ui.api.app.registry.ConfiguredAppDescriptor
# Missing roles
permissions:
roles:
subApps:
browser:
label: Events
subAppClass: info.magnolia.ui.contentapp.browser.BrowserSubApp
class: info.magnolia.ui.contentapp.browser.BrowserSubAppDescriptor
...
...
This leads to the following exception here: Nov 13, 2019 2:57:08 PM com.vaadin.server.DefaultErrorHandler doDefault SEVERE: com.google.inject.ProvisionException: Unable to provision, see the following errors: 1) Error in custom provider, info.magnolia.objectfactory.MgnlInstantiationException: Failed to create instance of [class info.magnolia.admincentral.ResurfaceUILayout] at info.magnolia.ui.framework.ioc.ProduceNewInstancesWithComponentProvider.lambda$null$2(ProduceNewInstancesWithComponentProvider.java:84) (via modules: com.google.inject.util.Modules$OverrideModule -> info.magnolia.objectfactory.guice.GuiceComponentProviderBuilder$1 -> com.google.inject.util.Modules$CombinedModule -> info.magnolia.ui.framework.ioc.DeflateUiContextDependentBindings -> info.magnolia.ui.framework.ioc.ProduceNewInstancesWithComponentProvider) while locating info.magnolia.admincentral.ResurfaceUILayout 1 error at com.google.inject.internal.InternalProvisionException.toProvisionException(InternalProvisionException.java:226) at com.google.inject.internal.InjectorImpl$1.get(InjectorImpl.java:1053) at com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:1086) at info.magnolia.objectfactory.guice.GuiceComponentProvider.getComponent(GuiceComponentProvider.java:110) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.lambda$getComponent$3(UiContextBoundComponentProvider.java:125) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.provideInCurrentScope(UiContextBoundComponentProvider.java:163) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.getComponent(UiContextBoundComponentProvider.java:125) at info.magnolia.admincentral.ResurfaceUI.init(ResurfaceUI.java:85) at com.vaadin.ui.UI.doInit(UI.java:776) at com.vaadin.server.communication.UIInitHandler.getBrowserDetailsUI(UIInitHandler.java:218) at com.vaadin.server.communication.UIInitHandler.synchronizedHandleRequest(UIInitHandler.java:76) at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:40) at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1602) at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:445) at info.magnolia.admincentral.AdmincentralServlet.service(AdmincentralServlet.java:114) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at info.magnolia.cms.filters.ServletDispatchingFilter.doFilter(ServletDispatchingFilter.java:148) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:65) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.virtualuri.VirtualUriFilter.doFilter(VirtualUriFilter.java:98) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.module.cache.executor.Bypass.processCacheRequest(Bypass.java:58) at info.magnolia.module.cache.executor.CompositeExecutor.processCacheRequest(CompositeExecutor.java:66) at info.magnolia.module.cache.filter.CacheFilter.doFilter(CacheFilter.java:164) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.i18n.I18nContentSupportFilter.doFilter(I18nContentSupportFilter.java:85) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.RangeSupportFilter.doFilter(RangeSupportFilter.java:78) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.security.BaseSecurityFilter.doFilter(BaseSecurityFilter.java:57) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.security.SecurityCallbackFilter.doFilter(SecurityCallbackFilter.java:84) at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.security.LogoutFilter.doFilter(LogoutFilter.java:94) at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.module.site.filters.SiteMergeFilter.doFilter(SiteMergeFilter.java:119) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.multisite.filters.MultiSiteFilter.doFilter(MultiSiteFilter.java:120) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.MultiChannelFilter.doFilter(MultiChannelFilter.java:83) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.module.cache.filter.GZipFilter.doFilter(GZipFilter.java:74) at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:127) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.enterprise.registration.RegistrationFilter.doFilter(RegistrationFilter.java:79) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.module.devicedetection.filter.DeviceDetectionFilter.doFilter(DeviceDetectionFilter.java:71) at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.personalization.preview.filter.PreviewFilter.doFilter(PreviewFilter.java:92) at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:59) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:81) at info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:155) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:128) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:79) at info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:65) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:85) at info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:107) at info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67) at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:110) at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748) Caused by: info.magnolia.objectfactory.MgnlInstantiationException: Failed to create instance of [class info.magnolia.admincentral.ResurfaceUILayout] at info.magnolia.objectfactory.guice.GuiceComponentProvider.newInstanceWithParameterResolvers(GuiceComponentProvider.java:138) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.lambda$newInstanceWithParameterResolvers$4(UiContextBoundComponentProvider.java:135) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.provideInCurrentScope(UiContextBoundComponentProvider.java:163) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.newInstanceWithParameterResolvers(UiContextBoundComponentProvider.java:135) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.newInstance(UiContextBoundComponentProvider.java:130) at info.magnolia.ui.framework.ioc.ProduceNewInstancesWithComponentProvider$CreateNewInstanceWithComponentProvider.newInstance(ProduceNewInstancesWithComponentProvider.java:115) at info.magnolia.ui.framework.ioc.ProduceNewInstancesWithComponentProvider.lambda$null$0(ProduceNewInstancesWithComponentProvider.java:84) at com.google.inject.internal.ProviderInternalFactory.provision(ProviderInternalFactory.java:85) at com.google.inject.internal.InternalFactoryToInitializableAdapter.provision(InternalFactoryToInitializableAdapter.java:57) at com.google.inject.internal.ProviderInternalFactory.circularGet(ProviderInternalFactory.java:59) at com.google.inject.internal.InternalFactoryToInitializableAdapter.get(InternalFactoryToInitializableAdapter.java:47) at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40) at info.magnolia.ui.framework.ioc.SessionStoreScope.lambda$getInstanceFromBeanStore$1(SessionStoreScope.java:73) at java.util.Optional.orElseGet(Optional.java:267) at info.magnolia.ui.framework.ioc.SessionStoreScope.getInstanceFromBeanStore(SessionStoreScope.java:72) at info.magnolia.ui.framework.ioc.SessionStoreScope.lambda$scope$0(SessionStoreScope.java:64) at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:39) at com.google.inject.internal.InjectorImpl$1.get(InjectorImpl.java:1050) ... 113 more Caused by: info.magnolia.objectfactory.MgnlInstantiationException: Failed to create an instance with c-tor [ResurfaceUILayout(ComponentProvider, NotificationBadge, TaskBadge, BannerContainer, InstanceInfo, UserMenu, ViewportLayout)] at info.magnolia.objectfactory.ObjectManufacturer.newInstance(ObjectManufacturer.java:131) at info.magnolia.objectfactory.ObjectManufacturer.newInstance(ObjectManufacturer.java:99) at info.magnolia.objectfactory.guice.GuiceComponentProvider.newInstanceWithParameterResolvers(GuiceComponentProvider.java:134) ... 130 more Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at info.magnolia.objectfactory.ObjectManufacturer.newInstance(ObjectManufacturer.java:129) ... 132 more Caused by: info.magnolia.objectfactory.MgnlInstantiationException: Failed to create instance of [class info.magnolia.admincentral.findbar.FindBar] at info.magnolia.objectfactory.guice.GuiceComponentProvider.newInstanceWithParameterResolvers(GuiceComponentProvider.java:138) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.lambda$newInstanceWithParameterResolvers$4(UiContextBoundComponentProvider.java:135) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.provideInCurrentScope(UiContextBoundComponentProvider.java:163) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.newInstanceWithParameterResolvers(UiContextBoundComponentProvider.java:135) at info.magnolia.ui.framework.ioc.UiContextBoundComponentProvider.newInstance(UiContextBoundComponentProvider.java:130) at info.magnolia.admincentral.ResurfaceUILayout.<init>(ResurfaceUILayout.java:81) ... 137 more Caused by: info.magnolia.objectfactory.MgnlInstantiationException: Failed to create an instance with c-tor [FindBar(Periscope, SecuritySupport, SpeechRecognizer, FindBarConfigurationProvider, PeriscopeAppDetailCreator, PeriscopeTagsProvider, EventBus, SimpleTranslator, Provider, LocationController, AppLauncherLayoutManager, AppController, AppDescriptorRegistry, ViewportLayout, SearchResultSupplierDefinitionRegistry)] at info.magnolia.objectfactory.ObjectManufacturer.newInstance(ObjectManufacturer.java:131) at info.magnolia.objectfactory.ObjectManufacturer.newInstance(ObjectManufacturer.java:99) at info.magnolia.objectfactory.guice.GuiceComponentProvider.newInstanceWithParameterResolvers(GuiceComponentProvider.java:134) ... 142 more Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at info.magnolia.objectfactory.ObjectManufacturer.newInstance(ObjectManufacturer.java:129) ... 144 more Caused by: com.google.common.util.concurrent.UncheckedExecutionException: java.lang.NullPointerException at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2051) at com.google.common.cache.LocalCache.get(LocalCache.java:3953) at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3976) at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4960) at info.magnolia.ui.api.app.launcherlayout.AppLauncherLayoutManagerImpl.getLayoutForUser(AppLauncherLayoutManagerImpl.java:146) at info.magnolia.admincentral.findbar.FindBar.initUi(FindBar.java:242) at info.magnolia.admincentral.findbar.FindBar.<init>(FindBar.java:199) ... 149 more Caused by: java.lang.NullPointerException at info.magnolia.cms.security.operations.ConfiguredAccessDefinition.hasAccess(ConfiguredAccessDefinition.java:68) at info.magnolia.ui.api.app.launcherlayout.AppLauncherLayoutManagerImpl.isAppVisibleForUser(AppLauncherLayoutManagerImpl.java:259) at info.magnolia.ui.api.app.launcherlayout.AppLauncherLayoutManagerImpl.doGetLayoutForUser(AppLauncherLayoutManagerImpl.java:210) at info.magnolia.ui.api.app.launcherlayout.AppLauncherLayoutManagerImpl.access$100(AppLauncherLayoutManagerImpl.java:75) at info.magnolia.ui.api.app.launcherlayout.AppLauncherLayoutManagerImpl$1.load(AppLauncherLayoutManagerImpl.java:93) at info.magnolia.ui.api.app.launcherlayout.AppLauncherLayoutManagerImpl$1.load(AppLauncherLayoutManagerImpl.java:90) at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3529) at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2278) at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2155) at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2045) ... 155 more Then admincentral is unreachable. Reproduce # Missing roles permissions: roles: Logout/Login --> admincentral broken |
| Comments |
| Comment by Richard Gange [ 13/Nov/19 ] |
|
Workaround: Remove the configuration completely. This type of configuration is deprecated since 5.4.3. See AccessDefinition.java#51. Configure the permissions on the User directly. |
| Comment by Jaroslav Simak [ 12/Jan/22 ] |
|
Log warn message in the logs that the permissions / roles are empty. |