Bug 987488

Summary: Permission error when viewing package (without channel) details
Product: Red Hat Satellite 5 Reporter: Jiří Mikulka <jmikulka>
Component: WebUIAssignee: Tomas Lestach <tlestach>
Status: CLOSED DUPLICATE QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: cperry, jmikulka
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-08-14 19:11:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 924189    

Description Jiří Mikulka 2013-07-23 13:30:38 UTC 
Description of problem:
In Spacewalk nightly one can hit "Permission error" page when clicking on package details, for which there's no assigned channel.

Version-Release number of selected component (if applicable):
SW nightly with spacewalk-java-2.1.4-1.el6.noarch
(comparison with Sat560 with spacewalk-java-1.9.83-46.el6sat.noarch)

How reproducible:
always

Steps to Reproduce:
1. have no channels/packages/... in Spacewalk
2. create default activation key
3. register client using this activation key
4. go to System / <system> / Software / Packages / List/Remove and click on any of listed packages

Actual results:
5. on Spacewalk nightly one should see "Permission error" ISE + traceback in catalina.out:

2013-07-23 09:19:46,774 [TP-Processor2] ERROR com.redhat.rhn.common.errors.PermissionExceptionHandler - Permission Error
com.redhat.rhn.common.security.PermissionException: Invalid id_combo and cid/sid
	at com.redhat.rhn.frontend.action.rhnpackage.PackageDetailsAction.execute(PackageDetailsAction.java:170)
	at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
	at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
	at com.redhat.rhn.frontend.struts.RhnRequestProcessor.process(RhnRequestProcessor.java:102)
	at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
	at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.AuthFilter.doFilter(AuthFilter.java:127)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.LocalizedEnvironmentFilter.doFilter(LocalizedEnvironmentFilter.java:67)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.EnvironmentFilter.doFilter(EnvironmentFilter.java:100)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.SessionFilter.doFilter(SessionFilter.java:57)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:97)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
	at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
	at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
	at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
	at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
	at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
	at java.lang.Thread.run(Thread.java:679)

5. on Satellite 560 one can see "Unknown package" message explaing that for manually installed packages there are no information about the package in Satellite's database

Expected results:
the same behaviour on Spacewalk as on Satellite
Comment 1 Clifford Perry 2013-08-14 19:02:33 UTC 
Can we re-run this with spacewalk-java 2.0 Satellite packages (rebased off SW 2.0) vs the 1.9 version reported in this bug. 

I'd like to confirm 5.6 composes are good. If so, this needs to be changed to Spacewalk product, not Satellite.

Cliff
Comment 2 Clifford Perry 2013-08-14 19:11:20 UTC 

*** This bug has been marked as a duplicate of bug 995462 ***