Bug 730122 - if user tries to view a group they do not have view permission/authz for, a Globally Uncaught IndexOutOfBoundsException error occurs
Summary: if user tries to view a group they do not have view permission/authz for, a G...
Status: CLOSED CURRENTRELEASE
Alias: None
Product: RHQ Project
Classification: Other
Component: Core UI
Version: 4.0.1
Hardware: Unspecified
OS: Unspecified
high
medium vote
Target Milestone: ---
: ---
Assignee: Ian Springer
QA Contact: Mike Foley
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: jon3 rhq41 rhq41-ui
TreeView+ depends on / blocked
 
Reported: 2011-08-11 20:06 UTC by Ian Springer
Modified: 2013-08-06 00:40 UTC (History)
3 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2012-02-07 19:23:00 UTC


Attachments (Terms of Use)

Description Ian Springer 2011-08-11 20:06:53 UTC
Right after the IndexOutOfBoundsException error, a 2nd error message is emitted:

  Failed to load group composite for group with ID [xxxxx]

This error is more user friendly, which is good, but it can still use improvement. Since it is a known user-caused error condition, we should not mention low-level technical terms like "group composite". A better error message would be:

  The group with id xxxxxx either does not exist or you are not authorized to view it.


Here's the stack trace from the IndexOutOfBoundsException:

Globally uncaught exception
Severity :	
Error
	
Time :	
Thursday, August 11, 2011 3:50:44 PM Etc/GMT+4
Detail :	
java.lang.IndexOutOfBoundsException:Index: 0, Size: 0
--- STACK TRACE FOLLOWS ---
Index: 0, Size: 0
    at java.util.ArrayList.RangeCheck(ArrayList.java:547)
    at java.util.ArrayList.get(ArrayList.java:322)
    at org.rhq.enterprise.gui.coregui.client.inventory.groups.detail.ResourceGroupTreeView$5.onSuccess(ResourceGroupTreeView.java:272)
    at org.rhq.enterprise.gui.coregui.client.inventory.groups.detail.ResourceGroupTreeView$5.onSuccess(ResourceGroupTreeView.java:1)
    at com.google.gwt.user.client.rpc.impl.RequestCallbackAdapter.onResponseReceived(RequestCallbackAdapter.java:216)
    at org.rhq.enterprise.gui.coregui.client.util.rpc.TrackingRequestCallback.onResponseReceived(TrackingRequestCallback.java:68)
    at com.google.gwt.http.client.Request.fireOnResponseReceived(Request.java:287)
    at com.google.gwt.http.client.RequestBuilder$1.onReadyStateChange(RequestBuilder.java:393)
    at sun.reflect.GeneratedMethodAccessor28.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.google.gwt.dev.shell.MethodAdaptor.invoke(MethodAdaptor.java:103)
    at com.google.gwt.dev.shell.MethodDispatch.invoke(MethodDispatch.java:71)
    at com.google.gwt.dev.shell.OophmSessionHandler.invoke(OophmSessionHandler.java:157)
    at com.google.gwt.dev.shell.BrowserChannel.reactToMessagesWhileWaitingForReturn(BrowserChannel.java:1714)
    at com.google.gwt.dev.shell.BrowserChannelServer.invokeJavascript(BrowserChannelServer.java:165)
    at com.google.gwt.dev.shell.ModuleSpaceOOPHM.doInvoke(ModuleSpaceOOPHM.java:120)
    at com.google.gwt.dev.shell.ModuleSpace.invokeNative(ModuleSpace.java:507)
    at com.google.gwt.dev.shell.ModuleSpace.invokeNativeObject(ModuleSpace.java:264)
    at com.google.gwt.dev.shell.JavaScriptHost.invokeNativeObject(JavaScriptHost.java:91)
    at com.google.gwt.core.client.impl.Impl.apply(Impl.java)
    at com.google.gwt.core.client.impl.Impl.entry0(Impl.java:188)
    at sun.reflect.GeneratedMethodAccessor15.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.google.gwt.dev.shell.MethodAdaptor.invoke(MethodAdaptor.java:103)
    at com.google.gwt.dev.shell.MethodDispatch.invoke(MethodDispatch.java:71)
    at com.google.gwt.dev.shell.OophmSessionHandler.invoke(OophmSessionHandler.java:157)
    at com.google.gwt.dev.shell.BrowserChannel.reactToMessages(BrowserChannel.java:1669)
    at com.google.gwt.dev.shell.BrowserChannelServer.processConnection(BrowserChannelServer.java:401)
    at com.google.gwt.dev.shell.BrowserChannelServer.run(BrowserChannelServer.java:222)
    at java.lang.Thread.run(Thread.java:662)

Comment 1 Ian Springer 2011-08-11 20:10:03 UTC
Note, the same exception occurs if the user tries to view a non-existent group (e.g. #ResourceGroup/9999999).

Comment 2 Ian Springer 2011-08-17 16:26:43 UTC
[master 5025c94] fixes this. 

When the user tries to view a group that does not exist or one that they do not have authorization to view, they will be redirected to the #Inventory view, and a user-friendly warning message will be displayed in the message bar. The warning message that is emitted is user-friendly and does not use any low-level technical terms like "ResourceGroupComposite". No additional errors should appear in the message bar or the message center.

Note, there are two parts to QA:

1) try to view a group that not exist (eg - id=9999999)
2) try to view a group you are not authorized to view

Comment 3 Mike Foley 2011-08-17 18:56:46 UTC
verified as follows:

1) groups that don't exist
2) could not view groups not authorized to view

Comment 4 Mike Foley 2012-02-07 19:23:00 UTC
changing status of VERIFIED BZs for JON 2.4.2 and JON 3.0 to CLOSED/CURRENTRELEASE


Note You need to log in before you can comment on or make changes to this bug.