Bug 995462 - ISE when displaying info about package which is not in Satellite DB
Summary: ISE when displaying info about package which is not in Satellite DB
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Satellite 5
Classification: Red Hat
Component: WebUI
Version: 560
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
Assignee: Tomas Lestach
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
: 987488 (view as bug list)
Depends On:
Blocks: sat560-blockers sat560-triage
TreeView+ depends on / blocked
 
Reported: 2013-08-09 12:45 UTC by Jiří Mikulka
Modified: 2014-10-06 13:47 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-08-15 12:00:00 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 987488 0 unspecified CLOSED Permission error when viewing package (without channel) details 2021-02-22 00:41:40 UTC

Internal Links: 987488

Description Jiří Mikulka 2013-08-09 12:45:28 UTC 
Description of problem:
When one wants to display details of a package which is not uploaded to Satellite server or its information are not stored in the database ISE (Permission denied) is shown.

Version-Release number of selected component (if applicable):
Satellite-5.6.0-RHEL6-re20130807.0

How reproducible:
always

Steps to Reproduce:
1. install Satellite
2. create activation key
3. register client using this activation key
4. go to Systems -> <system> -> Software -> Packages -> List / Remove and click on any of listed packages
5. ISE / Permission denied error is shown + traceback in catalina.out

Actual results:
Exception:
com.redhat.rhn.common.security.PermissionException: Invalid id_combo and cid/sid
	at com.redhat.rhn.frontend.action.rhnpackage.PackageDetailsAction.execute(PackageDetailsAction.java:170)
	at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
	at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
	at com.redhat.rhn.frontend.struts.RhnRequestProcessor.process(RhnRequestProcessor.java:102)
	at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
	at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.AuthFilter.doFilter(AuthFilter.java:127)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.obtainContent(SiteMeshFilter.java:129)
	at com.opensymphony.sitemesh.webapp.SiteMeshFilter.doFilter(SiteMeshFilter.java:77)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.LocalizedEnvironmentFilter.doFilter(LocalizedEnvironmentFilter.java:67)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.EnvironmentFilter.doFilter(EnvironmentFilter.java:100)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.SessionFilter.doFilter(SessionFilter.java:57)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.redhat.rhn.frontend.servlets.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:97)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
	at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
	at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291)
	at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:769)
	at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:698)
	at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:891)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
	at java.lang.Thread.run(Thread.java:738)


Expected results:
no traceback + some reasonable error message is shown

Additional info:
* present also in Spacewalk nightly
* regression against Satellite 5.4.1 (error message "Unknown Package:" is shown)
* regression against Satellite 5.5.0 (error message "Unknown Package:" is shown)
Comment 1 Jan Dobes 2013-08-13 11:41:37 UTC 
Difference against Satellite 5.5.0 which causes this is commit
dcf378e331ec581ba8e85bcb8388e067c96ad6ef (in spacewalk)
Comment 2 Clifford Perry 2013-08-14 19:11:21 UTC 
*** Bug 987488 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.