Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
ManifoldCF 2.12
-
None
Description
The Confluence Authority asks spaces permissions for each space returned by the getSpaces() method of the ConfluenceClient class.
The concerned method getSpacePermissionsForUser(Space space, String username) sends a request to Confluence and triggers a ConfluenceException if the request response is different from 200, otherwise it parses the response as a JSONArray to get the permissions.
The problem is that even with a 200 request response code, the content of the response may be a simple JSONObject that explains an internal Confluence error. It happens frequently when the username is not allowed to get permissions on certain spaces :
{
"id": null,
"error": {
"code": 500,
"message": "The application was unable to serve your request: com.atlassian.confluence.rpc.NotPermittedException: Only space administrators can view permissions for other users in the space.",
"data": "com.atlassian.confluence.rpc.NotPermittedException: Only space administrators can view permissions for other users in the space.\ncom.atlassian.confluence.rpc.NotPermittedException: Only space administrators can view permissions for other users in the space.\n\tat com.atlassian.confluence.rpc.soap.services.SpacesSoapService.getPermissions(SpacesSoapService.java:188)\n\tat com.atlassian.confluence.rpc.soap.XhtmlSoapService.getPermissionsForUser(XhtmlSoapService.java:226)\n\tat sun.reflect.GeneratedMethodAccessor3812.invoke(Unknown Source)\n\tat sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)\n\tat java.lang.reflect.Method.invoke(Method.java:498)\n\tat"
}
}
As a username will almost never have the rights to get permissions on ALL spaces, it is problematic because the response parsing process triggers an Exception and so the Confluence Authority response is UNREACHABLEAUTHORITY:confluence, instead of delivering permissions for allowed spaces.