[jira] [Created] (CONNECTORS-1616) Confluence Authority does not handle Confluence API errors

Wed, 31 Jul 2019 05:11:11 -0700 

Julien Massiera created CONNECTORS-1616:
-------------------------------------------

             Summary: Confluence Authority does not handle Confluence API errors
                 Key: CONNECTORS-1616
                 URL: https://issues.apache.org/jira/browse/CONNECTORS-1616
             Project: ManifoldCF
          Issue Type: Bug
          Components: Confluence connector
    Affects Versions: ManifoldCF 2.12
            Reporter: Julien Massiera


The Confluence Authority ask spaces permissions for each space returned by the 
getSpaces() method of the ConfluenceClient class.
The concerned method getSpacePermissionsForUser(Space space, String username) 
sends a request to Confluence and triggers a ConfluenceException if the request 
response is different from 200, otherwise it parses the response as a JSONArray 
to get the permissions.

The problem is that even with a 200 request response code, the content of the 
response may be a simple JSONObject that explains an internal Confluence error. 
It happens frequently when the username is not allowed to get permissions on 
certain spaces :
{code:java}
{
"id": null,
"error": {
"code": 500,
"message": "The application was unable to serve your request: 
com.atlassian.confluence.rpc.NotPermittedException: Only space administrators 
can view permissions for other users in the space.",
"data": "com.atlassian.confluence.rpc.NotPermittedException: Only space 
administrators can view permissions for other users in the 
space.\ncom.atlassian.confluence.rpc.NotPermittedException: Only space 
administrators can view permissions for other users in the space.\n\tat 
com.atlassian.confluence.rpc.soap.services.SpacesSoapService.getPermissions(SpacesSoapService.java:188)\n\tat
 
com.atlassian.confluence.rpc.soap.XhtmlSoapService.getPermissionsForUser(XhtmlSoapService.java:226)\n\tat
 sun.reflect.GeneratedMethodAccessor3812.invoke(Unknown Source)\n\tat 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)\n\tat
 java.lang.reflect.Method.invoke(Method.java:498)\n\tat"
}
}
{code}

As a username will almost never have the rights to get permissions on ALL 
spaces, it is problematic because the response parsing process triggers an 
Exception and so the Confluence Authority response is 
UNREACHABLEAUTHORITY:confluence, instead of delivering permissions for allowed 
spaces.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Reply via email to