•  
      request #13391 Sending a mail notification can crash if the project is private and the notification is sent by a non web process
    Infos
    #13391
    Thomas Gerbet (tgerbet)
    2019-05-20 16:43
    2019-05-20 13:08
    13854
    Details
    Sending a mail notification can crash if the project is private and the notification is sent by a non web process
    Sending mail notification can crash the backend process and prevent the notification to be sent.

    Issue is likely to have been introduced by the changes done in story #12554.


    Trace with a tracker notification and the backend notification mechanism:
    info Start service
    info Wait for messages
    info Got message: {"event_name":"tuleap.tracker.artifact","payload":{"artifact_id":503516,"changeset_id":1016804}}
    PHP Notice: Undefined index: REQUEST_URI in /usr/share/tuleap/src/common/include/URLVerification.class.php on line 450
    PHP Fatal error: Uncaught TypeError: Argument 3 passed to Tuleap\Project\RestrictedUserCanAccessUrlOrProjectVerifier::__construct() must be of the type string, null given, called in /usr/share/tuleap/src/common/include/URLVerification.class.php on line 450 and defined in /usr/share/tuleap/src/common/Project/RestrictedUserCanAccessUrlOrProjectVerifier.php:47
    Stack trace:
    #0 /usr/share/tuleap/src/common/include/URLVerification.class.php(450): Tuleap\Project\RestrictedUserCanAccessUrlOrProjectVerifier->__construct(Object(EventManager), Object(URL), NULL)
    #1 /usr/share/tuleap/src/common/mail/MailFilter.php(83): URLVerification->userCanAccessProject(Object(PFUser), Object(Project))
    #2 /usr/share/tuleap/src/common/mail/MailBuilder.php(56): Tuleap\Mail\MailFilter->filter(Object(Project), Array)
    #3 /usr/share/tuleap/src/common/mail/MailNotificationBuilder.php(64): MailBuilder->buildAndSendEmail(Object(Project), Object(Notification), Object(MailEnhancer))
    #4 /usr/share/tuleap/plugins/tracker/include/Tracker/Artifact/Changeset/PostCrea in /usr/share/tuleap/src/common/Project/RestrictedUserCanAccessUrlOrProjectVerifier.php on line 47
    Empty
    Other
    11.0
    Empty
    Empty
    Stage
    Empty
    Closed
    2019-05-20
    Attachments
    Empty
    References

    List of items referenced by or referencing this item.

    Artifact Tracker v5

    Follow-ups

    • User avatar
      • Status changed from Under review to Closed
      • Connected artifacts
      • Close date set to 2019-05-20
    • User avatar
      gerrit #15004 integrated into Tuleap 11.1.99.98
    • User avatar
      • Summary
        -Sending a mail notification can crash if the project is public and the notification is sent by a non web process 
        +Sending a mail notification can crash if the project is private and the notification is sent by a non web process 
    • User avatar
      Fix is under review here: gerrit #15004.

      • Summary
        -Sending a mail notification can crash if the project is public and the notifcation is sent by a backend process 
        +Sending a mail notification can crash if the project is public and the notification is sent by a non web process 
      • Status changed from Under implementation to Under review
    • User avatar
      Updating original submission. All type of notifications can be affected by the issue as long as they are processed by any sort of backend process.

      • Summary
        -Sending tracker notification with the backend mechanism can crash if the project is public 
        +Sending a mail notification can crash if the project is public and the notifcation is sent by a backend process 
      • Original Submission
      • Category changed from Trackers to Other