Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-64872

NullPointerException in RoleBasedAuthorizationStrategy.getACL when using Snippet Generator for recordIssues

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      To reproduce

      1. Select "Role-Based Strategy" as the authorization strategy in "Configure Global Security".
      2. Open the pipeline Snippet Generator in a Multibranch Pipeline project.
      3. Select the "recordIssues" step.
      4. Click "Advanced…".
      5. Look at the "Trend chart type" setting.

      Expected results

      Snippet Generator displays the available trend chart types in the drop-down list.

      Actual results

      Snippet Generator lists only the "AGGREGATION_TOOLS" type. Below that, there is an "Oops!" message. The Jenkins Log shows:

      helmikuuta 15, 2021 3:05:03 IP. WARNING hudson.init.impl.InstallUncaughtExceptionHandler handleException
      
      Caught unhandled exception with ID fb0d504d-0f18-4e21-9f32-8983f3aa93c2
      java.lang.NullPointerException
      	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168)
      	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162)
      	at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90)
      	at io.jenkins.plugins.analysis.core.model.Tool$ToolDescriptor.doCheckId(Tool.java:181)
      	at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130)
      	at java.lang.invoke.AsTypeHandle.invokeExact_thunkArchetype_X(AsTypeHandle.java:49)
      	at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88)
      	at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100)
      	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485)
      	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396)
      	at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:408)
      	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:212)
      	at org.kohsuke.stapler.SelectionInterceptedFunction$Adapter.invoke(SelectionInterceptedFunction.java:36)
      	at org.kohsuke.stapler.verb.HttpVerbInterceptor.invoke(HttpVerbInterceptor.java:48)
      	at org.kohsuke.stapler.SelectionInterceptedFunction.bindAndInvoke(SelectionInterceptedFunction.java:26)
      	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:145)
      	at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:536)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
      Caused: javax.servlet.ServletException
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:816)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
      	at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:281)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
      	at org.kohsuke.stapler.MetaClass$9.dispatch(MetaClass.java:457)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
      	at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:281)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
      	at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:281)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:766)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:898)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:694)
      	at org.kohsuke.stapler.Stapler.service(Stapler.java:240)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
      	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:763)
      	at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1633)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
      	at jenkins.security.ResourceDomainFilter.doFilter(ResourceDomainFilter.java:76)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at jenkins.telemetry.impl.UserLanguages$AcceptLanguageFilter.doFilter(UserLanguages.java:129)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at com.atlassian.bitbucket.jenkins.internal.applink.oauth.serviceprovider.auth.OAuth1aRequestFilter.doFilter(OAuth1aRequestFilter.java:91)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:151)
      	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)
      	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
      	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1609)
      	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:153)
      	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
      	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1609)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
      	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:119)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
      	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
      	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1609)
      	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:51)
      	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
      	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1609)
      	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
      	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
      	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1609)
      	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
      	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1609)
      	at jenkins.security.SuspiciousRequestFilter.doFilter(SuspiciousRequestFilter.java:36)
      	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
      	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1609)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:561)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:578)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1612)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1582)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
      	at org.eclipse.jetty.server.Server.handle(Server.java:516)
      	at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383)
      	at org.eclipse.jetty.server.HttpChannel$$Lambda$96/000000000000000000.dispatch(Unknown Source)
      	at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:556)
      	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375)
      	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:273)
      	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
      	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
      	at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129)
      	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:375)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:773)
      	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:905)
      	at java.lang.Thread.run(Thread.java:823)
      

      Notes

      I don't know which plugin is at fault, but either way this should not happen. I suspect the error is somehow triggered by the warnings-ng-plugin changes that were made for JENKINS-64627.

        Attachments

          Issue Links

            Activity

            Show
            kon Kalle Niemitalo added a comment - The stack trace refers to these RoleBasedAuthorizationStrategy.getACL methods: https://github.com/jenkinsci/role-strategy-plugin/blob/f8b312769e23095f10d73f78297a0cf1c76be1d8/src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleBasedAuthorizationStrategy.java#L159-L170
            Hide
            kon Kalle Niemitalo added a comment -

            I get a similar NullPointerException also if I use Snippet Generator in an individual branch of the multibranch pipeline.

            Show
            kon Kalle Niemitalo added a comment - I get a similar NullPointerException also if I use Snippet Generator in an individual branch of the multibranch pipeline.
            Show
            kon Kalle Niemitalo added a comment - I wonder if @AncestorInPath is somehow injecting null in Tool$ToolDescriptor.doCheckId here: https://github.com/jenkinsci/warnings-ng-plugin/blob/93c09053453865f186cc30b37d56e71e9e44446e/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/Tool.java#L180
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Yes, it looks to be Warnings NG. https://github.com/jenkinsci/warnings-ng-plugin/blob/master/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/Tool.java#L179-L185 makes an assumption that there is always a project in the path. It is not correct for new Job dialog and for the Snippet Generator.

             

            OTOH I am not sure what is expected from the Snippet Generator there. The code takes AbstractProject as an argument, and hence the check will never be invoked from Jenkins Pipeline. Will leave it to Ulli Hafner

            Show
            oleg_nenashev Oleg Nenashev added a comment - Yes, it looks to be Warnings NG. https://github.com/jenkinsci/warnings-ng-plugin/blob/master/plugin/src/main/java/io/jenkins/plugins/analysis/core/model/Tool.java#L179-L185  makes an assumption that there is always a project in the path. It is not correct for new Job dialog and for the Snippet Generator.   OTOH I am not sure what is expected from the Snippet Generator there. The code takes AbstractProject as an argument, and hence the check will never be invoked from Jenkins Pipeline. Will leave it to Ulli Hafner
            Hide
            kon Kalle Niemitalo added a comment -

            Also getting NullPointerException with a few other call stacks:

            helmikuuta 15, 2021 2:11:53 IP. WARNING org.eclipse.jetty.server.handler.ContextHandler$Context log
            Error while serving https://REDACTED/jenkins/job/REDACTED/job/REDACTED/pipeline-syntax/descriptorByName/io.jenkins.plugins.analysis.core.steps.RecordIssuesStep/checkSourceCodeEncoding
            java.lang.NullPointerException
            	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168)
            	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162)
            	at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90)
            	at io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor.doCheckSourceCodeEncoding(AnalysisStepDescriptor.java:78)
            	at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130)
            	at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88)
            	at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100)
            	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485)
            	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396)
            
            helmikuuta 15, 2021 2:11:53 IP. WARNING org.eclipse.jetty.server.handler.ContextHandler$Context log
            Error while serving https://REDACTED/jenkins/job/REDACTED/job/REDACTED/pipeline-syntax/descriptorByName/io.jenkins.plugins.analysis.core.steps.RecordIssuesStep/fillSourceCodeEncodingItems
            java.lang.NullPointerException
            	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168)
            	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162)
            	at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90)
            	at io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor.doFillSourceCodeEncodingItems(AnalysisStepDescriptor.java:39)
            	at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130)
            	at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88)
            	at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100)
            	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485)
            	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396)
            
            helmikuuta 15, 2021 2:11:53 IP. WARNING org.eclipse.jetty.server.handler.ContextHandler$Context log
            Error while serving https://REDACTED/jenkins/job/REDACTED/job/REDACTED/pipeline-syntax/descriptorByName/io.jenkins.plugins.analysis.core.steps.RecordIssuesStep/fillTrendChartTypeItems
            java.lang.NullPointerException
            	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168)
            	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162)
            	at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90)
            	at io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor.doFillTrendChartTypeItems(AnalysisStepDescriptor.java:169)
            	at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130)
            	at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88)
            	at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100)
            	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485)
            	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396)
            
            helmikuuta 15, 2021 2:11:53 IP. WARNING org.eclipse.jetty.server.handler.ContextHandler$Context log
            Error while serving https://REDACTED/jenkins/job/REDACTED/job/REDACTED/pipeline-syntax/descriptorByName/io.jenkins.plugins.analysis.core.steps.RecordIssuesStep/fillMinimumSeverityItems
            java.lang.NullPointerException
            	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168)
            	at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162)
            	at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90)
            	at io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor.doFillMinimumSeverityItems(AnalysisStepDescriptor.java:94)
            	at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130)
            	at java.lang.invoke.AsTypeHandle.invokeExact_thunkArchetype_X(AsTypeHandle.java:49)
            	at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88)
            	at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100)
            	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485)
            	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396)
            

            and others. I didn't copy the stack traces of the InvocationTargetExceptions that were caused by these exceptions.

            Show
            kon Kalle Niemitalo added a comment - Also getting NullPointerException with a few other call stacks: helmikuuta 15, 2021 2:11:53 IP. WARNING org.eclipse.jetty.server.handler.ContextHandler$Context log Error while serving https://REDACTED/jenkins/job/REDACTED/job/REDACTED/pipeline-syntax/descriptorByName/io.jenkins.plugins.analysis.core.steps.RecordIssuesStep/checkSourceCodeEncoding java.lang.NullPointerException at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168) at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162) at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90) at io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor.doCheckSourceCodeEncoding(AnalysisStepDescriptor.java:78) at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130) at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88) at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100) at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396) helmikuuta 15, 2021 2:11:53 IP. WARNING org.eclipse.jetty.server.handler.ContextHandler$Context log Error while serving https://REDACTED/jenkins/job/REDACTED/job/REDACTED/pipeline-syntax/descriptorByName/io.jenkins.plugins.analysis.core.steps.RecordIssuesStep/fillSourceCodeEncodingItems java.lang.NullPointerException at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168) at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162) at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90) at io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor.doFillSourceCodeEncodingItems(AnalysisStepDescriptor.java:39) at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130) at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88) at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100) at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396) helmikuuta 15, 2021 2:11:53 IP. WARNING org.eclipse.jetty.server.handler.ContextHandler$Context log Error while serving https://REDACTED/jenkins/job/REDACTED/job/REDACTED/pipeline-syntax/descriptorByName/io.jenkins.plugins.analysis.core.steps.RecordIssuesStep/fillTrendChartTypeItems java.lang.NullPointerException at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168) at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162) at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90) at io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor.doFillTrendChartTypeItems(AnalysisStepDescriptor.java:169) at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130) at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88) at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100) at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396) helmikuuta 15, 2021 2:11:53 IP. WARNING org.eclipse.jetty.server.handler.ContextHandler$Context log Error while serving https://REDACTED/jenkins/job/REDACTED/job/REDACTED/pipeline-syntax/descriptorByName/io.jenkins.plugins.analysis.core.steps.RecordIssuesStep/fillMinimumSeverityItems java.lang.NullPointerException at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:168) at com.michelin.cio.hudson.plugins.rolestrategy.RoleBasedAuthorizationStrategy.getACL(RoleBasedAuthorizationStrategy.java:162) at io.jenkins.plugins.util.JenkinsFacade.hasPermission(JenkinsFacade.java:90) at io.jenkins.plugins.analysis.core.steps.AnalysisStepDescriptor.doFillMinimumSeverityItems(AnalysisStepDescriptor.java:94) at java.lang.invoke.VirtualHandle.invokeExact_thunkArchetype_L(VirtualHandle.java:130) at java.lang.invoke.AsTypeHandle.invokeExact_thunkArchetype_X(AsTypeHandle.java:49) at java.lang.invoke.InvokeGenericHandle.invokeExact_thunkArchetype_X(InvokeGenericHandle.java:88) at java.lang.invoke.SpreadHandle.invokeExact_thunkArchetype_X(SpreadHandle.java:100) at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:485) at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:396) and others. I didn't copy the stack traces of the InvocationTargetExceptions that were caused by these exceptions.
            Hide
            kon Kalle Niemitalo added a comment -

            I think the Snippet Generator should ignore project permissions because they will be checked later when the snippet is executed.

            Show
            kon Kalle Niemitalo added a comment - I think the Snippet Generator should ignore project permissions because they will be checked later when the snippet is executed.
            Hide
            drulli Ulli Hafner added a comment - - edited

            It also would be helpful if Jenkins core would somehow ensure that those validation methods would be automatically secured (injected). Otherwise it is a cumbersome and error prone way for plugin developers to ensure that every method has such checks.

            Show
            drulli Ulli Hafner added a comment - - edited It also would be helpful if Jenkins core would somehow ensure that those validation methods would be automatically secured (injected). Otherwise it is a cumbersome and error prone way for plugin developers to ensure that every method has such checks.
            Hide
            kon Kalle Niemitalo added a comment -

            With Plugin Utilities API Plugin 1.7.1, Snippet Generator now seems to be working OK, at least if accessed by a Jenkins administrator. I don't know how to test whether the fix weakened security in some way.

            Show
            kon Kalle Niemitalo added a comment - With Plugin Utilities API Plugin 1.7.1, Snippet Generator now seems to be working OK, at least if accessed by a Jenkins administrator. I don't know how to test whether the fix weakened security in some way.

              People

              Assignee:
              drulli Ulli Hafner
              Reporter:
              kon Kalle Niemitalo
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: