search

cuba-platform / cuba

CUBA Platform is a high level framework for enterprise applications development
https://www.cuba-platform.com
Apache License 2.0
1.34k stars 219 forks source link

User substitution error #3231

Open owlet1997 opened 3 years ago

owlet1997 commented 3 years ago

based on forum's question

Environment: CUBA Platform version: 7.2.15 CUBA Studio plugin version: 15.5-211 IntelliJ version: IntelliJ IDEA 2021.2.2 (Community Edition)

Shared steps:

  1. Create a new project -> Run app
  2. Login as admin
  3. Create two users: user1 and user2
  4. Add user2 as substituted user for user1
  5. Login as user1 in another browser instance window

TC 1:

  1. Open the instance with admin and remove the user2 from user1's substituted users
  2. Open the instance with user1 and switch to user2 -> Confirm

AR: java.lang.RuntimeException: Substitution error: javax.persistence.NoResultException: User not found image After window closing user is not able to continue his session: image

Exception log:

    at com.haulmont.cuba.security.auth.AuthenticationManagerBean.loadSubstitutedUser(AuthenticationManagerBean.java:304) ~[cuba-core-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.security.auth.AuthenticationManagerBean.substituteUser(AuthenticationManagerBean.java:198) ~[cuba-core-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.security.auth.AuthenticationServiceBean.substituteUser(AuthenticationServiceBean.java:122) ~[cuba-core-7.2.15.jar:7.2.15]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_301]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_301]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_301]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_301]
    at com.haulmont.cuba.core.sys.remoting.LocalServiceInvokerImpl.invoke(LocalServiceInvokerImpl.java:94) [cuba-core-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.sys.remoting.LocalServiceProxy$LocalServiceInvocationHandler.invoke(LocalServiceProxy.java:159) [cuba-web-7.2.15.jar:7.2.15]
    at com.sun.proxy.$Proxy29.substituteUser(Unknown Source) [na:na]
    at com.haulmont.cuba.web.security.ConnectionImpl.substituteUser(ConnectionImpl.java:327) [cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.actions.ChangeSubstUserAction.lambda$actionPerform$0(ChangeSubstUserAction.java:52) [cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.gui.util.SuccessOperationResult.then(SuccessOperationResult.java:44) ~[cuba-gui-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.actions.ChangeSubstUserAction.actionPerform(ChangeSubstUserAction.java:48) [cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.sys.WebDialogs$OptionDialogBuilderImpl.lambda$show$0(WebDialogs.java:360) ~[cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.widgets.CubaButton.fireClick(CubaButton.java:76) ~[cuba-web-widgets-7.2.15.jar:na]
    at com.vaadin.ui.Button$1.click(Button.java:57) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at sun.reflect.GeneratedMethodAccessor167.invoke(Unknown Source) ~[na:na]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_301]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_301]
    at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:153) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:115) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.communication.ServerRpcHandler.handleInvocation(ServerRpcHandler.java:431) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.communication.ServerRpcHandler.handleInvocations(ServerRpcHandler.java:396) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.communication.ServerRpcHandler.handleRpc(ServerRpcHandler.java:260) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.communication.UidlRequestHandler.synchronizedHandleRequest(UidlRequestHandler.java:82) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:40) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1580) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:425) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.haulmont.cuba.web.sys.CubaApplicationServlet.serviceAppRequest(CubaApplicationServlet.java:329) ~[cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.sys.CubaApplicationServlet.service(CubaApplicationServlet.java:215) ~[cuba-web-7.2.15.jar:7.2.15]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:733) ~[servlet-api.jar:4.0.FR]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:9.0.38]
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-websocket.jar:9.0.38]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:9.0.38]
    at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:108) ~[spring-web-5.2.16.RELEASE.jar:5.2.16.RELEASE]
    at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) ~[spring-web-5.2.16.RELEASE.jar:5.2.16.RELEASE]
    at com.haulmont.cuba.web.sys.CubaHttpFilter.doFilter(CubaHttpFilter.java:93) ~[cuba-web-7.2.15.jar:7.2.15]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[catalina.jar:9.0.38]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) ~[catalina.jar:9.0.38]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[catalina.jar:9.0.38]
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[catalina.jar:9.0.38]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[catalina.jar:9.0.38]
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) ~[tomcat-coyote.jar:9.0.38]
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-coyote.jar:9.0.38]
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) ~[tomcat-coyote.jar:9.0.38]
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590) ~[tomcat-coyote.jar:9.0.38]
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-coyote.jar:9.0.38]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[na:1.8.0_301]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[na:1.8.0_301]
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-util.jar:9.0.38]
    at java.lang.Thread.run(Thread.java:748) ~[na:1.8.0_301]
18:11:55.109 ERROR com.haulmont.cuba.web.log.AppLog        - Exception in com.haulmont.cuba.web.widgets.CubaButton: 
com.vaadin.server.ServerRpcManager$RpcInvocationException: Unable to invoke method click in com.vaadin.shared.ui.button.ButtonServerRpc
    at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:157) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:115) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.communication.ServerRpcHandler.handleInvocation(ServerRpcHandler.java:431) [vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.communication.ServerRpcHandler.handleInvocations(ServerRpcHandler.java:396) [vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.communication.ServerRpcHandler.handleRpc(ServerRpcHandler.java:260) [vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.communication.UidlRequestHandler.synchronizedHandleRequest(UidlRequestHandler.java:82) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:40) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1580) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:425) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    at com.haulmont.cuba.web.sys.CubaApplicationServlet.serviceAppRequest(CubaApplicationServlet.java:329) ~[cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.sys.CubaApplicationServlet.service(CubaApplicationServlet.java:215) ~[cuba-web-7.2.15.jar:7.2.15]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:733) ~[servlet-api.jar:4.0.FR]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:9.0.38]
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-websocket.jar:9.0.38]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:9.0.38]
    at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:108) ~[spring-web-5.2.16.RELEASE.jar:5.2.16.RELEASE]
    at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:74) ~[spring-web-5.2.16.RELEASE.jar:5.2.16.RELEASE]
    at com.haulmont.cuba.web.sys.CubaHttpFilter.doFilter(CubaHttpFilter.java:93) ~[cuba-web-7.2.15.jar:7.2.15]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[catalina.jar:9.0.38]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) ~[catalina.jar:9.0.38]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[catalina.jar:9.0.38]
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690) ~[catalina.jar:9.0.38]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[catalina.jar:9.0.38]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[catalina.jar:9.0.38]
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) ~[tomcat-coyote.jar:9.0.38]
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-coyote.jar:9.0.38]
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) ~[tomcat-coyote.jar:9.0.38]
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590) ~[tomcat-coyote.jar:9.0.38]
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-coyote.jar:9.0.38]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[na:1.8.0_301]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[na:1.8.0_301]
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-util.jar:9.0.38]
    at java.lang.Thread.run(Thread.java:748) ~[na:1.8.0_301]
Caused by: java.lang.reflect.InvocationTargetException: null
    at sun.reflect.GeneratedMethodAccessor167.invoke(Unknown Source) ~[na:na]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_301]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_301]
    at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:153) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    ... 38 common frames omitted
Caused by: java.lang.RuntimeException: Substitution error: javax.persistence.NoResultException: User not found
    at com.haulmont.cuba.security.auth.AuthenticationServiceBean.substituteUser(AuthenticationServiceBean.java:134) ~[na:na]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_301]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_301]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_301]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_301]
    at com.haulmont.cuba.core.sys.remoting.LocalServiceInvokerImpl.invoke(LocalServiceInvokerImpl.java:94) ~[na:na]
    at com.haulmont.cuba.web.sys.remoting.LocalServiceProxy$LocalServiceInvocationHandler.invoke(LocalServiceProxy.java:159) ~[cuba-web-7.2.15.jar:7.2.15]
    at com.sun.proxy.$Proxy29.substituteUser(Unknown Source) ~[na:na]
    at com.haulmont.cuba.web.security.ConnectionImpl.substituteUser(ConnectionImpl.java:327) ~[cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.actions.ChangeSubstUserAction.lambda$actionPerform$0(ChangeSubstUserAction.java:52) ~[cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.gui.util.SuccessOperationResult.then(SuccessOperationResult.java:44) ~[cuba-gui-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.actions.ChangeSubstUserAction.actionPerform(ChangeSubstUserAction.java:48) ~[cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.sys.WebDialogs$OptionDialogBuilderImpl.lambda$show$0(WebDialogs.java:360) ~[cuba-web-7.2.15.jar:7.2.15]
    at com.haulmont.cuba.web.widgets.CubaButton.fireClick(CubaButton.java:76) ~[cuba-web-widgets-7.2.15.jar:na]
    at com.vaadin.ui.Button$1.click(Button.java:57) ~[vaadin-server-8.9.2-27-cuba.jar:8.9.2-27-cuba]
    ... 42 common frames omitted

ER: user should see error notification and also should be able to continue his own session

TC 2:

  1. Open the instance with admin and edit the user1 -> edit the substituted user -> set substitution time in future -> Save
  2. Open the instance with user1 and switch to user2 -> Confirm

AR: user continues session as user2 but has no ability to switch again to user1: image