search

hcengineering / platform

Huly — All-in-One Project Management Platform (alternative to Linear, Jira, Slack, Notion, Motion)
https://huly.io
Eclipse Public License 2.0
7.37k stars 584 forks source link

Check space security unhandled rejection #6706

Open haiodo opened 5 days ago

haiodo commented 5 days ago 
This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). The promise rejected with the reason:
Error: ERROR: platform:status:Forbidden {}
    at _SpacePermissionsMiddleware.throwForbidden (/usr/src/app/bundle.js:323072:15)
    at _SpacePermissionsMiddleware.checkPermissions (/usr/src/app/bundle.js:323237:18)
    at _SpacePermissionsMiddleware.tx (/usr/src/app/bundle.js:323208:16)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async _SpaceSecurityMiddleware.tx (/usr/src/app/bundle.js:323641:16)
    at async _PipelineImpl.tx (/usr/src/app/bundle.js:73099:18)
    at async ClientSession2.tx (/usr/src/app/bundle.js:225911:24)
Unhandled Rejection at: Promise {
  <rejected> PlatformError: ERROR: platform:status:Forbidden {}
      at _SpacePermissionsMiddleware.throwForbidden (/usr/src/app/bundle.js:323072:15)
      at _SpacePermissionsMiddleware.checkPermissions (/usr/src/app/bundle.js:323237:18)
      at _SpacePermissionsMiddleware.tx (/usr/src/app/bundle.js:323208:16)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
      at async _SpaceSecurityMiddleware.tx (/usr/src/app/bundle.js:323641:16)
      at async _PipelineImpl.tx (/usr/src/app/bundle.js:73099:18)
      at async ClientSession2.tx (/usr/src/app/bundle.js:225911:24) {
    status: Status {
      severity: 'ERROR',
      code: 'platform:status:Forbidden',
      params: {}
    }
  }
} reason: PlatformError: ERROR: platform:status:Forbidden {}
    at _SpacePermissionsMiddleware.throwForbidden (/usr/src/app/bundle.js:323072:15)
    at _SpacePermissionsMiddleware.checkPermissions (/usr/src/app/bundle.js:323237:18)
    at _SpacePermissionsMiddleware.tx (/usr/src/app/bundle.js:323208:16)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async _SpaceSecurityMiddleware.tx (/usr/src/app/bundle.js:323641:16)
    at async _PipelineImpl.tx (/usr/src/app/bundle.js:73099:18)
    at async ClientSession2.tx (/usr/src/app/bundle.js:225911:24) {
  status: Status {
    severity: 'ERROR',
    code: 'platform:status:Forbidden',
    params: {}
  }
}

Huly®: UBERF-8254

lexiv0re commented 5 days ago

What’s the context of this exception? It originates from the permissions control on the server side and someone tried to perform a transaction that is forbidden based on his roles. If it’s not an automation/tool call then UI should have prevented this transaction from happening in the first place.

haiodo commented 5 days ago

Question only for Unhandled Rejection