search

wso2 / api-manager

All issues, tasks, improvements and new features of WSO2 API Manager
Apache License 2.0
34 stars 8 forks source link

[Admin Portal] Custom policies page keeps loading for tenant #3242

Open ashera96 opened 1 week ago

ashera96 commented 1 week ago

Description

Access restricted Custom Policies page keeps loading for tenant admin without showing any error messages in the UI.

If access is not permitted for tenants; the UI should show a message mentioning the same.

Steps to Reproduce

  1. Create a tenant (say a.com)
  2. Login to the Admin Portal using the tenant admin (say admin@a.com)
  3. The following UI appears when navigating to Rate Limiting PoliciesCustom Policies
image
  1. Server logs the following stacktrace:
[2024-10-10 21:58:15,553] ERROR - ThrottlingApiServiceImpl You are not allowed to access this resource
org.wso2.carbon.apimgt.api.APIManagementException: Tenant a.com is not allowed to access custom rules. Only super tenant is allowed
    at org.wso2.carbon.apimgt.rest.api.admin.v1.impl.ThrottlingApiServiceImpl.checkTenantDomainForCustomRules(ThrottlingApiServiceImpl.java:1604) ~[?:?]
    at org.wso2.carbon.apimgt.rest.api.admin.v1.impl.ThrottlingApiServiceImpl.throttlingPoliciesCustomGet(ThrottlingApiServiceImpl.java:907) ~[?:?]
    at org.wso2.carbon.apimgt.rest.api.admin.v1.ThrottlingApi.throttlingPoliciesCustomGet(ThrottlingApi.java:385) ~[?:?]
    at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]
    at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:?]
    at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?]
    at java.lang.reflect.Method.invoke(Method.java:566) ~[?:?]
    at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179) ~[?:?]
    at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) ~[?:?]
    at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:201) ~[?:?]
    at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:104) ~[?:?]
    at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59) ~[?:?]
    at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96) ~[?:?]
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) ~[?:?]
    at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) ~[?:?]
    at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:265) ~[?:?]
    at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234) ~[?:?]
    at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208) ~[?:?]
    at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160) ~[?:?]
    at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:225) ~[?:?]
    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:304) ~[?:?]
    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:222) ~[?:?]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:529) ~[tomcat-servlet-api_9.0.94.wso2v1.jar:?]
    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:279) ~[?:?]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:199) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:168) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:144) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:119) ~[org.wso2.carbon.identity.context.rewrite.valve_1.8.41.jar:?]
    at org.wso2.carbon.identity.context.rewrite.valve.OrganizationContextRewriteValve.invoke(OrganizationContextRewriteValve.java:115) ~[org.wso2.carbon.identity.context.rewrite.valve_1.8.41.jar:?]
    at org.wso2.carbon.tomcat.ext.valves.SameSiteCookieValve.invoke(SameSiteCookieValve.java:38) ~[org.wso2.carbon.tomcat.ext_4.9.27.alpha.jar:?]
    at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:167) ~[org.wso2.carbon.identity.authz.valve_1.8.41.jar:?]
    at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:118) ~[org.wso2.carbon.identity.auth.valve_1.8.41.jar:?]
    at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:114) ~[org.wso2.carbon.tomcat.ext_4.9.27.alpha.jar:?]
    at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49) ~[org.wso2.carbon.tomcat.ext_4.9.27.alpha.jar:?]
    at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:75) ~[org.wso2.carbon.tomcat.ext_4.9.27.alpha.jar:?]
    at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:152) ~[org.wso2.carbon.tomcat.ext_4.9.27.alpha.jar:?]
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:660) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:63) ~[org.wso2.carbon.tomcat.ext_4.9.27.alpha.jar:?]
    at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:137) ~[org.wso2.carbon.tomcat.ext_4.9.27.alpha.jar:?]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:346) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:383) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:936) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1791) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat_9.0.94.wso2v1.jar:?]
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63) ~[tomcat_9.0.94.wso2v1.jar:?]
    at java.lang.Thread.run(Thread.java:829) ~[?:?]

Proposed Solution

Either avoid sending that backend call altogether or handle the backend call response and show an alert message

Affected Component

APIM

Version

4.4.0

lasanthaS commented 5 days ago

Fixed in https://github.com/wso2/apim-apps/pull/798