[NEXUS-17634] Outreach Welcome page cannot be fully disabled - Sonatype JIRA

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.12.1
Fix Version/s: 3.14.0
Component/s: Outreach
Labels:
- NX2Compatibility
- supportant

Description

There is no way to fully disable Outreach ( Welcome page content ) tab in product via the outreach capability. Essentially the Outreach: Management capability settings tab checkbox Enable this capability when unchecked does not prevent all Outreach code from executing.

This was first noticed when a customer reported a stack trace like this in their logs, despite having the outreach management capability disabled. ( related ~~NEXUS-17449~~ )

2018-07-17 10:16:00,348-0400 DEBUG [pool-21-thread-10]  *UNKNOWN org.sonatype.nexus.ldap.internal.LdapUserManager - User: null not found.org.sonatype.nexus.ldap.internal.connector.dao.NoSuchLdapUserException: No such user: null
	at org.sonatype.nexus.ldap.internal.realms.EnterpriseLdapManager.getUser(EnterpriseLdapManager.java:236)
	at org.sonatype.nexus.ldap.internal.LdapUserManager.getUser(LdapUserManager.java:47)
	at org.sonatype.nexus.security.internal.DefaultSecuritySystem.findUser(DefaultSecuritySystem.java:333)
	at org.sonatype.nexus.security.internal.DefaultSecuritySystem.getUser(DefaultSecuritySystem.java:362)
	at com.sonatype.nexus.plugins.outreach.internal.OutreachHelper.hasAdminRole(OutreachHelper.java:65)
	at com.sonatype.nexus.plugins.outreach.Outreach$User.fromSubject(Outreach.java:70)
	at com.sonatype.nexus.plugins.outreach.Outreach$User$fromSubject.call(Unknown Source)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:133)
	at com.sonatype.nexus.plugins.outreach.internal.ui.OutreachComponent.readStatus(OutreachComponent.groovy:56)
	at com.sonatype.nexus.plugins.outreach.internal.ui.OutreachComponent$$EnhancerByGuice$$4799df3.CGLIB$readStatus$1(<generated>)
	at com.sonatype.nexus.plugins.outreach.internal.ui.OutreachComponent$$EnhancerByGuice$$4799df3$$FastClassByGuice$$1178ea47.invoke(<generated>)
	at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228)
	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:76)
	at com.palominolabs.metrics.guice.ExceptionMeteredInterceptor.invoke(ExceptionMeteredInterceptor.java:49)
	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:77)
	at com.palominolabs.metrics.guice.TimedInterceptor.invoke(TimedInterceptor.java:47)
	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:77)
	at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55)
	at com.sonatype.nexus.plugins.outreach.internal.ui.OutreachComponent$$EnhancerByGuice$$4799df3.readStatus(<generated>)
	at sun.reflect.GeneratedMethodAccessor342.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:497)
	at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.invokeJavaMethod(DispatcherBase.java:142)
	at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.invokeMethod(DispatcherBase.java:133)
	at org.sonatype.nexus.extdirect.internal.ExtDirectServlet$3.invokeMethod(ExtDirectServlet.java:233)
	at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.dispatch(DispatcherBase.java:63)
	at com.softwarementors.extjs.djn.router.processor.standard.StandardRequestProcessorBase.dispatchStandardMethod(StandardRequestProcessorBase.java:73)
	at com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor.processIndividualRequest(JsonRequestProcessor.java:502)
	at com.softwarementors.extjs.djn.router.processor.standard.json.DefaultJsonRequestProcessorThread.processRequest(DefaultJsonRequestProcessorThread.java:72)
	at com.softwarementors.extjs.djn.servlet.ssm.SsmJsonRequestProcessorThread.processRequest(SsmJsonRequestProcessorThread.java:43)
	at org.sonatype.nexus.extdirect.internal.ExtDirectJsonRequestProcessorThread.access$1(ExtDirectJsonRequestProcessorThread.java:1)
	at org.sonatype.nexus.extdirect.internal.ExtDirectJsonRequestProcessorThread$1.call(ExtDirectJsonRequestProcessorThread.java:61)
	at org.sonatype.nexus.extdirect.internal.ExtDirectJsonRequestProcessorThread$1.call(ExtDirectJsonRequestProcessorThread.java:1)
	at com.google.inject.servlet.ServletScopes$4.call(ServletScopes.java:450)
	at org.sonatype.nexus.extdirect.internal.ExtDirectJsonRequestProcessorThread.processRequest(ExtDirectJsonRequestProcessorThread.java:75)
	at com.softwarementors.extjs.djn.router.processor.standard.json.DefaultJsonRequestProcessorThread.call(DefaultJsonRequestProcessorThread.java:56)
	at com.softwarementors.extjs.djn.router.processor.standard.json.DefaultJsonRequestProcessorThread.call(DefaultJsonRequestProcessorThread.java:30)
	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)

Actual

when disabled, outreach content will not show on welcome page
when disabled, potentially expensive outreach related code still executes in the background

Reproduce

1. Boot 3.12.1 ( allow remote debugging using -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005 in nexus.vmoptions )
2. Login as admin user
3. Go to System -> Administration -> Capabilities
4. Select Outreach: Management capability
5. Click Settings tab, and then uncheck Enable this capability. Save.
6. Signout admin.
7. Connect with debugger with a breakpoint on this line of code ( internal link to com.sonatype.nexus.plugins.outreach.internal.OutreachHelper.hasAdminRole(OutreachHelper.java:65) ).
8. Signin as admin user. On signin the Outreach breakpoint will be hit. This eventually results in looking up roles in external realms like ldap.

Expected

Disabling the outreach capability is intended to fully disable it - not even show already cached content or perform ANY operations related to outreach. This is a regression from Nexus 2.x

Attachments

Issue Links

is related to

NEXUS-17449 LdapUserManager - User: null not found trying to load outreach content after ldap timeout exceeded

Closed

Activity

People

Assignee:: Dawid Sawa

Reporter:: Peter Lynch

Last Updated By:: Peter Lynch

Team:: Nexus - UX

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 07/19/18 12:55 PM

Updated:: 07/31/18 01:09 PM

Resolved:: 07/31/18 01:09 PM

Date of First Response:: 25/Jul/18 5:47 PM