Agile Plugin: Cannot search or load more issues from backlog column in Scrum Board (403 Forbidden)

-1

Sven Hantschack
Added over 4 years ago

When using the Scrum Board and enabling the backlog column one can observe that searching or loading more issues in the backlog column results in a 403 Error.

Logs:

Started GET "/agile/board/backlog_autocomplete?project_id=1&utf8=%E2%9C%93&sprint_id=1&set_filter=1&f%5B%5D=status_id&sprints_enabled=1&backlog_column=1&op%5Bstatus_id%5D=%3D&f_status%5B%5D=1&f_status%5B%5D=2&f_status%5B%5D=3&f_status%5B%5D=4&wp%5B1%5D=&wp%5B2%5D=&wp%5B3%5D=&wp%5B4%5D=&wp%5B5%5D=&wp%5B6%5D=&c%5B%5D=tracker&c%5B%5D=assigned_to&default_chart=burndown_chart&chart_unit=issues&group_by=&t%5B%5D=&q=dwad" for 10.47.1.85 at 2020-04-28 14:48:22 +0200
Processing by AgileBoardsController#backlog_autocomplete as */*
  Parameters: {"project_id"=>"1", "utf8"=>"✓", "sprint_id"=>"1", "set_filter"=>"1", "f"=>["status_id"], "sprints_enabled"=>"1", "backlog_column"=>"1", "op"=>{"status_id"=>"="}, "f_status"=>["1", "2", "3", "4"], "wp"=>{"1"=>"", "2"=>"", "3"=>"", "4"=>"", "5"=>"", "6"=>""}, "c"=>["tracker", "assigned_to"], "default_chart"=>"burndown_chart", "chart_unit"=>"issues", "group_by"=>"", "t"=>[""], "q"=>"dwad"}
  Token Update All (13.8ms)  UPDATE "tokens" SET "updated_on" = '2020-04-28 14:48:22.923994' WHERE "tokens"."user_id" = $1 AND "tokens"."value" = $2 AND "tokens"."action" = $3  [["user_id", 1], ["value", "4d8946d283df67647506946534e9d92818e7d2fc"], ["action", "session"]]
   (1.1ms)  SELECT MAX("settings"."updated_on") FROM "settings" 
  User Load (0.6ms)  SELECT  "users".* FROM "users" WHERE "users"."type" IN ('User', 'AnonymousUser') AND "users"."status" = $1 AND "users"."id" = $2 LIMIT $3  [["status", 1], ["id", 1], ["LIMIT", 1]]
  Current user: admin (id=1)
  Rendering common/error.html.erb
  Rendered common/error.html.erb (5.7ms)
Filter chain halted as :authorize rendered or redirected
Completed 403 Forbidden in 30ms (Views: 8.0ms | ActiveRecord: 15.4ms)

Started GET "/agile/board/backlog_load_more?page=2&project_id=1" for 10.47.1.85 at 2020-04-28 14:54:39 +0200
Processing by AgileBoardsController#backlog_load_more as JS
  Parameters: {"page"=>"2", "project_id"=>"1"}
  Token Update All (14.1ms)  UPDATE "tokens" SET "updated_on" = '2020-04-28 14:54:39.503249' WHERE "tokens"."user_id" = $1 AND "tokens"."value" = $2 AND "tokens"."action" = $3  [["user_id", 1], ["value", "4d8946d283df67647506946534e9d92818e7d2fc"], ["action", "session"]]
   (0.5ms)  SELECT MAX("settings"."updated_on") FROM "settings" 
  User Load (0.6ms)  SELECT  "users".* FROM "users" WHERE "users"."type" IN ('User', 'AnonymousUser') AND "users"."status" = $1 AND "users"."id" = $2 LIMIT $3  [["status", 1], ["id", 1], ["LIMIT", 1]]
  Current user: admin (id=1)
  Rendering common/error.html.erb
  Rendered common/error.html.erb (0.6ms)
Filter chain halted as :authorize rendered or redirected
Completed 403 Forbidden in 25ms (Views: 2.3ms | ActiveRecord: 15.2ms)

System info of our test redmine instance:

Environment:
  Redmine version                4.1.1.stable
  Ruby version                   2.5.7-p206 (2019-10-01) [x86_64-linux]
  Rails version                  5.2.4.2
  Environment                    development
  Database adapter               PostgreSQL
  Mailer queue                   ActiveJob::QueueAdapters::AsyncAdapter
  Mailer delivery                smtp
SCM:
  Git                            2.17.1
  Filesystem                     
Redmine plugins:
  redmine_agile                  1.5.3

We are using the PRO-Version of the plugin.

As a rails developer I took a quick look at the source and found out that loading the issue's project before trying to authorize quickly fixes the issue. I'm not sure if attaching a patch file here is allowed. If wanted I could provide one though.

Dimitar Chervenakov over 4 years

Hi. Please contact and describe what the problem is about. Our support engineers will provide you the needed help on this point.

Answers (3)

0

Dimitar Chervenakov
Added over 4 years ago

Hi. Please contact and describe what the problem is about. Our support engineers will provide you the needed help on this point.

2

Katarzyna Panterałka
Added over 4 years ago

Hey,
we have the same problem and its because in old version of plugin if top level project has enable agile plugin sub projects didn't need to, after upgrade all projects (and sub-projects) need to have enable this module.

Dimitar Chervenakov about 4 years

Hi, Katarzyna. I highly appreciate the effort you put for finding the solution as well as your feedback. Glad to know that the plugin is running as expected now.

However, if any other questions or problems arise, please feel free to contact us at . Thank you.

0

(none) (none)
Added over 4 years ago

Thank you!! This is the solution also for the drag and drop issue.

Dimitar Chervenakov about 4 years

Hi. Thanks for the feedback. Glad to know that everything is running correctly. However, if any other questions or problems arise, please feel free to contact us at . Thank you.

    (1-3/3)