Defect #11624

Redmine 2.0.3 author sometimes would be missed or wrong

Added by Steven Wong about 7 years ago. Updated almost 3 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:-
Resolution:Cant reproduce Affected version:

Description

I used redmine 2.0.3 with ruby 1.8.7 and rails 3.2.6

something strange like this.

Ammy and Tom, they report issues same time. but sometimes, the issue Ammy reported would be filled by Tom, and the login would be changed too. it appears not frequently, but sometime...

I'm not very sure why it happened, anyone has the similar issues like this?

Thanks.

History

#1 Updated by Jean-Philippe Lang about 7 years ago

  • Resolution set to Cant reproduce

#2 Updated by Steven Wong about 7 years ago

I picked up some logs about the issue. Could anyone help to analyse it? Thanks.

I think that the authenticity_token would have something wrong?

My IP is 192.168.2.86.

Started GET "/my/page" for 192.168.2.64 at Fri Aug 17 11:06:12 +0800 2012
Processing by MyController#page as HTML
  Rendered issues/_list_simple.html.erb (7.5ms)
  Rendered my/blocks/_issuesassignedtome.html.erb (44.1ms)
  Rendered issues/_list_simple.html.erb (29.3ms)
  Rendered my/blocks/_issuesreportedbyme.html.erb (55.9ms)
  Rendered my/page.html.erb within layouts/base (103.0ms)
  Rendered plugins/redmine_attachments_size/app/views/hooks/attachments_size/_view_layouts_base_html_head.erb (0.2ms)
  Rendered plugins/redmine_code_review/app/views/code_review/_html_header.html.erb (0.1ms)
  Rendered plugins/redmine_private_wiki/app/views/hooks/_html_header.html.erb (0.0ms)
  Rendered plugins/redmine_banner/app/views/banner/_project_body_bottom.html.erb (0.1ms)
  Rendered plugins/redmine_code_review/app/views/code_review/_body_bottom.html.erb (0.1ms)
  Rendered plugins/redmine_favourite_projects/app/views/favourite_projects/_update_menu.erb (4.1ms)
  Rendered plugins/redmine_private_wiki/app/views/hooks/_body_bottom.html.erb (0.1ms)
Completed 200 OK in 318ms (Views: 290.7ms | ActiveRecord: 23.2ms)

Started POST "/my/remove_block?block=issueswatched" for 192.168.2.52 at Fri Aug 17 11:06:16 +0800 2012
Processing by MyController#remove_block as JS
  Parameters: {"authenticity_token"=>"XSjwoblsdaBA+p+LHJMPkKqN73GaoAQiM3VHcUfPXwc=", "block"=>"issueswatched"}
  Rendered text template (0.0ms)
Completed 200 OK in 135ms (Views: 0.7ms | ActiveRecord: 127.6ms)

Started POST "/projects/upnp/issues" for 192.168.2.86 at Fri Aug 17 11:06:24 +0800 2012
Processing by IssuesController#create as HTML
  Parameters: {"commit"=>"创建", "project_id"=>"upnp", "authenticity_token"=>"S0mUj5r8T+j28lx0eU4BNfWcB2g7hJJS8xBmfNv7GN0=", "utf8"=>"?", "relation_issue_id"=>"", "issue"=>{"start_date"=>"2012-08-17", "estimated_hours"=>"40", "custom_field_values"=>{"22"=>"2012-08-24", "35"=>""}, "priority_id"=>"5", "parent_issue_id"=>"4967", "is_private"=>"0", "subject"=>"redmine_close_button 插件更新至 Redmine 2.0.3 可用", "assigned_to_id"=>"3", "tracker_id"=>"11", "due_date"=>"2012-09-10", "description"=>"<h3 style=\"color:blue;\">要求:</h3>\r\n<ol>\r\n\t<li>改写Redmine_Close_Button插件,\r\n\t\t<ul>\r\n\t\t\t<li>Redmine版本 2.0.3</li>\r\n\t\t</ul>\r\n\t</li>\r\n\t<li>something to do:\r\n\t\t<ul>\r\n\t\t\t<li><a href=\"https://github.com/Undev/redmine_close_button\">https://github.com/Undev/redmine_close_button</a></li>\r\n\t\t</ul>\r\n\t</li>\r\n</ol>\r\n<p>&nbsp;</p>\r\n", "status_id"=>"2"}, "attachments"=>{"1"=>{"description"=>""}}}
  Rendered mailer/_issue.text.erb (1.4ms)
  Rendered mailer/issue_add.text.erb within layouts/mailer (2.2ms)
  Rendered mailer/_issue.html.erb (3.0ms)
  Rendered mailer/issue_add.html.erb within layouts/mailer (3.5ms)
Redirected to http://192.168.2.135:3000/issues/4968
Completed 302 Found in 999ms (ActiveRecord: 561.1ms)

Started GET "/issues/4968" for 192.168.2.86 at Fri Aug 17 11:06:25 +0800 2012
Processing by IssuesController#show as HTML
  Parameters: {"id"=>"4968"}
DEPRECATION WARNING: :confirm option is deprecated and will be removed from Rails 4.0. Use ':data => { :confirm => 'Text' }' instead. (called from _app_views_issues__action_menu_html_erb__77236503__620637228 at /usr/local/redmine-2.0/app/views/issues/_action_menu.html.erb:6)
  Rendered issues/_action_menu.html.erb (6.7ms)
  Rendered plugins/redmine_issue_extensions/app/views/issues/_issue_extensions_form.erb (4.0ms)
  Rendered issue_relations/_form.html.erb (2.0ms)
  Rendered issues/_relations.html.erb (3.8ms)
DEPRECATION WARNING: :confirm option is deprecated and will be removed from Rails 4.0. Use ':data => { :confirm => 'Text' }' instead. (called from _app_views_issues__action_menu_html_erb__77236503__620637228 at /usr/local/redmine-2.0/app/views/issues/_action_menu.html.erb:6)
  Rendered issues/_action_menu.html.erb (5.0ms)
  Rendered issues/_form_custom_fields.html.erb (1.5ms)
  Rendered issues/_attributes.html.erb (203.4ms)
DEPRECATION WARNING: Passing a template handler in the template name is deprecated. You can simply remove the handler name or pass render :handlers => [:erb] instead. (called from send at /usr/local/redmine-2.0/lib/redmine/hook.rb:111)
  Rendered plugins/redmine_didyoumean/app/views/issues/_didyoumean_injected.html.erb (8.2ms)
  Rendered plugins/redmine_issue_extensions/app/views/issues/_issue_extensions_view_issues_form_details_bottom.erb (0.6ms)
  Rendered issues/_form.html.erb (237.6ms)
  Rendered plugins/redmine_inline_attach_screenshot/app/views/attachments/_form.html.erb (7.9ms)
  Rendered issues/_edit.html.erb (408.0ms)
  Rendered issues/_sidebar.html.erb (49.4ms)
  Rendered watchers/_watchers.html.erb (5.4ms)
  Rendered issues/show.html.erb within layouts/base (533.6ms)
  Rendered plugins/redmine_attachments_size/app/views/hooks/attachments_size/_view_layouts_base_html_head.erb (0.2ms)
  Rendered plugins/redmine_code_review/app/views/code_review/_html_header.html.erb (0.1ms)
  Rendered plugins/redmine_private_wiki/app/views/hooks/_html_header.html.erb (0.1ms)
  Rendered plugins/redmine_banner/app/views/banner/_project_body_bottom.html.erb (0.2ms)
  Rendered plugins/redmine_code_review/app/views/code_review/_body_bottom.html.erb (0.1ms)
  Rendered plugins/redmine_favourite_projects/app/views/favourite_projects/_update_menu.erb (3.0ms)
  Rendered plugins/redmine_private_wiki/app/views/hooks/_body_bottom.html.erb (0.1ms)
Completed 200 OK in 946ms (Views: 298.3ms | ActiveRecord: 606.9ms)

#3 Updated by William Roush about 7 years ago

Your log only shows one issue being created, not nearly enough detail to see what is going on.

I think that the authenticity_token would have something wrong?

As far as I understand it, authenticity tokens are used for CSRF protection and the like, not for user validation (which is just part of regular session tracking, and if that got mixed the user would then be logged in as that user).

I'm 99% certain this is not a Redmine issue, and if this is actually happening, it's some kind of configuration issue (you have some kind of odd proxy setup).

#4 Updated by William Roush about 7 years ago

Actually, I edited my post, nothing in those logs are going to show what we need if it was happening, you may need to run Redmine in development mode, THEN we'd need the IssuesController#create actions for BOTH users (not just one).

#5 Updated by William Roush about 7 years ago

but sometimes, the issue Ammy reported would be filled by Tom, and the login would be changed too.

Missed this, yeah, it's a configuration issue, lets talk about it in the forums.

#6 Updated by Steven Wong about 7 years ago

William Roush wrote:

but sometimes, the issue Ammy reported would be filled by Tom, and the login would be changed too.

Missed this, yeah, it's a configuration issue, lets talk about it in the forums.

OK. Thanks so much.

#7 Updated by Steven Wong about 7 years ago

I posted the process in the boards. And get some more help with the same issue(Thanks @Tobias).
http://www.redmine.org/boards/2/topics/32679

At present, we think maybe some configuration of the cache caused it. but I have not found how to fix it.

I ran redmine 1.4.X and redmine 2.0.3 in the same machine. in redmine 1.4 there's no issue about it .but on redmine 2.0.3, it appears.

@Tobias tested it and give me some information.

Problem is solved when the cache of Redmine is deleted. Redmine then runs for 10-12 hours … then the error occurs again.

 I think problem is the follow:

 User A creates an issue.
 User B creates an issue… User B is logged in as User A. 
 So… User B got the cache of the session of User A… 

 But why??? ;)

And another question, how to config and manage the redmine cache? anyone has some ideas?

#8 Updated by Go MAEDA almost 3 years ago

  • Status changed from New to Closed
  • Priority changed from High to Normal

Steven Wong wrote:

I ran redmine 1.4.X and redmine 2.0.3 in the same machine. in redmine 1.4 there's no issue about it .but on redmine 2.0.3, it appears.

Probably the two installation uses same secret token. The token is stored in config/initializers/secret_token.rb. Maybe you copied files in config directory from one installation to another installation.

Regenerating secret token by running bundle exec rake generate_secret_token on each Redmine directory will resolve the problem.

Also available in: Atom PDF