Bug with access to public topic without login 3.1.0.beta2

Step to reproduce:
make category with security: all can read


logout from discourse
enter to post inside this category:
in my site:

You can see:

# Oops

The software powering this discussion forum encountered an unexpected problem. We apologize for the inconvenience.

Detailed information about the error was logged, and an automatic notification generated. We'll take a look at it.

No further action is necessary. However, if the error condition persists, you can provide additional detail, including steps to reproduce the error, by posting a discussion topic in the site's feedback category.

If you login to discoruse
these link works

On logs You can see:

and stack for noMethodError:

lib/guardian/topic_guardian.rb:146:in `can_recover_topic?'

app/serializers/topic_view_details_serializer.rb:119:in `include_can_recover?'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:375:in `include?'

(eval):9:in `_fast_attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:468:in `rescue in attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:455:in `attributes'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:480:in `_serializable_hash'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:359:in `serializable_hash'

active_model_serializers (0.8.4) lib/active_model/serializer/associations.rb:200:in `serialize'

lib/freedom_patches/ams_include_without_root.rb:57:in `include!'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:368:in `block in include_associations!'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:367:in `each_key'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:367:in `include_associations!'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:362:in `serializable_hash'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:347:in `as_json'

activesupport (7.0.4.1) lib/active_support/json/encoding.rb:22:in `encode'

activesupport (7.0.4.1) lib/active_support/json/encoding.rb:22:in `encode'

activesupport (7.0.4.1) lib/active_support/core_ext/object/json.rb:42:in `to_json'

active_model_serializers (0.8.4) lib/active_model/serializer.rb:331:in `to_json'

multi_json (1.15.0) lib/multi_json/adapters/oj.rb:56:in `dump'

multi_json (1.15.0) lib/multi_json/adapters/oj.rb:56:in `dump'

multi_json (1.15.0) lib/multi_json/adapter.rb:25:in `dump'

multi_json (1.15.0) lib/multi_json.rb:139:in `dump'

app/controllers/topics_controller.rb:1238:in `block (2 levels) in perform_show_response'

actionpack (7.0.4.1) lib/action_controller/metal/mime_responds.rb:214:in `respond_to'

app/controllers/topics_controller.rb:1232:in `perform_show_response'

app/controllers/topics_controller.rb:187:in `show'

actionpack (7.0.4.1) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'

actionpack (7.0.4.1) lib/abstract_controller/base.rb:215:in `process_action'

actionpack (7.0.4.1) lib/action_controller/metal/rendering.rb:53:in `process_action'

actionpack (7.0.4.1) lib/abstract_controller/callbacks.rb:234:in `block in process_action'

activesupport (7.0.4.1) lib/active_support/callbacks.rb:118:in `block in run_callbacks'

app/controllers/application_controller.rb:414:in `block in with_resolved_locale'

i18n (1.12.0) lib/i18n.rb:322:in `with_locale'

app/controllers/application_controller.rb:414:in `with_resolved_locale'

activesupport (7.0.4.1) lib/active_support/callbacks.rb:127:in `block in run_callbacks'

activesupport (7.0.4.1) lib/active_support/callbacks.rb:138:in `run_callbacks'

actionpack (7.0.4.1) lib/abstract_controller/callbacks.rb:233:in `process_action'

actionpack (7.0.4.1) lib/action_controller/metal/rescue.rb:22:in `process_action'

actionpack (7.0.4.1) lib/action_controller/metal/instrumentation.rb:67:in `block in process_action'

activesupport (7.0.4.1) lib/active_support/notifications.rb:206:in `block in instrument'

activesupport (7.0.4.1) lib/active_support/notifications/instrumenter.rb:24:in `instrument'

activesupport (7.0.4.1) lib/active_support/notifications.rb:206:in `instrument'

actionpack (7.0.4.1) lib/action_controller/metal/instrumentation.rb:66:in `process_action'

actionpack (7.0.4.1) lib/action_controller/metal/params_wrapper.rb:259:in `process_action'

activerecord (7.0.4.1) lib/active_record/railties/controller_runtime.rb:27:in `process_action'

actionpack (7.0.4.1) lib/abstract_controller/base.rb:151:in `process'

actionview (7.0.4.1) lib/action_view/rendering.rb:39:in `process'

rack-mini-profiler (3.0.0) lib/mini_profiler/profiling_methods.rb:85:in `block in profile_method'

actionpack (7.0.4.1) lib/action_controller/metal.rb:188:in `dispatch'

actionpack (7.0.4.1) lib/action_controller/metal.rb:251:in `dispatch'

actionpack (7.0.4.1) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'

actionpack (7.0.4.1) lib/action_dispatch/routing/route_set.rb:32:in `serve'

actionpack (7.0.4.1) lib/action_dispatch/journey/router.rb:50:in `block in serve'

actionpack (7.0.4.1) lib/action_dispatch/journey/router.rb:32:in `each'

actionpack (7.0.4.1) lib/action_dispatch/journey/router.rb:32:in `serve'

actionpack (7.0.4.1) lib/action_dispatch/routing/route_set.rb:852:in `call'

lib/middleware/omniauth_bypass_middleware.rb:74:in `call'

rack (2.2.6.2) lib/rack/tempfile_reaper.rb:15:in `call'

rack (2.2.6.2) lib/rack/conditional_get.rb:27:in `call'

rack (2.2.6.2) lib/rack/head.rb:12:in `call'

actionpack (7.0.4.1) lib/action_dispatch/http/permissions_policy.rb:38:in `call'

lib/content_security_policy/middleware.rb:12:in `call'

lib/middleware/anonymous_cache.rb:367:in `call'

rack (2.2.6.2) lib/rack/session/abstract/id.rb:266:in `context'

rack (2.2.6.2) lib/rack/session/abstract/id.rb:260:in `call'

actionpack (7.0.4.1) lib/action_dispatch/middleware/cookies.rb:704:in `call'

actionpack (7.0.4.1) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'

activesupport (7.0.4.1) lib/active_support/callbacks.rb:99:in `run_callbacks'

actionpack (7.0.4.1) lib/action_dispatch/middleware/callbacks.rb:26:in `call'

actionpack (7.0.4.1) lib/action_dispatch/middleware/debug_exceptions.rb:28:in `call'

actionpack (7.0.4.1) lib/action_dispatch/middleware/show_exceptions.rb:26:in `call'

logster (2.11.4) lib/logster/middleware/reporter.rb:43:in `call'

railties (7.0.4.1) lib/rails/rack/logger.rb:40:in `call_app'

railties (7.0.4.1) lib/rails/rack/logger.rb:27:in `call'

config/initializers/100-quiet_logger.rb:20:in `call'

config/initializers/100-silence_logger.rb:29:in `call'

actionpack (7.0.4.1) lib/action_dispatch/middleware/remote_ip.rb:93:in `call'

actionpack (7.0.4.1) lib/action_dispatch/middleware/request_id.rb:26:in `call'

lib/middleware/enforce_hostname.rb:24:in `call'

rack (2.2.6.2) lib/rack/method_override.rb:24:in `call'

actionpack (7.0.4.1) lib/action_dispatch/middleware/executor.rb:14:in `call'

rack (2.2.6.2) lib/rack/sendfile.rb:110:in `call'

actionpack (7.0.4.1) lib/action_dispatch/middleware/host_authorization.rb:131:in `call'

rack-mini-profiler (3.0.0) lib/mini_profiler/profiler.rb:249:in `call'

message_bus (4.3.2) lib/message_bus/rack/middleware.rb:60:in `call'

lib/middleware/request_tracker.rb:228:in `call'

railties (7.0.4.1) lib/rails/engine.rb:530:in `call'

railties (7.0.4.1) lib/rails/railtie.rb:226:in `public_send'

railties (7.0.4.1) lib/rails/railtie.rb:226:in `method_missing'

rack (2.2.6.2) lib/rack/urlmap.rb:74:in `block in call'

rack (2.2.6.2) lib/rack/urlmap.rb:58:in `each'

rack (2.2.6.2) lib/rack/urlmap.rb:58:in `call'

unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'

unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'

unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'

unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'

unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'

vendor/bundle/ruby/3.1.0/bin/unicorn:25:in `load'

vendor/bundle/ruby/3.1.0/bin/unicorn:25:in `<main>'

Piotr

1 Like

Hi areen. :slight_smile:

I followed your steps and didn’t encounter any issues.

I tried to enter a topic in your forum while being in safe mode, and encountered errors for any topic in any category.

Does the issue persist if you rebuild your forum (./launcher rebuild app)? Do you have any plugins installed?

1 Like

You can get the text of the topic by opening the raw page https://forum.rat-adv.com/raw/1315 then creating the topic again. (However, the broken topic will still be here)

Hi
I didn’t know that pages can be opened in raw mode, thanks it will come in handy :slight_smile:
these topics show in raw mode!

but the problem is on thas all pages that are public - these dont show

I try to do:
remove/add public permissions on category
add a new post in the public category
add a new category and see if the main entry shows up

I get same results
on page info in logs

NoMethodError (undefined method `has_trust_level?' for nil:NilClass

         (SiteSetting.tl4_delete_posts_and_topics && user.has_trust_level?(TrustLevel[4]))
                                                         ^^^^^^^^^^^^^^^^^)
lib/guardian/topic_guardian.rb:146:in `can_recover_topic?'

I think that

  1. I have problem with downloaded code, I going to pull source code and than rebuild
  2. Problem is in data store in pgsqql - that will be harder

I will write what I have achieved

2 Likes

Hi
I checked source code and problem is in this commit

I think that not loged user doesnt have user profile with trust level
I rollback these changes on this method in my repo
but I dont know what next, I don’t programing in rubby

what should happen now for someone to fix this code snippet?

Regards …
Piotr

3 Likes

Hello,

I can repro this issue.

Enable tl4 delete posts and topics site settings is broke the topics for anons.

Quick fix: Disable this settings while the fix is coming. :slightly_smiling_face:

4 Likes

I believe @kris.kotlarek fixed this, can you rebuild and try again?

3 Likes

Yes, i do this today, and write about results

1 Like

Just to add the onebox for consistency: :slight_smile:

1 Like

This topic was automatically closed after 4 days. New replies are no longer allowed.