User cards for anonymous visitors immediately dissappear with "500 Internal Server Error" in `card.json?include_post_count_for`

rahim123 · April 11, 2023, 1:00pm

Hi there, I’m not sure for how long this has been happening, and I can only reproduce it on my self-hosted Discourse instance, which I just updated to the latest version as of now.

When an anonymous visitors clicks on any user avatar, the outline of the user card pops up for a few milliseconds and then immediately disappears. The F12 error console shows:

GET   https://example.com/u/UserName/card.json?include_post_count_for=xxxxx

Status  500 Internal Server Error
Version  HTTP/2
Transferred  294 B (46 B size)
Referrer Policy  strict-origin-when-cross-origin
Request Priority  Highest

This also happens in safe mode.

I don’t have the hide user profiles from public setting enabled, but I did test enabling it a few days ago, not sure if that has anything to do with it.

JammyDodger · April 11, 2023, 1:07pm

These seems like it may be connected to your efforts to include the post counts on the usercard. Did you create a plugin for this in the end?

rahim123 · April 11, 2023, 1:11pm

No I never got that to work. At any rate that would have been disabled in safe mode.

The ?include_post_count_for=xxxxx number is the number of the topic ID, not the user.

I assumed the function that is failing was for the “X posts in this topic” button that appears in a user card.

JammyDodger · April 11, 2023, 1:34pm

Safe mode only disables front-end code and will leave some server-side things in place, so it may still be a plugin even if it occurs in safe mode. There’s a recent post with more info in here Safe-mode failed with a plugin - #4 by david

I can’t replicate this issue on my test site. Do you have any plugins/extra settings/anything unusual that could be having an impact? Is there any more information in the /logs about the error?

rahim123 · April 11, 2023, 1:46pm

Hmm, thanks for that, looks like you right, it was due to this plugin:

Pinging @pfaffman

Message (184 copies reported)

NoMethodError (undefined method `in_any_groups?' for nil:NilClass)
lib/plugin/instance.rb:301:in `public_send'
lib/plugin/instance.rb:301:in `block (2 levels) in add_to_class'
app/serializers/user_card_serializer.rb:144:in `can_send_private_message_to_user'
(eval):18:in `_fast_attributes'
app/controllers/application_controller.rb:545:in `render_json_dump'
app/controllers/users_controller.rb:147:in `block (2 levels) in show'
app/controllers/users_controller.rb:140:in `show'
app/controllers/users_controller.rb:152:in `show_card'
app/controllers/application_controller.rb:414:in `block in with_resolved_locale'
app/controllers/application_controller.rb:414:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:74:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:367:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
lib/middleware/request_tracker.rb:228:in `call'

Backtrace

plugins/discourse-allow-pm-to-staff/plugin.rb:52:in `block (2 levels) in activate!'
lib/plugin/instance.rb:301:in `public_send'
lib/plugin/instance.rb:301:in `block (2 levels) in add_to_class'
app/serializers/user_card_serializer.rb:144:in `can_send_private_message_to_user'
(eval):18:in `_fast_attributes'
active_model_serializers (0.8.4) lib/active_model/serializer.rb:468:in `rescue in attributes'
active_model_serializers (0.8.4) lib/active_model/serializer.rb:455:in `attributes'
active_model_serializers (0.8.4) lib/active_model/serializer.rb:480:in `_serializable_hash'
active_model_serializers (0.8.4) lib/active_model/serializer.rb:359:in `serializable_hash'
active_model_serializers (0.8.4) lib/active_model/serializer.rb:343:in `as_json'

JammyDodger · April 11, 2023, 1:50pm

I’ve slipped it over to support as it’s a third-party plugin.

pfaffman · April 11, 2023, 2:12pm

Does this problem persist after you upgraded?

rahim123 · April 11, 2023, 2:16pm

With the original version of the plugin that was unmodified for years I never noticed this issue. Then when the update broke PMs between users I disabled the plugin. And now since I reenabled it with your latest fixes is when I noticed this issue.

pfaffman · April 11, 2023, 2:32pm

So the issue does persist?

rahim123 · April 11, 2023, 2:34pm

The issue with the user cards disappearing for anonymous users happens while GitHub - pfaffman/discourse-allow-pm-to-staff: Allow private messages to be sent to staff for users who could otherwise not send private messages. is enabled and resolves when the plugin is disabled.

pfaffman · April 18, 2023, 3:42pm

I believe that this bug has been fixed now. Please upgrade if you haven’t already.

rahim123 · April 18, 2023, 6:23pm

Confirmed fixed, thanks!

system · May 18, 2023, 6:23pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
The user cannot see his personal message Support personal-messages	12	732	November 29, 2023
Error loading the individual group when using allow pm to staff plugin Support	18	1427	April 10, 2023
Is this secure? Concept for private info in replies Dev	23	2005	December 9, 2021
Reactions plugin: 500 Internal Server Error Bug reactions	9	485	October 28, 2022
Is it possible to disable private messaging for a specific user? Support	32	9395	March 22, 2019

User cards for anonymous visitors immediately dissappear with "500 Internal Server Error" in `card.json?include_post_count_for`

Related topics