Agile Plugin: Cannot search or load more issues from backlog column in Scrum Board (403 Forbidden)
When using the Scrum Board and enabling the backlog column one can observe that searching or loading more issues in the backlog column results in a 403 Error.
Logs:
Started GET "/agile/board/backlog_autocomplete?project_id=1&utf8=%E2%9C%93&sprint_id=1&set_filter=1&f%5B%5D=status_id&sprints_enabled=1&backlog_column=1&op%5Bstatus_id%5D=%3D&f_status%5B%5D=1&f_status%5B%5D=2&f_status%5B%5D=3&f_status%5B%5D=4&wp%5B1%5D=&wp%5B2%5D=&wp%5B3%5D=&wp%5B4%5D=&wp%5B5%5D=&wp%5B6%5D=&c%5B%5D=tracker&c%5B%5D=assigned_to&default_chart=burndown_chart&chart_unit=issues&group_by=&t%5B%5D=&q=dwad" for 10.47.1.85 at 2020-04-28 14:48:22 +0200
Processing by AgileBoardsController#backlog_autocomplete as */*
Parameters: {"project_id"=>"1", "utf8"=>"✓", "sprint_id"=>"1", "set_filter"=>"1", "f"=>["status_id"], "sprints_enabled"=>"1", "backlog_column"=>"1", "op"=>{"status_id"=>"="}, "f_status"=>["1", "2", "3", "4"], "wp"=>{"1"=>"", "2"=>"", "3"=>"", "4"=>"", "5"=>"", "6"=>""}, "c"=>["tracker", "assigned_to"], "default_chart"=>"burndown_chart", "chart_unit"=>"issues", "group_by"=>"", "t"=>[""], "q"=>"dwad"}
Token Update All (13.8ms) UPDATE "tokens" SET "updated_on" = '2020-04-28 14:48:22.923994' WHERE "tokens"."user_id" = $1 AND "tokens"."value" = $2 AND "tokens"."action" = $3 [["user_id", 1], ["value", "4d8946d283df67647506946534e9d92818e7d2fc"], ["action", "session"]]
(1.1ms) SELECT MAX("settings"."updated_on") FROM "settings"
User Load (0.6ms) SELECT "users".* FROM "users" WHERE "users"."type" IN ('User', 'AnonymousUser') AND "users"."status" = $1 AND "users"."id" = $2 LIMIT $3 [["status", 1], ["id", 1], ["LIMIT", 1]]
Current user: admin (id=1)
Rendering common/error.html.erb
Rendered common/error.html.erb (5.7ms)
Filter chain halted as :authorize rendered or redirected
Completed 403 Forbidden in 30ms (Views: 8.0ms | ActiveRecord: 15.4ms)
Started GET "/agile/board/backlog_load_more?page=2&project_id=1" for 10.47.1.85 at 2020-04-28 14:54:39 +0200
Processing by AgileBoardsController#backlog_load_more as JS
Parameters: {"page"=>"2", "project_id"=>"1"}
Token Update All (14.1ms) UPDATE "tokens" SET "updated_on" = '2020-04-28 14:54:39.503249' WHERE "tokens"."user_id" = $1 AND "tokens"."value" = $2 AND "tokens"."action" = $3 [["user_id", 1], ["value", "4d8946d283df67647506946534e9d92818e7d2fc"], ["action", "session"]]
(0.5ms) SELECT MAX("settings"."updated_on") FROM "settings"
User Load (0.6ms) SELECT "users".* FROM "users" WHERE "users"."type" IN ('User', 'AnonymousUser') AND "users"."status" = $1 AND "users"."id" = $2 LIMIT $3 [["status", 1], ["id", 1], ["LIMIT", 1]]
Current user: admin (id=1)
Rendering common/error.html.erb
Rendered common/error.html.erb (0.6ms)
Filter chain halted as :authorize rendered or redirected
Completed 403 Forbidden in 25ms (Views: 2.3ms | ActiveRecord: 15.2ms)
System info of our test redmine instance:
Environment: Redmine version 4.1.1.stable Ruby version 2.5.7-p206 (2019-10-01) [x86_64-linux] Rails version 5.2.4.2 Environment development Database adapter PostgreSQL Mailer queue ActiveJob::QueueAdapters::AsyncAdapter Mailer delivery smtp SCM: Git 2.17.1 Filesystem Redmine plugins: redmine_agile 1.5.3
We are using the PRO-Version of the plugin.
As a rails developer I took a quick look at the source and found out that loading the issue's project before trying to authorize quickly fixes the issue. I'm not sure if attaching a patch file here is allowed. If wanted I could provide one though.
Answers (3)
Hi. Please contact support@redmineup.com and describe what the problem is about. Our support engineers will provide you the needed help on this point.
Hey,
we have the same problem and its because in old version of plugin if top level project has enable agile plugin sub projects didn't need to, after upgrade all projects (and sub-projects) need to have enable this module.
Hi, Katarzyna. I highly appreciate the effort you put for finding the solution as well as your feedback. Glad to know that the plugin is running as expected now.
However, if any other questions or problems arise, please feel free to contact us at support@redmineup.com. Thank you.
Thank you!! This is the solution also for the drag and drop issue.
Hi. Thanks for the feedback. Glad to know that everything is running correctly. However, if any other questions or problems arise, please feel free to contact us at support@redmineup.com. Thank you.
Hi. Please contact support@redmineup.com and describe what the problem is about. Our support engineers will provide you the needed help on this point.