Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot access admin menu #577

Closed
NullIsNot0 opened this issue Jul 11, 2020 · 3 comments · Fixed by #581
Closed

Cannot access admin menu #577

NullIsNot0 opened this issue Jul 11, 2020 · 3 comments · Fixed by #581
Assignees
@BYK
Labels
Type: Bug
Milestone
20.7.0

Comments

@NullIsNot0
Copy link

On 9th of July I set up Sentry without changing anything in setup - just copying files to server and running ./install.sh. Everything was working fine - I could access Admin menu http://mydomain.com:9000/manage/ and click through submenu items. Today I updated to latest version of this project, and I can't access admin menu (with first user created in system which has admin rights) - I get password prompt popup which does not go away if I enter password. If I enter incorrect password, it shows that password is incorrect, but when I enter correct password, it just pops up again.

admin0

After reverting files back to commit 9d44b99 and running ./install.sh and docker-compose up -d, admin menu started to work again.

admin1

I found out that something is broken in 10th of July commit 73213bc.

commit

I even installed clean system on test Linux. Latest project version did not allow admin menu access, but when I reverted it back to 9d44b99, menu was accessible again.
Tried both on CentOS 7 (with latest available packages) and Ubuntu 20.04. Docker version 19.03.12, Docker Compose 1.26.2.
Both times (when working and not working) Sentry build version was Sentry 20.7.0.dev0 92b1577 - so it's not the problem in Sentry's Docker image as both times it was getsentry/sentry:92b1577.

Logs in Docker output when working:

web_1 | 16:36:54 [INFO] sentry.superuser: superuser.request (user_id=1 url=u'http://mydomain.com/api/0/internal/stats/?since=1593880614.914&resolution=1h&key=client-api.all-versions.responses.5xx' method=u'GET' ip_address=u'192.168.1.10')
web_1 | 16:36:55 [INFO] sentry.superuser: superuser.request (user_id=1 url=u'http://mydomain.com/api/0/internal/stats/?since=1593880614.914&resolution=1h&key=events.total' method=u'GET' ip_address=u'192.168.1.10')
web_1 | 16:36:55 [INFO] sentry.superuser: superuser.request (user_id=1 url=u'http://mydomain.com/api/0/internal/stats/?since=1593880614.914&resolution=1h&key=client-api.all-versions.responses.2xx' method=u'GET' ip_address=u'192.168.1.10')
web_1 | 16:36:55 [INFO] sentry.superuser: superuser.request (user_id=1 url=u'http://mydomain.com/api/0/internal/stats/?since=1593880614.914&resolution=1h&key=events.dropped' method=u'GET' ip_address=u'192.168.1.10')
web_1 | 16:36:55 [INFO] sentry.superuser: superuser.request (user_id=1 url=u'http://mydomain.com/api/0/internal/stats/?since=1593880614.914&resolution=1h&key=client-api.all-versions.responses.4xx' method=u'GET' ip_address=u'192.168.1.10')

Logs in Docker output when not working:

web_1 | 16:18:49 [INFO] sentry.superuser: superuser.logged-in (user_id=1 ip_address=u'192.168.1.10')
web_1 | 16:18:49 [INFO] sentry.auth: user.auth.success (username=u'hxxxxxxx@example.com' ip_address=u'192.168.1.10')
web_1 | 16:18:49 [WARNING] sentry.superuser: superuser.missing-cookie-token (user_id=1 ip_address=u'192.168.1.10')
@daxpedda
Copy link

I can confirm this, encountered the exact same problem just now after updating.

@BYK BYK added this to the 20.7.0 milestone Jul 13, 2020
@BYK BYK added the Type: Bug label Jul 13, 2020
@BYK
Copy link
Member

BYK commented Jul 13, 2020

Thanks a lot for the very clear and detailed bug report @NullIsNot0 and apologies for the inconvenience!

I know exactly what is causing this and will submit a fix now.

BYK added a commit that referenced this issue Jul 13, 2020
@BYK
fix(superuser): Don't set INTERNAL_IPS to Docker network
fc755bf 
`INTERNAL_IPS` is used to check whether to allow superuser access or not. Limiting this to the Docker internal network makes it impossible for anyone to reach admin pages with on-premise setup.

This is a follow up to #572 and it fixes #577.
@BYK BYK mentioned this issue Jul 13, 2020
Merged
@BYK BYK closed this as completed in #581 Jul 13, 2020
BYK added a commit that referenced this issue Jul 13, 2020
@BYK
fix(superuser): Don't set INTERNAL_IPS to Docker network (#581)
a2507c1 
`INTERNAL_IPS` is used to check whether to allow superuser access or not. Limiting this to the Docker internal network makes it impossible for anyone to reach admin pages with on-premise setup.

This is a follow up to #572 and it fixes #577.
@BYK BYK self-assigned this Jul 13, 2020
@BYK
Copy link
Member

BYK commented Jul 13, 2020

Keep in mind that you'll need to apply the fix manually to your already existing sentry.conf.py file for this to work.

@github-actions github-actions bot locked and limited conversation to collaborators Dec 14, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@BYK BYK

Labels
Type: Bug
Projects
None yet
Milestone
20.7.0
Development

Successfully merging a pull request may close this issue.

fix(superuser): Don't set INTERNAL_IPS to Docker network getsentry/self-hosted
3 participants
@BYK @daxpedda @NullIsNot0