New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

2018.08.9: CoreData broken? #6995

Open
lab-at-nohl opened this Issue Feb 10, 2019 · 12 comments

Comments

Projects
None yet
3 participants
@lab-at-nohl
Copy link
Contributor

lab-at-nohl commented Feb 10, 2019

App is simply empty. No request that could be logged.

@paulmhh

This comment has been minimized.

Copy link
Contributor

paulmhh commented Feb 11, 2019

is your user lacking a right / grant?

on a vanilla 2018.08.9 installation I can open CoreData and browse to all default apps and create records, seems all normal to me

@lab-at-nohl

This comment has been minimized.

Copy link
Contributor Author

lab-at-nohl commented Feb 11, 2019

grafik

Actually it is the Admin role. What rights could be wrong?

@paulmhh

This comment has been minimized.

Copy link
Contributor

paulmhh commented Feb 11, 2019

but there should be either a server log entry or a js console log, could you please check?

@lab-at-nohl

This comment has been minimized.

Copy link
Contributor Author

lab-at-nohl commented Feb 11, 2019

I know but there is no hint. Tine 2.0 log level DEBUG:

37939 93eeb admin - 2019-02-11T11:46:25+00:00 INFO (6): Tinebase_Core::initFramework::456 initializing framework (PID: 17891)
37939 93eeb admin - 2019-02-11T11:46:25+00:00 DEBUG (7): Tinebase_Core::setupUserLocale::1235 given localeString 'auto'
37939 93eeb admin - 2019-02-11T11:46:25+00:00 DEBUG (7): Tinebase_Core::setupUserLocale::1245 Got locale from session : de
37939 93eeb admin - 2019-02-11T11:46:25+00:00 INFO (6): Tinebase_Core::setupUserLocale::1286 Setting user locale: de
37939 93eeb admin - 2019-02-11T11:46:25+00:00 DEBUG (7): Tinebase_Core::setupUserLocale::1293 Setting CTYPE locale from "C" to "en_US.UTF8".
37939 93eeb admin - 2019-02-11T11:46:25+00:00 DEBUG (7): Tinebase_Server_Json::_logRequests::218 is JSON request. rawdata: array (
0 =>
array (
'jsonrpc' => '2.0',
'method' => 'Tinebase.setState',
'params' =>
array (
0 => 'tinebase-mainscreen-apptabs',
1 => 'o%3AcurrentTabs%3Da%253As%25253AAdmin%255Es%25253AAddressbook%255Es%25253AFilemanager%255Es%25253ATasks%255Es%25253ACoreData%5EactiveTab%3Dn%253A5',
),
'id' => 6,
),
)
37939 93eeb admin - 2019-02-11T11:46:25+00:00 INFO (6): Tinebase_Server_Json::_handle::362 is JSON request. method: Tinebase.setState
37939 93eeb admin - 2019-02-11T11:46:25+00:00 DEBUG (7): Tinebase_User::setBackendType::321 Setting backend type to Ldap
37939 93eeb admin - 2019-02-11T11:46:25+00:00 DEBUG (7): Tinebase_Group::getInstance::82 groups backend: Ldap
37939 93eeb admin - 2019-02-11T11:46:25+00:00 DEBUG (7): Tinebase_Server_Json::_getServer::310 Get server from cache
37939 93eeb admin - 2019-02-11T11:46:25+00:00 DEBUG (7): Tinebase_Frontend_Json::setState::251 Setting state: tinebase-mainscreen-apptabs -> o%3AcurrentTabs%3Da%253As%25253AAdmin%255Es%25253AAddressbook%255Es%25253AFilemanager%255Es%25253ATasks%255Es%25253ACoreData%5EactiveTab%3Dn%253A5
37939 93eeb admin - 2019-02-11T11:46:26+00:00 INFO (6): Tinebase_Log::logUsageAndMethod::246 FILE: index.php METHOD: Tinebase_Server_Json::Tinebase.setState / TIME: 50ms / Memory usage: 2 MB / Real patch cache size: 191027 / PID: 17891

After ths request for the new App panel, nothing happens (server side). Mozilla log does not show anything relevant (on the first glance):

RecordPickerManager::registerItem: TinebaseContainer     Tinebase-6b81ffd7a8a27f6a9b52-FAT.js:1:379554
RecordPickerManager::registerItem: TinebaseTag     Tinebase-6b81ffd7a8a27f6a9b52-FAT.js:1:379554
@paulmhh

This comment has been minimized.

Copy link
Contributor

paulmhh commented Feb 11, 2019

guess it has to do with getRegistryData and either with what the server returns or how the client is not able to deal with it. In anycase I would look at JS side to find out what the problem is. Not my domain. (try Chrome? better JS console? So they say, FF user myself)

@pschuele

This comment has been minimized.

Copy link
Member

pschuele commented Feb 21, 2019

yep, js console (should be in all current browsers) should show the ERROR. does anybody else have this problem?

@lab-at-nohl

This comment has been minimized.

Copy link
Contributor Author

lab-at-nohl commented Feb 21, 2019

Hadn't have the time to analyze it in-depth. But something is totally broken. Javascript does not load anymore (I already disabled adblocker), it always starts at the beginning again (loop). I can only login after deleting cookies but then the loop comes back. Can this be related? The console output is like this:

[Security] Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. (unbekannt)
[Log] RecordPickerManager::registerItem: TinebaseContainer  Tinebase-6b81ffd7a8a27f6a9b52-FAT.js:1:379554
[Log] RecordPickerManager::registerItem: TinebaseTag  Tinebase-6b81ffd7a8a27f6a9b52-FAT.js:1:379554

The Error with Content Security Policy happens a dozen times. In the http headers the Policy is set to frame-ancestors 'self' which is not listed in Mozilla Docs

After a while:

Laden fehlgeschlagen für das <script> mit der Quelle "https://domain.de/Addressbook/js/Addressbook-b5a6c9b904f898bd01c7-FAT.js".

This is repeated for other apps.

@paulmhh

This comment has been minimized.

Copy link
Contributor

paulmhh commented Feb 21, 2019

als workaround kannst du die config
Tinebase_Config::ALLOWEDJSONORIGINS
setzen. Der Wert wird dann anstelle von 'self' als frame-ancestors value gesetzt. z.b. 'frame', afaik gehören die ' dazu. also in der config.inc.php = "'frame'"; setzen

@paulmhh

This comment has been minimized.

Copy link
Contributor

paulmhh commented Feb 21, 2019

@paulmhh

This comment has been minimized.

Copy link
Contributor

paulmhh commented Feb 21, 2019

setzt dein webserver vielleicht den x-frame-option header? Kanst du dann für tine20 ja abschalten, tine20 kümmert sich da selber drum (und setzt afaik x-frame-option nicht!)

@paulmhh

This comment has been minimized.

Copy link
Contributor

paulmhh commented Feb 21, 2019

und das hat mit der Sache wahrscheinlich auch eher nichts zu tun, die Console sagt ja nur das der x-frame-option nicht verwendet wird, weil es den besseren "Content-Security-Policy" => "frame-ancestors" gibt

@lab-at-nohl

This comment has been minimized.

Copy link
Contributor Author

lab-at-nohl commented Feb 21, 2019

The result from Tinebase.getAllRegistryData:

"CoreData":{
  "rights":["admin","run"],
  "allrights":["run","admin"],
  "config":[],
  "exportDefinitions":{
    "results":[],
    "totalcount":0
  },
  "customfields":[],
  "coreData":{
    "results":[{
      "id":"adb_lists",
      "application_id":{
        "id":"3881d88f7e89cfadd1b215d9a50b2a9e62c70d30",
        "name":"Addressbook",
        "status":"enabled",
        "order":"10",
        "version":"12.4"
      },
      "model":"Addressbook_Model_List",
      "label":"Lists"
      },{
      "id":"adb_list_roles",
      "application_id":{
      "id":"3881d88f7e89cfadd1b215d9a50b2a9e62c70d30",
        "name":"Addressbook",
        "status":"enabled",
        "order":"10",
        "version":"12.4"
      },
      "model":"Addressbook_Model_ListRole",
      "label":"List Functions"
      },{
      "id":"adb_industries",
      "application_id":{
        "id":"3881d88f7e89cfadd1b215d9a50b2a9e62c70d30",
        "name":"Addressbook",
        "status":"enabled",
        "order":"10",
        "version":"12.4"
      },
      "model":"Addressbook_Model_Industry",
      "label":"Industries"
      },{
      "id":"cal_resources",
      "application_id":{
        "id":"1210e4962b9a2a251c39d46881181583b09d81ba",
        "name":"Calendar",
        "status":"enabled",
        "order":"15",
        "version":"12.6"
      },
      "model":"Calendar_Model_Resource",
      "label":"Resources"
      }],
  "totalcount":4},
"models":null,
"defaultModel":null},

(only the CoreData-part, manually formatted)

Again: Opening the App CoreData does not fire any Javascript-event. The registry data is from login.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment