XNAT1.6 Bug Report: Cannot Create Subject and Experiment as a Member of the Given Project

[chen yang]

Test environment: XNAT1.6 Workshop virtual machine

Here are the steps to reproduce the bug: 

1. hg pull -u

2. rebuild.sh 

3. go to http:\\localhost:8080/xnat, login as admin

4. create a project called test_001

5. add a new user called tester

6. select enabled  for user tester

7. add tester as a member to project test_001, then submit

8. su tester

9. no subject and MR session option in the main_nav menu

10. In the Actions box, click add -> subject 

11. Fill the forms and submit to create a new subject

12. The error messages is "Invalid create permissions for this item."

13. If you try to create add->MR session for existing subject, it will return the following error message "This user has insufficient privileges for the data type 'xnat:mrSessionData'".

logs: 

 application.log is empty. 

 turbine.log: 

2012-08-07 09:41:14,460 [http-8080-1] ERROR org.apache.turbine.services.velocity.TurbineVelocityService - Class java.util.ArrayList.get threw Exception

java.lang.IndexOutOfBoundsException: Index: 0, Size: 0

        at java.util.ArrayList.rangeCheck(ArrayList.java:571)

        at java.util.ArrayList.get(ArrayList.java:349)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:616)

        at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:260)

        at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:207)

        at org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:357)

        at org.apache.velocity.runtime.parser.node.ASTSetDirective.render(ASTSetDirective.java:135)

        at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:271)

        at org.apache.velocity.Template.merge(Template.java:296)

        at org.apache.velocity.app.Velocity.mergeTemplate(Velocity.java:492)

        at org.apache.velocity.app.Velocity.mergeTemplate(Velocity.java:461)

        at org.apache.turbine.services.velocity.TurbineVelocityService.executeRequest(TurbineVelocityService.java:415)

        at org.apache.turbine.services.velocity.TurbineVelocityService.handleRequest(TurbineVelocityService.java:281)

        at org.apache.turbine.services.velocity.TurbineVelocity.handleRequest(TurbineVelocity.java:71)

        at org.apache.turbine.modules.screens.VelocityScreen.buildTemplate(VelocityScreen.java:119)

        at org.apache.turbine.modules.screens.TemplateScreen.doBuild(TemplateScreen.java:101)

        at org.apache.turbine.modules.Screen.build(Screen.java:57)

        at org.apache.turbine.modules.ScreenLoader.eval(ScreenLoader.java:104)

        at org.apache.turbine.modules.layouts.VelocityOnlyLayout.doBuild(VelocityOnlyLayout.java:92)

        at org.apache.turbine.modules.Layout.build(Layout.java:53)

        at org.apache.turbine.modules.LayoutLoader.exec(LayoutLoader.java:98)

        at org.apache.turbine.modules.pages.DefaultPage.doBuild(DefaultPage.java:146)

        at org.apache.turbine.modules.Page.build(Page.java:53)

        at org.apache.turbine.modules.PageLoader.exec(PageLoader.java:98)

        at org.apache.turbine.Turbine.doGet(Turbine.java:751)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)

        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)

        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)

        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

        at org.nrg.xnat.restlet.util.UpdateExpirationCookie.doFilter(UpdateExpirationCookie.java:101)

        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)

        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:368)

        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)

        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)

        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)

        at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)

        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)

        at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)

        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)

        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)

        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)

        at org.nrg.xnat.security.XnatArcSpecFilter.doFilter(XnatArcSpecFilter.java:35)

        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:380)

        more.....

 

 

[Haas, Evan]

Hi Chen,

 

Thanks for reporting this; I was able to reproduce this locally.  I’ve added it to our TODO list for 1.6.1.

 

Evan

--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To view this discussion on the web visit https://groups.google.com/d/msg/xnat_discussion/-/ypMqg7JI7UsJ.
To post to this group, send email to xnat_di...@googlegroups.com.
To unsubscribe from this group, send email to xnat_discussi...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/xnat_discussion?hl=en.

---

The material in this message is private and may contain Protected Healthcare Information (PHI). If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.