com.atlassian.bitbucket.AuthorisationException: You are not permitted to access this resource

Atlassian JIRA | Gustavo Refosco [Atlassian] | 7 months ago
tip
Your exception is missing from the Samebug knowledge base.
Here are the best solutions we found on the Internet.
Click on the to mark the helpful solution and get rewards for you help.
  1. 0

    h3.Summary A user, who's a reviewer in the pull request and have access to the target repository, isn't able to re-open this pull request after it has been declined, receiving a "User not permitted" exception. h3.Environment *Pull request configuration* * Source: bitbucket483one-userbfork / branch feature1 * Destination: bitbucket483one / branch master * No merge conflict involved *Users* * usera * userb *Repositories involved* * bitbucket483one ** usera is admin. ** userb has write permission. * bitbucket483one-userbfork ** Fork made by userb. Only userb has access h3.Steps to Reproduce # *bitbucket483one* is created and some code is committed to it on *master*. # *userb* forks the repository, creating *bitbucket483one-userbfork*. # *userb* creates the branch *feature1* from *master* on his fork. # *userb* commits a new file to branch *feature1*. # *userb* creates a pull request from *bitbucket483one-userbfork/feature1* to *bitbucket483one/master*, and adds *usera* as a reviewer. # The pull request is declined. # *usera* accessed the pull request and tries to re-open it. h3.Expected Results * The "Re-open" button shouldn't be available to the *usera*, since this user doesn't have the *Read* permission on the source repository. The reason for that is because the branch may have been updated on the source repository, and by reopening it the *usera* would be essentially giving himself access to new changes he doesn't have permission to see. h3.Actual Results * *usera* receives the following message: !usernotpermitted.png|thumbnail! * The below exception is thrown in the atlassian-bitbucket.log file: {noformat} 2016-08-10 19:05:44,507 DEBUG [http-nio-7990-exec-4] usera @666J1x1145x548x0 ujs29w 0:0:0:0:0:0:0:1 "POST /rest/api/latest/projects/PROJ/repos/bitbucket483one/pull-requests/1/reopen HTTP/1.1" c.a.s.i.r.e.ServiceExceptionMapper Mapping ServiceException to REST response 401 com.atlassian.bitbucket.AuthorisationException: You are not permitted to access this resource at com.atlassian.stash.internal.aop.ExceptionRewriteAdvice.afterThrowing(ExceptionRewriteAdvice.java:36) ~[bitbucket-platform-4.8.3.jar:na] at com.atlassian.stash.internal.pull.DefaultPullRequestService.checkRefExistsForReopen(DefaultPullRequestService.java:1130) ~[bitbucket-service-impl-4.8.3.jar:na] at com.atlassian.stash.internal.pull.DefaultPullRequestService.internalReopen(DefaultPullRequestService.java:1384) ~[bitbucket-service-impl-4.8.3.jar:na] at com.atlassian.stash.internal.pull.DefaultPullRequestService.reopen(DefaultPullRequestService.java:756) ~[bitbucket-service-impl-4.8.3.jar:na] at com.atlassian.plugin.util.ContextClassLoaderSettingInvocationHandler.invoke(ContextClassLoaderSettingInvocationHandler.java:26) ~[atlassian-plugins-core-4.1.8.jar:na] at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56) ~[na:na] at org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60) ~[na:na] at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70) ~[na:na] at org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53) ~[na:na] at org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57) ~[na:na] at com.atlassian.stash.internal.rest.pull.PullRequestResource.reopen(PullRequestResource.java:549) ~[bitbucket-rest-4.8.3.jar:na] at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) [applinks-plugin-5.2.2_1469663356000.jar:na] at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) [applinks-plugin-5.2.2_1469663356000.jar:na] at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) [applinks-plugin-5.2.2_1469663356000.jar:na] at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) [applinks-plugin-5.2.2_1469663356000.jar:na] at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24) [applinks-plugin-5.2.2_1469663356000.jar:na] at com.atlassian.plugin.connect.plugin.auth.scope.ApiScopingFilter.doFilter(ApiScopingFilter.java:81) [atlassian-connect-plugin-1.1.86-bitbucket-04.jar:na] at com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:88) [classes/:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:109) [classes/:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75) [classes/:na] at com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:94) [atlassian-trusted-apps-core-4.2.0.jar:na] at com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:67) [atlassian-oauth-service-provider-plugin-2.0.3_1469663358000.jar:na] at com.atlassian.core.filters.ServletContextThreadLocalFilter.doFilter(ServletContextThreadLocalFilter.java:21) [atlassian-core-4.6.19.jar:na] at com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31) [atlassian-core-4.6.19.jar:na] at com.atlassian.plugin.connect.plugin.auth.user.ThreeLeggedAuthFilter.doFilter(ThreeLeggedAuthFilter.java:109) [atlassian-connect-plugin-1.1.86-bitbucket-04.jar:na] at com.atlassian.jwt.internal.servlet.JwtAuthFilter.doFilter(JwtAuthFilter.java:32) [jwt-plugin-1.5.11-0002_1469663358000.jar:na] at com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:38) [analytics-client-5.2.7_1469663356000.jar:na] at com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:39) [analytics-client-5.2.7_1469663356000.jar:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:87) [classes/:na] at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73) [classes/:na] at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:86) ~[bitbucket-service-impl-4.8.3.jar:na] at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38) ~[classes/:na] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) ~[na:1.8.0_74] at java.lang.Thread.run(Thread.java:745) ~[na:1.8.0_74] ... 290 frames trimmed Caused by: org.springframework.security.access.AccessDeniedException: Access is denied at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83) ~[spring-security-core-3.2.7.RELEASE.jar:3.2.7.RELEASE] ... 34 common frames omitted {noformat} h3.Workaround * Give *usera* at least a *Read* permission on the source repository.

    Atlassian JIRA | 7 months ago | Gustavo Refosco [Atlassian]
    com.atlassian.bitbucket.AuthorisationException: You are not permitted to access this resource

    Root Cause Analysis

    1. com.atlassian.bitbucket.AuthorisationException

      You are not permitted to access this resource

      at com.atlassian.stash.internal.aop.ExceptionRewriteAdvice.afterThrowing()
    2. com.atlassian.stash
      DefaultPullRequestService.reopen
      1. com.atlassian.stash.internal.aop.ExceptionRewriteAdvice.afterThrowing(ExceptionRewriteAdvice.java:36)[bitbucket-platform-4.8.3.jar:na]
      2. com.atlassian.stash.internal.pull.DefaultPullRequestService.checkRefExistsForReopen(DefaultPullRequestService.java:1130)[bitbucket-service-impl-4.8.3.jar:na]
      3. com.atlassian.stash.internal.pull.DefaultPullRequestService.internalReopen(DefaultPullRequestService.java:1384)[bitbucket-service-impl-4.8.3.jar:na]
      4. com.atlassian.stash.internal.pull.DefaultPullRequestService.reopen(DefaultPullRequestService.java:756)[bitbucket-service-impl-4.8.3.jar:na]
      4 frames
    3. com.atlassian.plugin
      ContextClassLoaderSettingInvocationHandler.invoke
      1. com.atlassian.plugin.util.ContextClassLoaderSettingInvocationHandler.invoke(ContextClassLoaderSettingInvocationHandler.java:26)[atlassian-plugins-core-4.1.8.jar:na]
      1 frame
    4. org.eclipse.gemini
      LocalBundleContextAdvice.invoke
      1. org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.doInvoke(ServiceInvoker.java:56)[na:na]
      2. org.eclipse.gemini.blueprint.service.importer.support.internal.aop.ServiceInvoker.invoke(ServiceInvoker.java:60)[na:na]
      3. org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invokeUnprivileged(ServiceTCCLInterceptor.java:70)[na:na]
      4. org.eclipse.gemini.blueprint.service.util.internal.aop.ServiceTCCLInterceptor.invoke(ServiceTCCLInterceptor.java:53)[na:na]
      5. org.eclipse.gemini.blueprint.service.importer.support.LocalBundleContextAdvice.invoke(LocalBundleContextAdvice.java:57)[na:na]
      5 frames
    5. com.atlassian.stash
      PullRequestResource.reopen
      1. com.atlassian.stash.internal.rest.pull.PullRequestResource.reopen(PullRequestResource.java:549)[bitbucket-rest-4.8.3.jar:na]
      1 frame
    6. com.atlassian.applinks
      ContextFilter.doFilter
      1. com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)[applinks-plugin-5.2.2_1469663356000.jar:na]
      2. com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)[applinks-plugin-5.2.2_1469663356000.jar:na]
      3. com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)[applinks-plugin-5.2.2_1469663356000.jar:na]
      4. com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)[applinks-plugin-5.2.2_1469663356000.jar:na]
      5. com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:24)[applinks-plugin-5.2.2_1469663356000.jar:na]
      5 frames
    7. com.atlassian.plugin
      ApiScopingFilter.doFilter
      1. com.atlassian.plugin.connect.plugin.auth.scope.ApiScopingFilter.doFilter(ApiScopingFilter.java:81)[atlassian-connect-plugin-1.1.86-bitbucket-04.jar:na]
      1 frame
    8. com.atlassian.stash
      BeforeLoginPluginAuthenticationFilter.doFilter
      1. com.atlassian.stash.internal.spring.security.StashAuthenticationFilter.doFilter(StashAuthenticationFilter.java:88)[classes/:na]
      2. com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doInsideSpringSecurityChain(BeforeLoginPluginAuthenticationFilter.java:109)[classes/:na]
      3. com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:75)[classes/:na]
      3 frames
    9. com.atlassian.security
      TrustedApplicationsFilter.doFilter
      1. com.atlassian.security.auth.trustedapps.filter.TrustedApplicationsFilter.doFilter(TrustedApplicationsFilter.java:94)[atlassian-trusted-apps-core-4.2.0.jar:na]
      1 frame
    10. com.atlassian.oauth
      OAuthFilter.doFilter
      1. com.atlassian.oauth.serviceprovider.internal.servlet.OAuthFilter.doFilter(OAuthFilter.java:67)[atlassian-oauth-service-provider-plugin-2.0.3_1469663358000.jar:na]
      1 frame
    11. com.atlassian.core
      AbstractHttpFilter.doFilter
      1. com.atlassian.core.filters.ServletContextThreadLocalFilter.doFilter(ServletContextThreadLocalFilter.java:21)[atlassian-core-4.6.19.jar:na]
      2. com.atlassian.core.filters.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:31)[atlassian-core-4.6.19.jar:na]
      2 frames
    12. com.atlassian.plugin
      ThreeLeggedAuthFilter.doFilter
      1. com.atlassian.plugin.connect.plugin.auth.user.ThreeLeggedAuthFilter.doFilter(ThreeLeggedAuthFilter.java:109)[atlassian-connect-plugin-1.1.86-bitbucket-04.jar:na]
      1 frame
    13. com.atlassian.jwt
      JwtAuthFilter.doFilter
      1. com.atlassian.jwt.internal.servlet.JwtAuthFilter.doFilter(JwtAuthFilter.java:32)[jwt-plugin-1.5.11-0002_1469663358000.jar:na]
      1 frame
    14. com.atlassian.analytics
      AbstractHttpFilter.doFilter
      1. com.atlassian.analytics.client.filter.DefaultAnalyticsFilter.doFilter(DefaultAnalyticsFilter.java:38)[analytics-client-5.2.7_1469663356000.jar:na]
      2. com.atlassian.analytics.client.filter.AbstractHttpFilter.doFilter(AbstractHttpFilter.java:39)[analytics-client-5.2.7_1469663356000.jar:na]
      2 frames
    15. com.atlassian.stash
      ConfigurableWebFilter.doFilter
      1. com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doBeforeBeforeLoginFilters(BeforeLoginPluginAuthenticationFilter.java:87)[classes/:na]
      2. com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73)[classes/:na]
      3. com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:86)[bitbucket-service-impl-4.8.3.jar:na]
      4. com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38)[classes/:na]
      4 frames
    16. Java RT
      Thread.run
      1. java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)[na:1.8.0_74]
      2. java.lang.Thread.run(Thread.java:745)[na:1.8.0_74]
      2 frames