Assessors not showing during assessment creation

Question

Assessors not showing during assessment creation

eduardoestevao opened this issue 9 months ago · 19 comments

Hi,

I am using version 1.1.25 , self hosted.

When I try to create an assessment it does not show any assessor, so I am unable to save the assessment.
I have an admin user and another user which is an assessor.

Any tips or help?

Answer 1 · 2024-02-15T18:59:56.000Z

Have you selected dates yet? It searches to see who is free at the times you specify.

Answer 2 · 2024-02-19T07:24:19.000Z

I am experiencing the same problem. Cannot create a first assessment and do not have any OOO planned. Created a new user, same issue remains.

Answer 3 · 2024-02-19T11:05:57.000Z

Have you selected dates yet? It searches to see who is free at the times you specify.

Yes, I selected different dates for 2 different users. No one is OOO.

Answer 4 · 2024-02-19T15:29:29.000Z

@eduardoestevao @Wvdhouven do all users have the 'assessor' permission?

Answer 5 · 2024-02-19T15:32:32.000Z

Yes, all users in my case have assessor permissions (checked this on mongodb as well).

Answer 6 · 2024-02-19T16:11:40.000Z

Oh! .. Your user is "inActive". Disable that setting and it should work.

@Wvdhouven is this the same problem you have?

Answer 7 · 2024-02-19T16:12:17.000Z

Once thats set correctly you should see this:

Answer 8 · 2024-02-19T16:20:44.000Z

Disabled (screenshot attached), but still same thing:

Answer 9 · 2024-02-19T21:31:23.000Z

Are your assessors on the 'Hacking Team'? You may need to select a different team when scheduling.

Answer 10 · 2024-02-26T11:54:57.000Z

They are in the 'Hacking team' and I selected the right team

Answer 11 · 2024-02-26T18:15:57.000Z

@eduardoestevao Can you check the browser console to see if there is an error? Also,can you check if one of the XHR requests to /portal/Engagement is returning an error or stack trace on this page.

I've so far been unable to reproduce so there must be something I'm missing.

Answer 12 · 2024-02-28T17:40:36.000Z

Hi,
Also noticed the same issue, i have users that work ok and others that sometimes the POST request to portal/Engagement return 500, or return 200 but the server response is 500 error with a stack trace.

An example stack trace of one of these requests:
No result defined for action com.fuse.actions.scheduling.Engagement and result input at com.opensymphony.xwork2.DefaultActionInvocation.executeResult(DefaultActionInvocation.java:378) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:279) at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:263) at org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:49) at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:99) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.doIntercept(ConversionErrorInterceptor.java:142) at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:99) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:140) at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:99) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:140) at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:99) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.intercept(StaticParametersInterceptor.java:201) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at org.apache.struts2.interceptor.MultiselectInterceptor.intercept(MultiselectInterceptor.java:67) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at org.apache.struts2.interceptor.DateTextFieldInterceptor.intercept(DateTextFieldInterceptor.java:133) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at org.apache.struts2.interceptor.CheckboxInterceptor.intercept(CheckboxInterceptor.java:89) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at org.apache.struts2.interceptor.FileUploadInterceptor.intercept(FileUploadInterceptor.java:243) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor.intercept(ModelDrivenInterceptor.java:101) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.ScopedModelDrivenInterceptor.intercept(ScopedModelDrivenInterceptor.java:142) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(ChainingInterceptor.java:160) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.PrepareInterceptor.doIntercept(PrepareInterceptor.java:175) at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:99) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at org.apache.struts2.interceptor.I18nInterceptor.intercept(I18nInterceptor.java:121) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at org.apache.struts2.interceptor.ServletConfigInterceptor.intercept(ServletConfigInterceptor.java:167) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.AliasInterceptor.intercept(AliasInterceptor.java:228) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor.intercept(ExceptionMappingInterceptor.java:196) at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:249) at org.apache.struts2.factory.StrutsActionProxy.execute(StrutsActionProxy.java:48) at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:574) at org.apache.struts2.dispatcher.ExecuteOperations.executeAction(ExecuteOperations.java:79) at org.apache.struts2.dispatcher.filter.StrutsPrepareAndExecuteFilter.doFilter(StrutsPrepareAndExecuteFilter.java:141) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:670) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:346) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52) at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63) at java.base/java.lang.Thread.run(Unknown Source)

All users have the same permissions setup.

Answer 13 · 2024-03-03T19:22:10.000Z

Would it be possible for you to generate this error again and send me a har file from your browser. You can send it to develop [at] factionsecurity [dot] com. I'm still unable to generate the error. 😩

Answer 14 · 2024-03-26T23:15:58.000Z

Same problem on Version 1.2.0.
Assessors are visible only when connecting via browser from the Faction server itself. Not from remote hosts.

Answer 15 · 2024-03-26T23:29:40.000Z

@cv3tomuzika would it be possible to send me a HAR file of this happening (email me at develop [at] factionsecurity [dot] com.)
I've tried several configurations and have been unable to recreate this issue. I really want to figure out why it happens in some instances and not in others.

Answer 16 · 2024-03-27T00:29:47.000Z

@summitt Done. I tried deploying on different virtualisations, including those without docker containers. The problem persists.

Answer 17 · 2024-03-27T01:58:52.000Z

thanks @cv3tomuzika . I'm able to recreate it now. It's an issue with the Accept-Language header. Working on a fix now. This issue seems systemic throughout the app.

Answer 18 · 2024-03-27T02:50:11.000Z

@cv3tomuzika @n13c @Wvdhouven @eduardoestevao I've created release 1.2.1 that i hope will mitigate this issue. Let me know if the problem persists.

Answer 19 · 2024-03-27T08:44:27.000Z

@summitt Thanks for the quick response. At first glance everything seems to be working.