Project

General

Profile

Bug #2275

Api V2: you do not have persmission

Added by Ivan Necas about 6 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
API
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

curl -k -u admin:changeme https://localhost/foreman/api/config_templates/4/ -X PUT -H 'Accept: version=2' -H 'Content-Type: application/json' \
-d '{"config_template":{"operatingsystem_ids":[1]}}'

{
  "config_template": {
    "errors": {
      "base": [
        "You do not have permission to edit this template" 
      ]
    },
    "id": 4,
    "full_messages": [
      "You do not have permission to edit this template" 
    ]
  }
}

Associated revisions

Revision 866face2 (diff)
Added by Ivan Necas about 6 years ago

fixes #2275 - include ThreadSession::Cleaner only once

Foreman::ThreadSession::Cleaner was included in Taxonomy concern,
which postponed the session clearing (that should be the first thing
to happen in filters) to phase after :authorize filter, effectively
discarding the login information leading to permission denied.

History

#1 Updated by Ivan Necas about 6 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

#2 Updated by Ohad Levy about 6 years ago

  • Category set to API
  • Target version set to 1.2.0

Also available in: Atom PDF