Hi devs,
I’m having issues with access to a namespace in api/dataStore on 2.24. It works for superusers, but not with a “regular” user with access to the app that defines the namespace.
a user role giving access to this app, which from what I understand should also give access to the namespace defined/reserved by that app??
However, when trying to access the dataStore with a non-superuser, I get a 403 Forbidden response:
message: “The namespace ‘dataQualityTool’ is protected, and you don’t have the right authority to access it.”
Am I missing or misunderstanding something here? The same setup works on 2.23 on a different database, so I’m not sure if it’s a bug that it works in 2.23, that it does not work in 2.24, or if there is an intentional change from 23 to 24…
Hi devs,
I’m having issues with access to a namespace in api/dataStore on 2.24. It works for superusers, but not with a “regular” user with access to the app that defines the namespace.
a user role giving access to this app, which from what I understand should also give access to the namespace defined/reserved by that app??
However, when trying to access the dataStore with a non-superuser, I get a 403 Forbidden response:
message: “The namespace ‘dataQualityTool’ is protected, and you don’t have the right authority to access it.”
Am I missing or misunderstanding something here? The same setup works on 2.23 on a different database, so I’m not sure if it’s a bug that it works in 2.23, that it does not work in 2.24, or if there is an intentional change from 23 to 24…
Hi devs,
I’m having issues with access to a namespace in api/dataStore on 2.24. It works for superusers, but not with a “regular” user with access to the app that defines the namespace.
a user role giving access to this app, which from what I understand should also give access to the namespace defined/reserved by that app??
However, when trying to access the dataStore with a non-superuser, I get a 403 Forbidden response:
message: “The namespace ‘dataQualityTool’ is protected, and you don’t have the right authority to access it.”
Am I missing or misunderstanding something here? The same setup works on 2.23 on a different database, so I’m not sure if it’s a bug that it works in 2.23, that it does not work in 2.24, or if there is an intentional change from 23 to 24…
There seems to be no meaningful changes (that I can find, at least) for this between 2.23 and 2.24, so the difference is most likely down to a difference between the two databases. Did you try the ‘working’ DB on 2.24?
Also copying in Stian, who is more familiar with the
Hi devs,
I’m having issues with access to a namespace in api/dataStore on 2.24. It works for superusers, but not with a “regular” user with access to the app that defines the namespace.
a user role giving access to this app, which from what I understand should also give access to the namespace defined/reserved by that app??
However, when trying to access the dataStore with a non-superuser, I get a 403 Forbidden response:
message: “The namespace ‘dataQualityTool’ is protected, and you don’t have the right authority to access it.”
Am I missing or misunderstanding something here? The same setup works on 2.23 on a different database, so I’m not sure if it’s a bug that it works in 2.23, that it does not work in 2.24, or if there is an intentional change from 23 to 24…
Also, what is the exact name of the “See …” authority in the system?
···
On Fri, Aug 12, 2016 at 10:44 AM, Halvdan Hoem Grelland halvdan@dhis2.org wrote:
Hi again (and sorry for the late reply).
There seems to be no meaningful changes (that I can find, at least) for this between 2.23 and 2.24, so the difference is most likely down to a difference between the two databases. Did you try the ‘working’ DB on 2.24?
Also copying in Stian, who is more familiar with the
Hi devs,
I’m having issues with access to a namespace in api/dataStore on 2.24. It works for superusers, but not with a “regular” user with access to the app that defines the namespace.
a user role giving access to this app, which from what I understand should also give access to the namespace defined/reserved by that app??
However, when trying to access the dataStore with a non-superuser, I get a 403 Forbidden response:
message: “The namespace ‘dataQualityTool’ is protected, and you don’t have the right authority to access it.”
Am I missing or misunderstanding something here? The same setup works on 2.23 on a different database, so I’m not sure if it’s a bug that it works in 2.23, that it does not work in 2.24, or if there is an intentional change from 23 to 24…
So the reason you are getting the 403 error is because you don’t have access to the namespace according to the system.
The way namespace access is checked is as follows:
No app has reserved the namespace: you have access
An app has reserved the namespace, and the user has at least one of the authorities required( as listed by Halvdan): you have access
So most likely there is a problem concerning the naming related to the app, namespace or authorities, so be sure to double and triple check this.
There is another internal check as well that might trigger, but it seems unlikely:
Logged in user does no exist (You are not logged in, or there is some problem elsewhere)
Your user does not have credentials (Probably a problem elsewhere in the system)
The app does not exists (but we know it does)
The app does not have a name
Another thing you can test is that you can access the app itself with the problem user. If this works, let me know.
···
On Fri, Aug 12, 2016 at 10:44 AM, Halvdan Hoem Grelland halvdan@dhis2.org wrote:
Hi again (and sorry for the late reply).
There seems to be no meaningful changes (that I can find, at least) for this between 2.23 and 2.24, so the difference is most likely down to a difference between the two databases. Did you try the ‘working’ DB on 2.24?
Also copying in Stian, who is more familiar with the
Hi devs,
I’m having issues with access to a namespace in api/dataStore on 2.24. It works for superusers, but not with a “regular” user with access to the app that defines the namespace.
a user role giving access to this app, which from what I understand should also give access to the namespace defined/reserved by that app??
However, when trying to access the dataStore with a non-superuser, I get a 403 Forbidden response:
message: “The namespace ‘dataQualityTool’ is protected, and you don’t have the right authority to access it.”
Am I missing or misunderstanding something here? The same setup works on 2.23 on a different database, so I’m not sure if it’s a bug that it works in 2.23, that it does not work in 2.24, or if there is an intentional change from 23 to 24…