Comments (8)
Hi,
What version of the software are you using?
from business-api-ecosystem.
Hi Francisco, the version is 5.4.1 from docker repository https://hub.docker.com/r/fiware/business-api-ecosystem/
from business-api-ecosystem.
i've try, using the Api Specification, to send a POST request to http://*******/DSProductCatalog/api/catalogManagement/v2/catalog for creating a catalog with Authorization Bearer 6bmadN3CyOoHEgNpQ06VRMhp
and the response is:
Status: 403 Forbidden
{
"error": "You are not authorized to create resources"
}
from business-api-ecosystem.
Can you try to update the software and tell me if the problem persist?
from business-api-ecosystem.
Hi Francisco.
In our production system, we make a new installation of the Business Apy Ecosystem (v.6.4) GE. This installation is under a docker container, and uses a private installation of Identity Manager GE. The problem is the same: [response in firebug] {"error":"The user making the request and the specified owner are not the same user"}
The error code is 403 Forbidden,when a user logged in with right credentials try to create his own catalogue.
Is there any other configurations in docker installation of the Business Apy Ecosystem that we haven't considered ?
from business-api-ecosystem.
Hi,
If you are using the provided docker container there is an additional setting to be included in the config.js file:
config.extPort
This setting should include the port where the software is running in the host machine. This is used in order to prevent a mismatch between the computed and the real HREF used to access user information.
If there is a mismatch, the BAE shows that error
If you have made you own deployment of the BAE within a docker container, then you have to ensure that the internal and host ports match.
from business-api-ecosystem.
Hi Francisco, we fixed the issue in file tmfUtils.js, folder /business-ecosystem-logic-proxy/lib/.
The exports.hasPartyRole function had this comment:
** // FIXME: Maybe only the pathname should be compared!!**
This is our fix:
`/**
- Checks if the
user
of areq
has the givenrole
in the givenpartyList
. If role
is null, the method will check that the user is included in thepartyList
.- @param {Object} req Object with the request. It must include an object with the
user
, asecure
boolean that specifies whether the request is secure and a string- with the
hostname
.secure
andhostname
are required to check thehref
field - of the involved parties.
- @param {Array.} partyList
- @param {String} roleName The role to be checked. If null, the method will check that
- the user is included in the
partyList
. - @return {boolean}
-
- If role included: true if the user is included in the
partyList
with the
- If role included: true if the user is included in the
- specified
role
. False otherwise. -
- If role not included: true if the user is included in the
partyList
.
- If role not included: true if the user is included in the
- False otherwise.
*/
exports.cutURL = function (uri)
{
var n = uri.indexOf("/", 8);
var res = uri.substr(n+1);
return res;
}
exports.hasPartyRole = function (req, partyList, roleName) {
var self = this;
var user = (req.user) ? req.user.id : undefined;
return req.user != null && partyList.some(function (party) {
// FIXME: Maybe only the pathname should be compared!!
var expectedHref = self.cutURL(normalize(self.getIndividualURL(req, user)));
var retrievedHref = self.cutURL(normalize(normalize(party.href)));
return party.id === user && retrievedHref === expectedHref &&
(roleName ? party.role.toLowerCase() === roleName.toLowerCase() : true);
});
};
`
we hope it will be useful to someone else with the same problem.
from business-api-ecosystem.
Thank you very much. It was helpful. :) happy new year~
from business-api-ecosystem.
Related Issues (20)
- How to assign the seller role? HOT 2
- Fiware BAE with IdM docker installations HOT 9
- Failed to retrieve charge periods AND Failed to retrieve currency codes starting business-ecosystem-logic-proxy HOT 6
- Create an "admin" user HOT 2
- The server has failed validating the product specification HOT 1
- CKAN_dataset plugin problem in "on_post_product_spec_validation" method HOT 9
- Logout functionality does not work properly
- Acquire dataset from CKAN + BIZ HOT 13
- [SHOULD] Double tag FIWARE Release HOT 4
- [SHOULD] Repo URL link HOT 2
- [SHOULD] run tests on CI HOT 2
- [MUST] Credits are missing HOT 2
- [SHOULD] Every GE should have tutorial information
- Redeploy fiware-rss/target/DSRevenueSharing.war Fails HOT 9
- An unexpected error in the RSS API prevented your request to be processed HOT 5
- The offering could not be published: Store: Resource matching query does not exist.
- Elasticsearch ERROR while deploying docker-compose file HOT 3
- Extension for data sources offering
- Market place unstable and degrades after some time HOT 3
- Internal Server Error: /charging/api/orderManagement/orders HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from business-api-ecosystem.