Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

500 error on unauthenticated HTTP GET to nested workflow endpoint #7243

Closed
jakemcdermott opened this issue Jun 3, 2020 · 3 comments
Closed

500 error on unauthenticated HTTP GET to nested workflow endpoint #7243

jakemcdermott opened this issue Jun 3, 2020 · 3 comments
Assignees
@kdelee
Labels
component:api type:bug

Comments

@jakemcdermott
Copy link
Contributor

jakemcdermott commented Jun 3, 2020
edited
Loading

ISSUE TYPE
  • Bug Report
SUMMARY

Not a huge deal, just something I noticed while debugging some unrelated test failures: If you make a GET request to api/v2/workflow_job_template_nodes/n/create_approval_template/ when unauthenticated, you'll get a 500 instead of a 401. It seems to work fine if you're logged in.

STEPS TO REPRODUCE
  • make a workflow with nodes
  • log out
  • open browser dev tools and network tab
  • visit api/v2/workflow_job_template_nodes/n/create_approval_template/ in api browser
EXPECTED RESULTS

401

ACTUAL RESULTS

500

ADDITIONAL INFORMATION

Screenshot from 2020-06-03 19-11-23
@jakemcdermott jakemcdermott changed the title 500 error on unauthenticated HTTP GET to nested workflow endpoint 500 error on unauthenticated visit to nested workflow endpoint in api browser Jun 3, 2020
@jakemcdermott jakemcdermott changed the title 500 error on unauthenticated visit to nested workflow endpoint in api browser 500 error on unauthenticated HTTP GET to nested workflow endpoint Jun 3, 2020
@wenottingham
Copy link
Contributor

Can you grab the server error from the logs?

@jakemcdermott
Copy link
Contributor Author 

    self.raise_uncaught_exception(exc)
  File "/var/lib/awx/venv/awx/lib64/python3.6/site-packages/rest_framework/views.py", line 476, in raise_uncaught_exception
    raise exc
  File "/var/lib/awx/venv/awx/lib64/python3.6/site-packages/rest_framework/views.py", line 493, in dispatch
    self.initial(request, *args, **kwargs)
  File "/var/lib/awx/venv/awx/lib64/python3.6/site-packages/rest_framework/views.py", line 411, in initial
    self.check_permissions(request)
  File "/var/lib/awx/venv/awx/lib64/python3.6/site-packages/awx/api/views/__init__.py", line 3076, in check_permissions
    if not request.user.can_access(models.WorkflowJobTemplate, 'read', obj):
AttributeError: 'AnonymousUser' object has no attribute 'can_access'

ryanpetrello added a commit to ryanpetrello/awx that referenced this issue Mar 26, 2021
@ryanpetrello
fix an HTTP 500 error for unauthenticated users
6062d1e 
see: ansible#7243
@ryanpetrello ryanpetrello mentioned this issue Mar 26, 2021
Merged
softwarefactory-project-zuul bot added a commit that referenced this issue Mar 27, 2021
@softwarefactory-project-zuul
Merge pull request #9725 from ryanpetrello/500-unauth-wf-approval
ba2fd6f 
fix an HTTP 500 error for unauthenticated users

see: #7243

Reviewed-by: Jake McDermott <yo@jakemcdermott.me>
@masbahnana masbahnana self-assigned this Apr 9, 2021
@kdelee
Copy link
Member

kdelee commented May 27, 2021

We now correctly get a 401, closing as verified

@kdelee kdelee closed this as completed May 27, 2021
@kdelee kdelee assigned kdelee and unassigned masbahnana May 27, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kdelee kdelee

Labels
component:api type:bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ryanpetrello @wenottingham @jakemcdermott @kdelee @masbahnana