Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Incorrect API error response when forbidden #10340

Open
qqmyers opened this issue Feb 23, 2024 · 1 comment · May be fixed by #11116
Open

Incorrect API error response when forbidden #10340

qqmyers opened this issue Feb 23, 2024 · 1 comment · May be fixed by #11116
Labels
Feature: API FY25 Sprint 12 FY25 Sprint 12 (2024-12-04 - 2024-12-18) Help Wanted: Code Size: 10 A percentage of a sprint. 7 hours. Type: Bug a defect

Comments

@qqmyers
Copy link
Member

qqmyers commented Feb 23, 2024

What steps does it take to reproduce the issue? Discovered in code review of #10299:
https://github.com/IQSS/dataverse/blob/develop/src/main/java/edu/harvard/iq/dataverse/api/AbstractApiBean.java#L604 and probably

protected Response permissionError( String message ) {
result in 401/Unauthorized error codes rather than (the correct) 403/Forbidden.

  • When does this issue occur?
    ~Any API call resulting in a PermissionException in the underlying command when the user does not have sufficient permission.

Which version of Dataverse are you using?
v6.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature: API FY25 Sprint 12 FY25 Sprint 12 (2024-12-04 - 2024-12-18) Help Wanted: Code Size: 10 A percentage of a sprint. 7 hours. Type: Bug a defect
Projects
Status: Done 🧹
Status: 🔍 Interest
3 participants