DaanHoogland opened a new issue #3625: ui allows disabled API call and then ends session URL: https://github.com/apache/cloudstack/issues/3625 <!-- Verify first that your issue/request is not already reported on GitHub. Also test if the latest release and master branch are affected too. Always add information AFTER of these HTML comments, but no need to delete the comments. --> In 4.9 a user that did a call that was not allowed from the UI would get a permission denied error in the console. With 4.11.2 a 401 is thrown and the seeion is ended ##### ISSUE TYPE <!-- Pick one below and delete the rest --> * Bug Report ##### COMPONENT NAME <!-- Categorize the issue, e.g. API, VR, VPN, UI, etc. --> ~~~ UI, API ~~~ ##### CLOUDSTACK VERSION <!-- New line separated list of affected versions, commit ID for issues on master branch. --> ~~~ 4.11.2.0, others to be tested ~~~ ##### CONFIGURATION <!-- Information about the configuration if relevant, e.g. basic network, advanced networking, etc. N/A otherwise --> N/A ##### OS / ENVIRONMENT <!-- Information about the environment if relevant, N/A otherwise --> N/A ##### SUMMARY <!-- Explain the problem/feature briefly --> when creating special permissions for a role a user would expect to get a comprehensible error message if he tries to call an API that is DENY'd them. Using cloudmonkey (after sync) the API will not be available. Before sync'ing the call results in "Error: (HTTP 401, error code <nil>) unable to verify user credentials and/or request signature" ##### STEPS TO REPRODUCE <!-- For bugs, show exactly how to reproduce the problem, using a minimal test-case. Use Screenshots if accurate. For new features, show how the feature would be used. --> <!-- Paste example playbooks or commands between quotes below --> ~~~ for instance: - login as an admin, - set the rule for domainAdmin of disableUser to permission == DENY - log on as a domain admin and try to disable a user. ~~~ <!-- You can also paste gist.github.com links for larger files --> ##### EXPECTED RESULTS <!-- What did you expect to happen when running the steps above? --> ~~~ an error message specifying that the cll is not allowed. ~~~ ##### ACTUAL RESULTS <!-- What actually happened? --> <!-- Paste verbatim command output between quotes below --> ~~~ a session reset without clear reason. ~~~
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
