Greetings,
I am trying to programmatically create a repository along with certain permissions.
Using the 1.0 API (locally hosted server) I always get a 401 - You are not authorized to access this resource.
I am an admin on the project, and I created the repo. However, when I try to add a group via the API, I am presented with the unauthorized access error message.
The call looks like this:
PUT /rest/api/1.0/projects/project_name/repos/repo_name/permissions/groups?permission=REPO_ADMIN&name=Bitbucket%20Admins
To test that the API works for me, I manually added the group through the web interface. I am a member of the group.
Then I added another group (through the web interface) with REPO_WRITE and REPO_READ.
I attempted to revoke those permissions:
DELETE /rest/api/1.0/projects/project_name/repos/repo_name/permissions/groups?name=Bitbucket%20Users
With this I also get 401 - You are not authorized to access this resource.
I've read the API documentation and I should meet the requirements to do both of these actions.
for PUT:
"The authenticated user must have REPO_ADMIN permission for the specified repository or a higher project or global permission to call this resource. In addition, a user may not demote a group's permission level if their own permission level would be reduced as a result." I am a PROJECT_ADMIN.
for DELETE:
"The authenticated user must have REPO_ADMIN permission for the specified repository or a higher project or global permission to call this resource.
In addition, a user may not revoke a group's permissions if it will reduce their own permission level."
Since I added myself to the repo, I am REPO_ADMIN.
Well, I can't delete my post. But I solved this and it was completely stupid. Since I was doing this programmatically (through pycurl) I neglected to copy the authorization function to execute. So, yeah. 401 makes sense. :|
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.