Getting 401 when creating Crucible Review from REST API

A P May 25, 2017

I'm trying to create review from Fiddler composer:

POST http://crucible.dev/rest-service/reviews-v1?FEAUTH=crucible:66:98ed811f41548484bb1f83503c287664 HTTP/1.1
User-Agent: Fiddler
Host: crucible.dev
Content-Length: 393
Content-Type: application/json

{
  "reviewData" : {
    "projectKey" : "CR",
    "name" : "R1234",
    "description" : "Review R1234",
    "author" : {
      "userName" : "someUser"
    },
    "moderator" : {
      "userName" : "someUser"
    },
    "creator" : {
      "userName" : "someUser"
    },
    "state" : "Review",
    "type" : "REVIEW",
    "allowReviewersToJoin" : true
  }  
}

But it returns 401 (see response below). The user "crucible" exists and is admin. Creating review from web UI under this user is ok. The request of all reviews (GET http://crucible.dev/rest-service/reviews-v1?FEAUTH=crucible:66:98ed811f41548484bb1f83503c287664) returns 200 OK and contains all reviews. 

So is create review request correct? Maybe it should use some other auth?

HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Length: 24263
Content-Type: application/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/8.5
Set-Cookie: remember=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;HttpOnly
WWW-Authenticate: OAuth realm="http%3A%2F%2Fcrucible.dev"
WWW-Authenticate: OAuth realm="http%3A%2F%2Fcrucible.dev"
X-UA-Compatible: IE=Edge
X-AUSERNAME: crucible
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Thu, 25 May 2017 14:24:37 GMT

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><code>Authorization</code><message>Crucible unauthorised action.</message><stacktrace>com.atlassian.crucible.spi.services.AuthorizationException: Crucible unauthorised action.
	at com.cenqua.crucible.model.managers.impl.DefaultReviewManager.changeState(DefaultReviewManager.java:1000)
	....
at java.lang.Thread.run(Thread.java:679) </stacktrace></error>

 

1 answer

1 accepted

0 votes
Answer accepted
A P May 26, 2017

After some expirements I've found out that "creator" should be same as authenticated user.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events