Getting 401 when creating Crucible Review from REST API

I'm trying to create review from Fiddler composer:

POST http://crucible.dev/rest-service/reviews-v1?FEAUTH=crucible:66:98ed811f41548484bb1f83503c287664 HTTP/1.1
User-Agent: Fiddler
Host: crucible.dev
Content-Length: 393
Content-Type: application/json

{
  "reviewData" : {
    "projectKey" : "CR",
    "name" : "R1234",
    "description" : "Review R1234",
    "author" : {
      "userName" : "someUser"
    },
    "moderator" : {
      "userName" : "someUser"
    },
    "creator" : {
      "userName" : "someUser"
    },
    "state" : "Review",
    "type" : "REVIEW",
    "allowReviewersToJoin" : true
  }  
}

But it returns 401 (see response below). The user "crucible" exists and is admin. Creating review from web UI under this user is ok. The request of all reviews (GET http://crucible.dev/rest-service/reviews-v1?FEAUTH=crucible:66:98ed811f41548484bb1f83503c287664) returns 200 OK and contains all reviews. 

So is create review request correct? Maybe it should use some other auth?

HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Length: 24263
Content-Type: application/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/8.5
Set-Cookie: remember=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;HttpOnly
WWW-Authenticate: OAuth realm="http%3A%2F%2Fcrucible.dev"
WWW-Authenticate: OAuth realm="http%3A%2F%2Fcrucible.dev"
X-UA-Compatible: IE=Edge
X-AUSERNAME: crucible
X-Content-Type-Options: nosniff
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Thu, 25 May 2017 14:24:37 GMT

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><error><code>Authorization</code><message>Crucible unauthorised action.</message><stacktrace>com.atlassian.crucible.spi.services.AuthorizationException: Crucible unauthorised action.
	at com.cenqua.crucible.model.managers.impl.DefaultReviewManager.changeState(DefaultReviewManager.java:1000)
	....
at java.lang.Thread.run(Thread.java:679) </stacktrace></error>

 

1 answer

1 accepted

This widget could not be displayed.

After some expirements I've found out that "creator" should be same as authenticated user.

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted 5 hours ago in Featured Groups

Hi! I'm Cameron Deatsch, Head of Server at Atlassian and I'm hosting an AMA next week.

Hey team! I'm Cameron Deatsch, Head of Server at Atlassian. I'll be hosting an AMA over in our Questions section of the Community next Monday, so shoot me your questions, upvote others' question...

25 views 0 2
View post

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you